!15 有来上k8s部署

Merge pull request !15 from ximy/feature/youlai_k8s_deploy
This commit is contained in:
郝先瑞 2022-03-19 13:52:13 +00:00 committed by Gitee
commit b2e208a733
20 changed files with 664 additions and 0 deletions

191
devops/DockerJenkinsFile Normal file
View File

@ -0,0 +1,191 @@
properties([
parameters([
[$class: "ChoiceParameterDefinition",
description: "你需要选择哪条分支进行构建?",
name: "branch_name",
choices: ["youlai_k8s_deploy", "master"]
],
[$class: "ChoiceParameter",
choiceType: "PT_SINGLE_SELECT",
description: "你需要选择哪个微服务模块进行构建?",
filterLength: 1,
filterable: false,
name: "module_name",
randomName: "choice-parameter-5631314439613978",
script: [
$class: "GroovyScript",
fallbackScript: [
classpath: [],
sandbox: false,
script:
'''return["Could not get module_name"]'''
],
script: [
classpath: [],
sandbox: false,
script:
'''return["youlai-gateway", "youlai-auth","youlai-admin/admin-boot","mall-oms/oms-boot","mall-pms/pms-boot","mall-sms/sms-boot","mall-ums/ums-boot"]
'''
]
]
],
[$class: "CascadeChoiceParameter",
choiceType: "PT_SINGLE_SELECT",
description: "你需要选择哪台机器进行部署微服务?",
filterLength: 1,
filterable: false,
name: "deploy_on",
randomName: "choice-parameter-5631314456178619",
referencedParameters: "module_name",
script: [
$class: "GroovyScript",
fallbackScript: [
classpath: [],
sandbox: false,
script:
'''return["Could not get Environment from module_name Param"]'''
],
script: [
classpath: [],
sandbox: false,
script:
'''if (module_name.equals("youlai-gateway")){
return["a.youlai.tech"]
}
else if(module_name.equals("mall-ums/ums-boot")){
return["c.youlai.tech"]
}
else if(module_name.equals("mall-oms/oms-boot")){
return["d.youlai.tech"]
}
else {
return["f.youlai.tech"]
}
'''
]
]
]
])
])
// 以上代码,需要插件支持,主要作用是:选择具体的微服务,部署至对应的机器
pipeline { // 直接上机器,在机器上启容器
agent {
node {
label "maven"
}
}
environment {
// 自建harbor仓库的namespace
docker_hub_namespace = "youlai"
// docker_hub_namespace = "youlaiwuhui"
// 自建镜像仓库地址
docker_hub = "k8s-harbor:30002"
docker_hub_ext = "harbor.howlaisi.com:30002"
// docker_hub = "https://registry.cn-hangzhou.aliyuncs.com"
// 在jenknis或kubesphere上面的凭证
docker_hub_id = "youlai-zhangjialin-myself-harbor-account"
// docker_hub_id = "zhangjialin-aliyun-pingzheng"
// k8s 上面的 namespace
k8s_namespace = "youlai-mall"
GIT_COMMIT_ID = sh(returnStdout: true, script: 'git rev-parse --short HEAD').trim()
// BUILD_NUMBER 这个变量从jenkins传递过来
current_build_number = "${BUILD_NUMBER}"
// 在k8s上面配置的id
KUBECONFIG_CREDENTIAL_ID = "youlai-kubeconfig"
}
stages {
stage ("打印相关变量") {
steps{
echo "docker_hub_namespace信息为: ${docker_hub_namespace}"
// 获取commit信息用于后面打tag
echo "commit信息为${env.GIT_COMMIT_ID}"
echo "current_build_number信息为${env.current_build_number}"
script {
// 因为传递过来的module有可能是youlai-admin/admin-boot形式的打镜像时会失败
env.module_name_prefix = "${module_name}".split("/")[0]
env.module_name_suffix = "${module_name}".split("/")[-1]
// 本端tag名
env.local_tag = "${module_name_suffix}:${current_build_number}_${GIT_COMMIT_ID}"
// 远端tag名必须以这种方式命令才能push到远端
env.remote_tag = "${docker_hub}/${docker_hub_namespace}/${local_tag}"
// 外网访问下载的远端tag
env.remote_tag_ext = "${docker_hub_ext}/${docker_hub_namespace}/${local_tag}"
echo "module_name信息为: ${module_name}"
echo "module_name_prefix信息为: ${module_name_prefix}"
echo "module_name_suffix信息为: ${module_name_suffix}"
echo "local_tag信息为${env.local_tag}"
echo "remote_tag信息为${env.remote_tag}"
echo "remote_tag_ext信息为${env.remote_tag_ext}"
}
}
}
stage("checkout代码") {
steps {
//git branch: "${branch_name}", credentialsId: 'zhangjialin-youlai-mall-pingzheng', url: 'https://gitee.com/youlaitech/youlai-mall.git'
//checkout([
//$class: 'GitSCM',
//branches: [[name: "${branch_name}"]],
//extensions: [[$class: 'CloneOption', depth: 1, noTags: false, reference: '', shallow: true]],
//userRemoteConfigs: [[credentialsId: 'zhangjialin-youlai-mall-pingzheng', url: 'https://gitee.com/youlaitech/youlai-mall.git']]])
sh "du -h --max-depth=1"
}
}
stage("读取maven配置"){
steps {
script {
// 需要用到插件Pipeline Utility Steps参考https://www.jianshu.com/p/29403ecf7fc2
def pom = readMavenPom file: "${module_name}/pom.xml"
def properties = pom.properties
env.service_port = properties["service.port"]
env.service_nodeport = properties["service.nodeport"]
sh "echo service_port: ${service_port}"
sh "echo service_nodeport: ${service_nodeport}"
}
}
}
stage("打包镜像") {
steps {
script {
container ('maven') {
// 最外边
sh "mvn clean install -Dmaven.test.skip=true"
sh "mvn -f ${module_name} clean package dockerfile:build -Ddockerfile.tag=${current_build_number}_${GIT_COMMIT_ID} -Dmaven.test.skip=true -Dspring.profiles.active=dev"
withCredentials([usernamePassword(credentialsId: "${docker_hub_id}", passwordVariable: 'DOCKER_PASSWORD', usernameVariable: 'DOCKER_USERNAME')]) {
sh 'echo "$DOCKER_PASSWORD" | docker login http://k8s-harbor:30002 -u "$DOCKER_USERNAME" --password-stdin'
sh "docker tag ${env.local_tag} ${env.remote_tag}"
sh "docker push ${env.remote_tag}"
}
}
}
}
}
stage("自动部署至docker容器") {
agent none
steps {
script {
panlong_deploy_script_url = "\'https://gitee.com/youlaitech/youlai-mall/raw/${branch_name}/deploy.sh?access_token=a646170fbfafe84d3412ff594d530b6d&ref=${branch_name}\'"
script_dir = "/opt/youlai/script"
withCredentials([usernamePassword(credentialsId: "${docker_hub_id}", passwordVariable: 'DOCKER_PASSWORD', usernameVariable: 'DOCKER_USERNAME')]) {
sshPublisher(publishers: [
sshPublisherDesc(
configName: "${deploy_on}",
transfers: [
sshTransfer(cleanRemote: false,
excludes: '',
execCommand: "mkdir -p ${script_dir} && cd ${script_dir} && rm -rf deploy.sh.${module_name_suffix} && curl -X GET --header 'Content-Type: application/json;charset=UTF-8' ${panlong_deploy_script_url} -o deploy.sh.${module_name_suffix} && sh deploy.sh.${module_name_suffix} ${remote_tag_ext} ${service_port} ${docker_hub_namespace} ${module_name_suffix} ${DOCKER_USERNAME} ${DOCKER_PASSWORD}",execTimeout: 1200000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: '')],
usePromotionTimestamp: false,
useWorkspaceInPromotion: false,
verbose: true)])
}
}
}
}
}
}

117
devops/K8sJenkinsFile Normal file
View File

@ -0,0 +1,117 @@
pipeline { // 直接上k8s用k8s来管理docker
agent {
node {
label "maven"
}
}
parameters {
choice(
description: "你需要选择哪条分支进行构建?",
name: "branch_name",
choices: ["master", "feature/youlai_k8s_deploy3"]
)
choice(
description: "你需要选择哪个微服务模块进行构建?",
name: "module_name",
choices: ["youlai-gateway", "youlai-auth","youlai-admin/admin-boot","mall-oms/oms-boot","mall-pms/pms-boot","mall-sms/sms-boot","mall-ums/ums-boot"]
)
}
environment {
// 自建harbor仓库的namespace
docker_hub_namespace = "youlai"
// docker_hub_namespace = "youlaiwuhui"
// 自建镜像仓库地址
docker_hub = "k8s-harbor:30002"
// docker_hub = "https://registry.cn-hangzhou.aliyuncs.com"
// 在jenknis或kubesphere上面的凭证
docker_hub_id = "youlai-zhangjialin-myself-harbor-account"
// docker_hub_id = "zhangjialin-aliyun-pingzheng"
// k8s 上面的 namespace
k8s_namespace = "youlai-mall"
GIT_COMMIT_ID = sh(returnStdout: true, script: 'git rev-parse --short HEAD').trim()
// BUILD_NUMBER 这个变量从jenkins传递过来
current_build_number = "${BUILD_NUMBER}"
// 在k8s上面配置的id
KUBECONFIG_CREDENTIAL_ID = "youlai-kubeconfig"
}
stages {
stage ("打印相关变量") {
steps{
echo "docker_hub_namespace信息为: ${docker_hub_namespace}"
// 获取commit信息用于后面打tag
echo "commit信息为${env.GIT_COMMIT_ID}"
echo "current_build_number信息为${env.current_build_number}"
script {
// 因为传递过来的module有可能是youlai-admin/admin-boot形式的打镜像时会失败
env.module_name_prefix = "${module_name}".split("/")[0]
env.module_name_suffix = "${module_name}".split("/")[-1]
// 本端tag名
env.local_tag = "${module_name_suffix}:${current_build_number}_${GIT_COMMIT_ID}"
// 远端tag名必须以这种方式命令才能push到远端
env.remote_tag = "${docker_hub}/${docker_hub_namespace}/${local_tag}"
echo "module_name信息为: ${module_name}"
echo "module_name_prefix信息为: ${module_name_prefix}"
echo "module_name_suffix信息为: ${module_name_suffix}"
echo "local_tag信息为${env.local_tag}"
echo "remote_tag信息为${env.remote_tag}"
}
}
}
stage("checkout代码") {
steps {
//git branch: "${branch_name}", credentialsId: 'zhangjialin-youlai-mall-pingzheng', url: 'https://gitee.com/youlaitech/youlai-mall.git'
//checkout([
//$class: 'GitSCM',
//branches: [[name: "${branch_name}"]],
//extensions: [[$class: 'CloneOption', depth: 1, noTags: false, reference: '', shallow: true]],
//userRemoteConfigs: [[credentialsId: 'zhangjialin-youlai-mall-pingzheng', url: 'https://gitee.com/youlaitech/youlai-mall.git']]])
sh "du -h --max-depth=1"
}
}
stage("读取maven配置"){
steps {
script {
// 需要用到插件Pipeline Utility Steps参考https://www.jianshu.com/p/29403ecf7fc2
def pom = readMavenPom file: "${module_name}/pom.xml"
def properties = pom.properties
env.service_port = properties["service.port"]
env.service_nodeport = properties["service.nodeport"]
sh "echo service_port: ${service_port}"
sh "echo service_nodeport: ${service_nodeport}"
}
}
}
stage("打包镜像") {
steps {
script {
container ('maven') {
// 最外边
sh "mvn clean install -Dmaven.test.skip=true"
sh "cd $module_name && docker build -t ${env.local_tag} -f ./Dockerfile ."
//sh "mvn -f ${module_name} clean package dockerfile:build -Ddockerfile.tag=${current_build_number}_${GIT_COMMIT_ID} -Dmaven.test.skip=true -Dspring.profiles.active=k8s"
withCredentials([usernamePassword(credentialsId: "${docker_hub_id}", passwordVariable: 'DOCKER_PASSWORD', usernameVariable: 'DOCKER_USERNAME')]) {
sh 'echo "$DOCKER_PASSWORD" | docker login http://k8s-harbor:30002 -u "$DOCKER_USERNAME" --password-stdin'
sh "docker tag ${env.local_tag} ${env.remote_tag}"
sh "docker push ${env.remote_tag}"
}
}
}
}
}
stage("自动部署至k8s") {
agent none
steps {
container ("maven") {
// 这种方式启k8s是官方推荐的
sh 'envsubst < devops/deploy.yaml | kubectl apply -f -'
}
}
}
}
}

View File

@ -0,0 +1,46 @@
pipeline { // 直接上k8s用k8s起docker来扫描代码
agent {
node {
label "maven"
}
}
parameters {
choice(
description: "你需要选择哪条分支进行扫描?",
name: "branch_name",
choices: ["youlai_k8s_deploy", "master"]
)
}
stages {
stage("项目编译") {
agent none
steps {
container("maven") {
sh "ls -al"
sh "mvn clean install -Dmaven.test.skip=true"
}
}
}
stage("代码扫描") {
steps {
script {
container ("maven") {
withCredentials([string(credentialsId : "youlai-youlai-mall-sonar-token" ,variable : "SONAR_TOKEN" ,)]) {
withSonarQubeEnv("sonar") {
sh "mvn sonar:sonar -Dsonar.projectKey=youlai-mall -Dsonar.projectName=youlai-mall -f ./pom.xml -Dsonar.host.url=http://ks.howlaisi.com:31452/ -Dsonar.login=${SONAR_TOKEN}"
}
}
}
}
}
}
}
post {
failure {
addGiteeMRComment comment: ":x: Jenkins CI 构建失败。 [BUILD](" + env.BUILD_URL + ")"
}
success {
addGiteeMRComment comment: """:white_check_mark: Jenkins CI构建通过--> [BUILD](""" + env.BUILD_URL + """)""" + """\n""" + """:white_check_mark: sonar扫描结果--> [SONAR](""" + """http://ks.howlaisi.com:31452/dashboard?id=youlai-mall""" + """)"""
}
}
}

20
devops/deploy.sh Normal file
View File

@ -0,0 +1,20 @@
#!/bin/bash
remote_tag_ext=$1
port=$2
docker_hub_namespace=$3
module_name_suffix=$4
DOCKER_USERNAME=$5
DOCKER_PASSWORD=$6
# 登陆harbor
echo "$DOCKER_PASSWORD" | docker login http://harbor.howlaisi.com:30002 -u "$DOCKER_USERNAME" --password-stdin
# 停掉容器
if [ -n "$docker_hub_namespace" -a -n "$module_name_suffix" ]
then
docker stop $(docker ps -a | grep "${docker_hub_namespace}_${module_name_suffix}" | awk '{print $1}') || true
docker rm -f $(docker ps -a | grep "${docker_hub_namespace}_${module_name_suffix}" | awk '{print $1}') || true
docker rmi -f $(docker images -a | grep "${module_name_suffix}" | awk '{print $3}') || true
fi
# 拉取最新镜像
docker pull "${remote_tag_ext}"
# 运行容器
docker run --restart=always -di --net=host -e "SPRING_PROFILES_ACTIVE=dev" --name="${docker_hub_namespace}_${module_name_suffix}" "${remote_tag_ext}"

105
devops/deploy.yaml Normal file
View File

@ -0,0 +1,105 @@
#apiVersion: v1
#kind: PersistentVolumeClaim
#metadata:
# namespace: youlai-mall
# name: ${module_name_suffix}-pvc0
# labels: {}
#spec:
# accessModes:
# - ReadWriteOnce
# resources:
# requests:
# storage: 1Gi # k8s限制只能扩容对于pvc只能扩容不能缩容且配置sc.yaml时需要指定allowVolumeExpansion: true #增加该字段表示允许动态扩容
# storageClassName: nfs-storage
#
#---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: ${module_name_suffix}
name: ${module_name_suffix}-deployment
namespace: ${k8s_namespace} #一定要写名称空间
spec:
progressDeadlineSeconds: 600
replicas: 1
selector:
matchLabels:
app: ${module_name_suffix}
strategy: # 更新策略
rollingUpdate:
maxSurge: 50%
maxUnavailable: 50%
type: RollingUpdate
template:
metadata:
labels:
app: ${module_name_suffix}
spec:
volumes: # 挂载卷
- name: host-time # 挂载主机上的时区
hostPath:
path: /etc/localtime
type: ''
# - name: volume-${module_name_suffix} # 挂载日志
# persistentVolumeClaim:
# claimName: ${module_name_suffix}-pvc0
imagePullSecrets:
- name: ${docker_hub_id} #提前在项目下配置访问阿里云或harbor的账号密码
containers:
- image: $remote_tag
imagePullPolicy: Always
name: ${module_name_suffix}
ports:
- name: http-${service_port}
containerPort: ${service_port}
protocol: TCP
env:
- name: SPRING_PROFILES_ACTIVE
value: k8s
resources: # 资源限制
limits:
cpu: 250m
memory: 512Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- name: host-time
readOnly: true
mountPath: /etc/localtime
# - name: volume-${module_name_suffix}
# mountPath: /logs
dnsPolicy: ClusterFirst
restartPolicy: Always
terminationGracePeriodSeconds: 30
affinity: # 节点亲合性,这下面表达的意思是,尽量散到不同的机器上
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app: ${module_name_suffix}
topologyKey: kubernetes.io/hostname
revisionHistoryLimit: 2 #deploy 升级最大记录数由 revisionHistoryLimit 定义,默认值为 10
---
apiVersion: v1
kind: Service
metadata:
labels:
app: ${module_name_suffix}
name: ${module_name_suffix}-svc
namespace: ${k8s_namespace}
spec:
ports:
- name: http
port: ${service_port}
protocol: TCP
targetPort: ${service_port}
nodePort: ${service_nodeport}
selector:
app: ${module_name_suffix}
sessionAffinity: None
type: NodePort

View File

@ -11,6 +11,12 @@
<artifactId>oms-boot</artifactId>
<properties>
<youlai.version>2.0.0</youlai.version>
<service.port>8603</service.port>
<service.nodeport>32000</service.nodeport>
</properties>
<dependencies>
<!-- Spring Cloud & Alibaba -->

View File

@ -0,0 +1,23 @@
server:
port: 8603
spring:
main:
allow-circular-references: true
mvc:
pathmatch:
matching-strategy: ant_path_matcher
cloud:
nacos:
discovery:
server-addr: nacos-headless.infrastructure:8848 # 使用k8s无头服务
namespace: youlai-namespace-id
config:
server-addr: ${spring.cloud.nacos.discovery.server-addr}
file-extension: yaml
namespace: youlai-namespace-id
shared-configs[0]:
data-id: youlai-common.yaml
refresh: true

View File

@ -11,6 +11,12 @@
<artifactId>pms-boot</artifactId>
<properties>
<youlai.version>2.0.0</youlai.version>
<service.port>8802</service.port>
<service.nodeport>32001</service.nodeport>
</properties>
<dependencies>
<!-- 读取配置 -->
<dependency>

View File

@ -0,0 +1,22 @@
server:
port: 8802
spring:
main:
allow-circular-references: true
mvc:
pathmatch:
matching-strategy: ant_path_matcher
cloud:
nacos:
discovery:
server-addr: nacos-headless.infrastructure:8848 # 使用k8s无头服务
namespace: youlai-namespace-id
config:
server-addr: ${spring.cloud.nacos.discovery.server-addr}
file-extension: yaml
namespace: youlai-namespace-id
# 公共配置
shared-configs[0]:
data-id: youlai-common.yaml
refresh: true

View File

@ -12,6 +12,8 @@
<artifactId>sms-boot</artifactId>
<properties>
<youlai.version>2.0.0</youlai.version>
<service.port>8804</service.port>
<service.nodeport>32002</service.nodeport>
</properties>
<dependencies>

View File

@ -0,0 +1,23 @@
server:
port: 8804
spring:
main:
allow-circular-references: true
mvc:
pathmatch:
matching-strategy: ant_path_matcher
cloud:
nacos:
# 注册中心
discovery:
server-addr: nacos-headless.infrastructure:8848 # 使用k8s无头服务
namespace: youlai-namespace-id
# 配置中心
config:
server-addr: ${spring.cloud.nacos.discovery.server-addr}
file-extension: yaml
namespace: youlai-namespace-id
shared-configs[0]:
data-id: youlai-common.yaml
refresh: true

View File

@ -13,6 +13,8 @@
<properties>
<youlai.version>2.0.0</youlai.version>
<service.port>8601</service.port>
<service.nodeport>32003</service.nodeport>
</properties>
<dependencies>

View File

@ -0,0 +1,21 @@
server:
port: 8601
spring:
main:
allow-circular-references: true
mvc:
pathmatch:
matching-strategy: ant_path_matcher
cloud:
nacos:
discovery:
server-addr: nacos-headless.infrastructure:8848 # 使用k8s无头服务
namespace: youlai-namespace-id
config:
server-addr: ${spring.cloud.nacos.discovery.server-addr}
file-extension: yaml
namespace: youlai-namespace-id
shared-configs[0]:
data-id: youlai-common.yaml
refresh: true

View File

@ -13,6 +13,8 @@
<properties>
<youlai.version>2.0.0</youlai.version>
<service.port>8800</service.port>
<service.nodeport>32004</service.nodeport>
</properties>
<dependencies>

View File

@ -0,0 +1,22 @@
server:
port: 8800
spring:
main:
allow-circular-references: true
mvc:
pathmatch:
matching-strategy: ant_path_matcher
cloud:
nacos:
discovery:
server-addr: nacos-headless.infrastructure:8848 # 使用k8s无头服务
namespace: youlai-namespace-id
config:
server-addr: ${spring.cloud.nacos.discovery.server-addr}
file-extension: yaml
namespace: youlai-namespace-id
shared-configs[0]:
data-id: youlai-common.yaml
refresh: true

View File

@ -13,6 +13,8 @@
<properties>
<youlai.version>2.0.0</youlai.version>
<service.port>8000</service.port>
<service.nodeport>32005</service.nodeport>
</properties>
<dependencies>

View File

@ -0,0 +1,24 @@
server:
port: 8000
spring:
main:
allow-circular-references: true
allow-bean-definition-overriding: true
mvc:
pathmatch:
matching-strategy: ant_path_matcher
cloud:
nacos:
# 注册中心
discovery:
server-addr: nacos-headless.infrastructure:8848 # 使用k8s无头服务
namespace: youlai-namespace-id
# 配置中心
config:
server-addr: ${spring.cloud.nacos.discovery.server-addr}
file-extension: yaml
namespace: youlai-namespace-id
shared-configs[0]:
data-id: youlai-common.yaml
refresh: true

View File

@ -87,4 +87,12 @@
</root>
</springProfile>
<!-- k8s环境输出至文件 -->
<springProfile name="k8s">
<root level="INFO">
<appender-ref ref="CONSOLE" />
<appender-ref ref="FILE" />
</root>
</springProfile>
</configuration>

View File

@ -14,6 +14,8 @@
<properties>
<youlai.version>2.0.0</youlai.version>
<service.port>9999</service.port>
<service.nodeport>32006</service.nodeport>
</properties>
<dependencies>

View File

@ -0,0 +1,20 @@
server:
port: 9999
spring:
main:
allow-bean-definition-overriding: true
application:
name: youlai-gateway
cloud:
nacos:
discovery:
server-addr: nacos-headless.infrastructure:8848 # 使用k8s无头服务
namespace: youlai-namespace-id
config:
server-addr: ${spring.cloud.nacos.discovery.server-addr}
file-extension: yaml
namespace: youlai-namespace-id
shared-configs[0]:
data-id: youlai-common.yaml
refresh: true