System Management–System Configuration–Node Management–Configure Clouds–Configure Cluster
Kubernetes
- Name: kubernetes-prod
- Kubernetes address: https://kubernetes.default.svc.cluster.local
- Use Jenkins Proxy: unchecked
- Kubernetes service certificate key: empty
- Disable HTTPS certificate checking: Unchecked
- Kubernetes namespace: empty
- Credentials: None
- WebSocket: Unchecked
- Direct Connection: unchecked
- Jenkins address: http://jenkins.dayi-devops.svc.cluster.local:8080/jenkins
- Jenkins channel: empty
- Connection Timeout: 30
- Read Timeout: 60
- Number of Containers: 20
- Pod Labels:
- Pod Labels:
- key: jenkins
- Value: jnlp
- Maximum number of connections to the Kubernetes API: 32
- Seconds to wait for pods to be running: 600
- Pod Labels:
- Pod Templates
- Pod Templates
- Name: jnlp-slave
- Namespace: prod
- List of tags: jnlp-slave
- Usage: only allow jobs bound to this machine to run
- Parent’s Pod Template Name: empty
- Pod Templates
- container list
- Container Template
- Name: jnlp
- Docker image: wanyan.cn-hangzhou.cr.aliyuncs.com/yyh-prod/jenkins-jnlp:v2
- Always pull images: unchecked
- Working directory: /home/jenkins
- Command to run: jenkins-agent
- Command parameters: empty
- Assign Pseudo-Terminal: Checked
- Environment Variables: (the default configuration does not operate)
- environment variable
- Volume (Host Path Volume)
- Host path: /var/run/docker.sock
- Mount path: /var/run/docker.sock
- Host Path Volume
- Host path: /usr/bin/docker
- Mount path: /usr/bin/docker
- Host Path Volume
- Host path: /etc/localtime
- Mount path: /etc/localtime
- Persistent Volume Claim
- Declaration value: webapps-data
- Read-only: unchecked
- Mount path: /data/webapps
- Notes
- Concurrency Limit: empty
- Pod Retention: Default
- Agent’s idle survival time (minutes): empty
- Pod Lifetime (seconds): Empty
- Timeout (seconds) to connect to Jenkins: 1000
- Raw YAML for the Pod: empty
- Yaml merge strategy: Override
- Show raw yaml in console: check
- Volume (Host Path Volume)
- Pull the Secret of the mirror
- Image Pull Secret
- Name: aliregistry-secret
- Service Account: jenkins-prod
- Run As User ID: 0 (started by root user)
- Run As Group ID: empty
- Supplemental Groups: empty
- Host Network: Unchecked
- node selector: empty
- Workspace Volume: Persistent Volume Claim Workspace Volume
- Declaration value: jenkins-jnlp-local
- Read-only: unchecked
- node properties
- Tool location: unchecked
- Image Pull Secret
- Container Template
Jenkins front-end application configuration
- Parametric build process
- Git parameters
- Name: Branch
- Description: Select the branch for the release
- Argument type: branch or label
- Default: master
- option parameter
- Name: Namespace
- option: prod
- Description: Select a publishing environment
- option parameter
- Name: deploy_env
- option: deploy
- Description: deploy releases new code
- Git parameters
Pipeline script
script
// item // Need to modify the directory where the front-end project is deployed def project_webdir = "channelcenter" // Need to modify the git address of the corresponding service def git_address = "http://gitlab.wanyan.com/web/channel-center-web.git" // authentication def git_auth = "gitlab-creds" //git login auth pipeline { agent { label 'jnlp-slave' } parameters { gitParameter branch: '', branchFilter: '.*', defaultValue: 'master', description: 'Select branch for release', name: 'Branch', quickFilterEnabled: false, selectedValue: 'NONE', sortMode: 'NONE', tagFilter: '*', type: 'PT_BRANCH_TAG' //PT_BRANCH_TAG gets branch and TAG //gitParameter branch: '', branchFilter: '.*', defaultValue: 'master', description: 'select the branch to publish', name: 'Branch', quickFilterEnabled: false, selectedValue: 'NONE', sortMode: 'NONE', tagFilter: '*', type: 'PT_BRANCH' //PT_BRANCH only gets branches choice (choices: ['prod'], description: 'select the publishing environment', name: 'Namespace') choice choices: ['deploy'], description: '''deploy release new code''', name: 'deploy_env' } stages { stage('Pull code'){ steps { //build quietPeriod: 3, job: 'yyh_devops' checkout([$class: 'GitSCM', branches: [[name: "${params.Branch}"]], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]] ]) } } stage('code compilation'){ when { environment name: 'deploy_env', value: 'deploy' } steps { sh """ cnpm install --unsafe-perm --registry=https://registry.npm.taobao.org cnpm run build:prod pwd """ } } stage('deployment') { when { environment name: 'deploy_env', value: 'deploy' } steps { sh """ rsync -avz --delete dist/ /data/webapps/${project_webdir} pwd """ } } } }
Jenkins backend application configuration
- Parametric build process
- Git parameters
- Name: Branch
- Description: Select the branch for the release
- Argument type: branch or label
- Default: master
- option parameter
- Name: Namespace
- option: prod
- Description: Select a publishing environment
- option parameter
- Name: deploy_env
- Options: deploy or rollback
- Description: deploy releases new code rollback rollback
- character parameter
- Name: version
- Default: 0
- Description: Select rollback version number
- Clear blank characters: Unchecked
- Git parameters
Pipeline script
pipeline { agent { label 'jnlp-slave' } environment { // public registry = "wanyan.cn-hangzhou.cr.aliyuncs.com" // project project = "yyh-prod" app_name = "${JOB_NAME}" workdir = "/home/dayiops/${JOB_NAME}" image_name = "${registry}/${project}/${app_name}:${BUILD_NUMBER}" // Need to modify the port number of the corresponding service app_port = "8890" // Need to modify the git address of the corresponding service git_address = "http://gitlab.wanyan.com/basic-service/auth-center.git" // Need to modify the gitlab group corresponding to the microservice git_groups = "basic-service" // Roll back the mirrored version rollback_image_name = "${registry}/${project}/${app_name}:${version}" // authentication docker_registry_auth = "jenkins-aliregistry-creds" //Harbor login auth git_auth = "gitlab-creds" //git login auth } parameters { gitParameter branch: '', branchFilter: '.*', defaultValue: 'master', description: 'Select branch for release', name: 'Branch', quickFilterEnabled: false, selectedValue: 'NONE', sortMode: 'NONE', tagFilter: '*', type: 'PT_BRANCH_TAG' //PT_BRANCH_TAG gets branch and TAG //gitParameter branch: '', branchFilter: '.*', defaultValue: 'master', description: 'select the branch to publish', name: 'Branch', quickFilterEnabled: false, selectedValue: 'NONE', sortMode: 'NONE', tagFilter: '*', type: 'PT_BRANCH' //PT_BRANCH only gets branches //choice (choices: ['1', '3', '5', '7'], description: 'Replica Count', name: 'ReplicaCount') choice (choices: ['prod'], description: 'select the publishing environment', name: 'Namespace') choice choices: ['deploy', 'rollback'], description: '''deploy release new code rollback rollback''', name: 'deploy_env' string defaultValue: '0', description: 'Select rollback version number', name: 'version', trim: false } stages { stage('Pull code'){ steps { build quietPeriod: 3, job: 'yyh_devops' checkout([$class: 'GitSCM', branches: [[name: "${params.Branch}"]], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]] ]) } } stage('code compilation'){ when { environment name: 'deploy_env', value: 'deploy' } steps { sh """ mvn clean package -Dmaven.test.skip=true -U """ } } stage('build image'){ when { environment name: 'deploy_env', value: 'deploy' } steps { dir("${WORKSPACE}/${JOB_NAME}") { withCredentials([usernamePassword(credentialsId: "${docker_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) { sh """ echo ' FROM ${registry}/yyh/centos-jdk:8-jre LABEL author='yhh' ENV PROJECT="${JOB_NAME}" #ENV JAVA_OPTS="-Dspring.profiles.active=production-server -Xms1024M -Xmx1024M" ENV TZ=Asia/Shanghai ENV LANG=en_US.UTF-8 RUN mkdir /home/dayiops/${JOB_NAME} -p WORKDIR /home/dayiops/${JOB_NAME} ADD target/${JOB_NAME}.jar ${workdir}/ EXPOSE ${app_port}/tcp ENTRYPOINT ["java","-Dspring.profiles.active=k8s${Namespace}","-Dmaven.wagon.http.ssl.insecure=true","-Dmaven.wagon.http .ssl.allowall=true","-server","-Xms1024M","-Xmx1024M","-XX: + HeapDumpOnOutOfMemoryError","-jar","$ {JOB_NAME}.jar"] '>Dockerfile docker login -u ${username} -p '${password}' ${registry} docker build -t ${image_name} . docker push ${image_name} """ } } } } stage('deploy to K8S platform'){ when { environment name: 'deploy_env', value: 'deploy' } steps { dir("$WORKSPACE/../yyh_devops/${git_groups}/${JOB_NAME}") { sh """ sed -i 's#{APP_NAME}#${JOB_NAME}#g' k8s-deployment.yaml sed -i 's#{APP_PORT}#${app_port}#g' k8s-deployment.yaml sed -i 's#{IMAGE_NAME}#${image_name}#' k8s-deployment.yaml sed -i 's#{NAME_SPACE}#${Namespace}#' k8s-deployment.yaml sed -i 's#{ADD_ENV_LABEL}#${Namespace}#' k8s-deployment.yaml kubectl apply -f k8s-deployment.yaml """ //kubernetesDeploy configs: 'k8s-deployment.yaml' } } } stage("Service startup check"){ when { environment name: 'deploy_env', value: 'deploy' } steps { sleep 63 timeout(time: 31, unit: 'SECONDS') { waitUntil { script { def podstatus = sh ( returnStdout: true, //script: "kubectl get deployment -n test | grep auth-center-api | awk \'{print \$1}\'" script: "kubectl get replicasets -n ${Namespace} |grep ${JOB_NAME} | awk \'{if (\$2 >=1 & amp; & amp; \$4 == 0) print \ "podnotready"}\'" ) def notrun_podname = sh ( returnStdout: true, //script: "kubectl get deployment -n test | grep ${JOB_NAME} | awk \'{print \$1}\'" script: "kubectl get pod -n ${Namespace} |grep ${JOB_NAME} |awk \'{if (\$2 == "0/1") print \$1} \'" ) podstatus = podstatus. trim() notrun_podname = notrun_podname.trim() echo "********${JOB_NAME} service startup status is ${podstatus}********" if( podstatus == "podnotready" ) { //echo "${JOB_NAME} service failed to start, rechecking service running status..." echo "Service startup status checking..." sleep 10 return false } else { echo "********${JOB_NAME} service started successfully...********" return true } } } } } } stage('roll back the specified image'){ when { environment name: 'deploy_env', value: 'rollback' } steps { dir("$WORKSPACE/../yyh_devops/${git_groups}/${JOB_NAME}") { sh """ sed -i 's#{APP_NAME}#${JOB_NAME}#g' k8s-deployment.yaml sed -i 's#{APP_PORT}#${app_port}#g' k8s-deployment.yaml sed -i 's#{IMAGE_NAME}#${rollback_image_name}#' k8s-deployment.yaml sed -i 's#{NAME_SPACE}#${Namespace}#' k8s-deployment.yaml sed -i 's#{ADD_ENV_LABEL}#${Namespace}#' k8s-deployment.yaml kubectl apply -f k8s-deployment.yaml """ //kubernetesDeploy configs: 'k8s-deployment.yaml' } } } } }
Backend application Dockerfile template
# cat Dockerfile FROM dayi-registry.cn-hangzhou.cr.aliyuncs.com/yyh/centos-jdk:8-jre LABEL author=yhh ENV PROJECT="gateway" #ENV JAVA_OPTS="-Dspring.profiles.active=production-server -Xms1024M -Xmx1024M" ENV TZ=Asia/Shanghai RUN mkdir /home/dayiops/gateway -p WORKDIR /home/dayiops/gateway ADD target/gateway.jar /home/dayiops/gateway/ EXPOSE 8081/tcp ENTRYPOINT ["java","-Dspring.profiles.active=k8sprod","-server","-Xms2048M","-Xmx2048M","-XX: + HeapDumpOnOutOfMemoryError\ ","-jar","gateway.jar"]
gitlab k8s template
#kubernetes/yyh-devops/BC/connector-api/k8s-deployment.yaml --- apiVersion: v1 kind: Service metadata: name: {APP_NAME} namespace: {NAME_SPACE} labels: app: {APP_NAME} env: {ADD_ENV_LABEL} spec: ports: - name: http port: {APP_PORT} protocol: TCP targetPort: {APP_PORT} selector: app: {APP_NAME} env: {ADD_ENV_LABEL} sessionAffinity: None type: ClusterIP --- apiVersion: apps/v1 kind: Deployment metadata: name: {APP_NAME} namespace: {NAME_SPACE} labels: app: {APP_NAME} env: {ADD_ENV_LABEL} spec: replicas: 1 selector: matchLabels: app: {APP_NAME} env: {ADD_ENV_LABEL} strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: labels: app: {APP_NAME} env: {ADD_ENV_LABEL} spec: imagePullSecrets: - name: aliregistry-secret affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchExpressions: - key: app operator: In values: - {APP_NAME} topologyKey: kubernetes.io/hostname weight: 100 containers: -env: - name: TZ value: Asia/Shanghai -name: LANG value: en_US.UTF-8 image: {IMAGE_NAME} imagePullPolicy: IfNotPresent name: {APP_NAME} ports: - name: http containerPort: {APP_PORT} protocol: TCP readinessProbe: failureThreshold: 2 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 tcpSocket: port: {APP_PORT} timeoutSeconds: 2 livenessProbe: failureThreshold: 2 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 tcpSocket: port: {APP_PORT} timeoutSeconds: 2 resources: limits: cpu: 1000m memory: 1024Mi requests: cpu: 200m memory: 256Mi volumeMounts: - mountPath: /data/logs name: logs - mountPath: /etc/localtime name: localtime readOnly: true dnsPolicy: ClusterFirstWithHostNet restartPolicy: Always securityContext: fsGroup: 2049 runAsGroup: 2049 runAsUser: 2049 volumes: - emptyDir: {} name: logs - hostPath: path: /etc/localtime type: File name: localtime
Dependent task configuration (this task will be executed every time the backend is released)
Name: yyh_devops
Pipeline yyh_devops
Pipeline script
node('jnlp-slave') { stage('Git Clone') { git credentialsId: 'gitlab-creds', url: 'http://gitlab.taeteadata.com/kubernetes/yyh-devops-prod.git' } }