#项目发布方案
蓝绿发布
灰度发布
滚动发布
#k8s默认发布策略
1个deployment
2个 replicasset
进行一对一的更新 更新一个 删除一个 直到pod更新完毕
server 通过标签去关联replicasset
#发布流程设计
1. 项目文档
2. 项目业务现状
3. 项目的实施(测试环境 迁移到线上) (思考 迁移过去失败了怎么办 或者是迁移过去一段时间 失败了怎么办? 能不能快速定位问题 快速恢复)
4. 应急预案
sed -i 's/http:\/\/updates.jenkins-ci.org\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json && \
sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
jenkins创建的job需要发布一个java项目?
1. JDK
2. maven
3. git
4. tomcat
job: 代码编译(maven) 构建镜像(docker) 拉取代码(git)
#部署项目到k8s中的参数构建怎么配置?
1. 分支
2. 命名空间
3. pod分别数
#k8s-secret docker仓库认证
kubectl create secret docker-registry registry-pull-secret --docker-username=admin --docker-password=Harbor12345 --docker-server=192.168.10.23
============================================================
// 所需插件: Git Parameter/Git/Pipeline/kubernetes/Kubernetes Continuous Deploy
// 公共
def registry = "192.168.10.23"
// 项目
def project = "dev"
def app_name = "java-demo"
def image_name = "${registry}/${project}/${app_name}:${BUILD_NUMBER}"
def git_address = "http://106.13.186.245:5555/root/java-demo.git"
// 认证
def secret_name = "registry-pull-secret"
def docker_registry_auth = "60946d6a-2259-4254-8f2c-108f7efdad8e"
def git_auth = "caf3e55d-0f12-4b03-a1bb-1b6ec2c2e189"
def k8s_auth = "de7eb761-d6d5-4692-b14f-c5ab13b10158"
pipeline {
agent {
kubernetes {
label "jenkins-slave"
yaml """
kind: Pod
metadata:
name: jenkins-slave
spec:
containers:
- name: jnlp
image: "${registry}/library/jenkins-slave-jdk:1.8"
imagePullPolicy: Always
volumeMounts:
- name: docker-cmd
mountPath: /usr/bin/docker
- name: docker-sock
mountPath: /var/run/docker.sock
- name: maven-cache
mountPath: /root/.m2
volumes:
- name: docker-cmd
hostPath:
path: /usr/bin/docker
- name: docker-sock
hostPath:
path: /var/run/docker.sock
- name: maven-cache
hostPath:
path: /tmp/m2
"""
}
}
parameters {
gitParameter branch: '', branchFilter: '.*', defaultValue: 'master', description: '选择发布的分支', name: 'Branch', quickFilterEnabled: false, selectedValue: 'NONE', sortMode: 'NONE', tagFilter: '*', type: 'PT_BRANCH'
choice (choices: ['1', '3', '5', '7'], description: '副本数', name: 'ReplicaCount')
choice (choices: ['dev','test','prod'], description: '命名空间', name: 'Namespace')
}
stages {
stage('拉取代码'){
steps {
checkout([$class: 'GitSCM',
branches: [[name: "${params.Branch}"]],
doGenerateSubmoduleConfigurations: false,
extensions: [], submoduleCfg: [],
userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]]
])
}
}
stage('代码编译'){
steps {
sh """
mvn clean package -Dmaven.test.skip=true
"""
}
}
stage('构建镜像'){
steps {
withCredentials([usernamePassword(credentialsId: "${docker_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) {
sh """
echo '
FROM ${registry}/library/tomcat:v1
LABEL maitainer lizhenliang
RUN rm -rf /usr/local/tomcat/webapps/*
ADD target/*.war /usr/local/tomcat/webapps/ROOT.war
' > Dockerfile
docker build -t ${image_name} .
docker login -u ${username} -p '${password}' ${registry}
docker push ${image_name}
"""
}
}
}
stage('部署到K8S平台'){
steps {
sh """
sed -i 's#IMAGE_NAME#${image_name}#' deploy.yaml
sed -i 's#SECRET_NAME#${image_name}#' deploy.yaml
#sed -i 's#SECRET_NAME#${secret_name}#' deploy.yaml
sed -i 's#RSCOUNT#${ReplicaCount}#' deploy.yaml
sed -i 's#NS#${Namespace}#' deploy.yaml
"""
kubernetesDeploy configs: 'deploy.yaml', kubeconfigId: "${k8s_auth}"
}
}
}
}
======================================================================
1. 怎么让持续部署插件读到yaml文件
yaml进行代码统一版本管理
2. 怎么和参数化构建集合
提供sed进行修改yaml的值
#使用jenkins的插件
git
kubernetes
pipeline
kubernetes continuous deploy
#CI/CD环境特点
slave弹性
基于镜像隔离构建环境
流水线发布容易维护
jenkins参数化构建可帮助完成更复杂的构建
小结:
0. 涉及的所以插件都需要安装
1. 修改环境变量的值
2. 参数化构建的名称就是变量可以在任何地方使用
3. 拉取的代码是提供git参数化构建动态获取分支
4. 一些认证信息都是保存到 jenkins认证里面 pipeline通过凭据ID获取
5. pipeline大多数代码片段都可以动态去生成
kuberctl rollback deployment 回滚方式
