1、基于helm 部署jenkins

要求：當(dāng)前集群配置了storageClass，并已指定默認(rèn)的storageClass，一般情況下，創(chuàng)建的storageClass即為默認(rèn)類 指定默認(rèn)storageClass的方式

# 如果是新創(chuàng)建默認(rèn)類：
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:name: managed-nfs-storageannotations:# 這里注解說明了這個是默認(rèn)的storageclassstorageclass.kubernetes.io/is-default-class: "true"
provisioner: fuseim.pri/ifs 
parameters:archiveOnDelete: "true"
?
# 如果是修改為默認(rèn)類
kubectl patch storageclass managed-nfs-storage -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
?
# 檢查,可以看到類后面增加了(default)
[root@kube-master1 ~]# kubectl get sc
NAME ? ? ? ? ? ? ? ? ? ? ? ? ?  PROVISIONER ? ? ? ? ? ? ? ? ?  RECLAIMPOLICY ? VOLUMEBINDINGMODE ? ?  ALLOWVOLUMEEXPANSION ? AGE
managed-nfs-storage (default) ? gxf-nfs-storage ? ? ? ? ? ? ?  Retain ? ? ? ?  Immediate ? ? ? ? ? ? ?false ? ? ? ? ? ? ? ?  41d

1.1 部署helm

[root@kube-master ~]# wget https://get.helm.sh/helm-v3.2.4-linux-amd64.tar.gz
[root@kube-master ~]# tar zxvf helm-v3.2.4-linux-amd64.tar.gz 
[root@kube-master ~]# mv linux-amd64/helm /usr/bin/

1.2 部署jenkins

# 1、添加jenkins倉庫
[root@kube-master ~]# helm repo add jenkinsci https://charts.jenkins.io && helm repo update
?
# 2、安裝jenkins
## 2.1 如果需要自定義配置，需要先將chart下載下來，如果無需修改配置，直接install即可
[root@kube-master ~]# helm pull jenkinsci/jenkins
[root@kube-master ~]# tar xf jenkins-4.8.4.tgz # 修改目錄中的values.yml
[root@kube-master ~]# helm install jenkins . -f jenkins-values.yaml
## 2.2 直接安裝
[root@kube-master ~]# helm install jenkins jenkinsci/jenkins

1.3 檢查 jenkins

# helm list
NAME ?  NAMESPACE ? ? ? REVISION ? ? ?  UPDATED ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? STATUS ? ? ? ?  CHART ? ? ? ? ? APP VERSION
jenkins default ? ? ? ? 1 ? ? ? ? ? ? ? 2023-12-17 14:19:50.59739362 +0800 CST  deployed ? ? ?  jenkins-4.8.4 ? 2.426.1 
?
[root@kube-master1 ~]# kubectl get pod
NAME ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?  READY ? STATUS ?  RESTARTS ? ? ? AGE
jenkins-0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 2/2 ? ? Running ? 0 ? ? ? ? ? ?  2m30s
nfs-client-provisioner-66bc5457d6-vbzfj ? 1/1 ? ? Running ? 16 (20m ago) ? 38d
?
# 需要查看登錄密碼，可以使用
[root@kube-master1 ~]# helm get notes jenkins
NOTES:
1. Get your 'admin' user password by running:kubectl exec --namespace default -it svc/jenkins -c jenkins -- /bin/cat /run/secrets/additional/chart-admin-password && echo
2. Get the Jenkins URL to visit by running these commands in the same shell:echo http://127.0.0.1:8080kubectl --namespace default port-forward svc/jenkins 8080:8080
?
3. Login with the password from step 1 and the username: admin
4. Configure security realm and authorization strategy
5. Use Jenkins Configuration as Code by specifying configScripts in your values.yaml file, see documentation: http://127.0.0.1:8080/configuration-as-code and examples: https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos
?
For more information on running Jenkins on Kubernetes, visit:
https://cloud.google.com/solutions/jenkins-on-container-engine
?
For more information about Jenkins Configuration as Code, visit:
https://jenkins.io/projects/jcasc/
?
?
NOTE: Consider using a custom image with pre-installed plugins

1.4 配置訪問

# 這是當(dāng)前jenkins的服務(wù)，將他改為nodeport，或通過ingress代理
[root@kube-master1 ~]# kubectl get svc jenkins
NAME ? ?  TYPE ? ? ?  CLUSTER-IP ?  EXTERNAL-IP ? PORT(S) ?  AGE
jenkins ? ClusterIP ? 10.99.36.63 ? <none> ? ? ? ?8080/TCP ? 32h
?
[root@kube-master1 ~]# vim ingress.yml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:labels:name: myingressname: myingressnamespace: default
spec:ingressClassName: nginxrules:- host: qf.jenkins.viphttp:paths:- backend:service:name: jenkinsport:number: 8080path: /pathType: Prefix

2、安裝插件

插件列表：
將準(zhǔn)備好的插件包，替換掉對應(yīng)的pv數(shù)據(jù)卷中的plugins目錄

3、準(zhǔn)備工作

3.1 準(zhǔn)備ruoyi數(shù)據(jù)

[root@kube-master1 ~]# git clone https://gitea.beyourself.org.cn/newrain001/RuoYi-Vue-cloud.git
[root@kube-master1 ~]# cd RuoYi-Vue-cloud/
[root@kube-master1 RuoYi-Vue-cloud]# ls
bin  cloud  doc  LICENSE  pom.xml  README.md  ruoyi-admin  ruoyi-common  ruoyi-framework  ruoyi-generator  ruoyi-quartz  ruoyi-system  ruoyi-ui  ry.bat  ry.sh  sql
[root@kube-master1 RuoYi-Vue-cloud]# cd sql/
[root@kube-master1 sql]# ls
quartz.sql  ry_20230223.sql
[root@kube-master1 sql]# kubectl create configmap ruoyi-init-data --from-file=.

3.2 準(zhǔn)備k8s證書

[root@kube-master1 ~]# kubectl create secret generic kubeconfig --from-file=/root/.kube/config
?

3.3 準(zhǔn)備maven配置文件

[root@kube-master1 ~]# vim settings.xml
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.2.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 https://maven.apache.org/xsd/settings-1.2.0.xsd"><pluginGroups></pluginGroups><proxies></proxies><servers></servers><mirrors><mirror><id>aliyunmaven</id><mirrorOf>*</mirrorOf><name>阿里云公共倉庫</name><url>https://maven.aliyun.com/repository/public</url></mirror></mirrors><profiles></profiles>
</settings>
[root@kube-master1 ~]# kubectl create configmap maven-repo --from-file=settings.xml

3.4 配置釘釘插件

在系統(tǒng)管理的下方有未歸類的插件

4、項目配置

4.1 創(chuàng)建pipeline項目

4.2 配置參數(shù)

# 參數(shù)內(nèi)容:
字符參數(shù)：
PROJECT_NAME 項目名稱
憑據(jù)參數(shù)：
DOCKER_REPOSITORY_CREDENTIAL_ID 需要推送的docker鏡像倉庫憑據(jù)id，可指定多個，然后加介紹
選項參數(shù)：
HARBOR_HOST 需要推送的鏡像倉庫，可以指定多個，需要與憑據(jù)對應(yīng)
選項參數(shù)：
NAMESPACE_NAME 需要推送的命名空間
字符參數(shù)：后端鏡像的tag
JAVA_TAG
字符參數(shù)：前端鏡像的tag
NODE_TAG
字符參數(shù)：
JAVA_REPLICAS 后端副本數(shù)
字符參數(shù)：
NODE_REPLICAS 前端副本數(shù)
字符參數(shù)：
JENKINS_URL 當(dāng)前jenkins的url，通知時使用，一般不變，可以設(shè)置默認(rèn)值 

5、構(gòu)建項目

6、cloud 目錄內(nèi)的文件解析

6.1 cloud/Jenkinsfile

pipeline {// 定義流水線中使用的環(huán)境變量environment {PROJECT_NAME = "${PROJECT_NAME}"  // 項目名稱DOCKER_REPOSITORY_CREDENTIAL_ID = "${DOCKER_REPOSITORY_CREDENTIAL_ID}"  // Docker倉庫的憑證IDHARBOR_HOST = "${HARBOR_HOST}"  // Docker Harbor主機(jī)NAMESPACE_NAME = "${NAMESPACE_NAME}"  // Kubernetes命名空間JAVA_REPOSITORY_NAME = "ruoyi-java"  // Java應(yīng)用的倉庫名稱NODE_REPOSITORY_NAME = "ruoyi-node"  // Node.js應(yīng)用的倉庫名稱JAVA_TAG = "${JAVA_TAG}"  // Java應(yīng)用的Docker標(biāo)簽NODE_TAG = "${NODE_TAG}"  // Node.js應(yīng)用的Docker標(biāo)簽JAVA_REPLICAS = "${JAVA_REPLICAS}"  // Java應(yīng)用的副本數(shù)NODE_REPLICAS = "${NODE_REPLICAS}"  // Node.js應(yīng)用的副本數(shù)YAML_PATH = "cloud/deploy/"  // Kubernetes YAML文件的路徑JAVA_DEPLOYMENT_NAME = "ruoyi-java.yaml"  // Java部署的YAML文件名稱NODE_DEPLOYMENT_NAME = "ruoyi-nginx.yaml"  // Node.js部署的YAML文件名稱STATUS_URL = "${JENKINS_URL}/job/ruoyi/${BUILD_NUMBER}"  // 查看構(gòu)建狀態(tài)的URLCONSOLE_URL = "${JENKINS_URL}/job/ruoyi/${BUILD_NUMBER}/console"  // 查看構(gòu)建控制臺輸出的URL}// 使用Kubernetes定義代理配置agent {kubernetes {cloud "kubernetes"yaml """// 定義Kubernetes Pod的規(guī)格apiVersion: v1kind: Podspec:// 定義Pod中的容器containers:- name: jnlpimage: jenkins/inbound-agent:3107.v665000b_51092-15args: ['\$(JENKINS_SECRET)', '\$(JENKINS_NAME)']imagePullPolicy: IfNotPresentvolumeMounts:- mountPath: "/etc/localtime"name: "volume-2"readOnly: false- name: mavenimage: maven:3.6.3-jdk-11command: ['cat']tty: truevolumeMount:- mountPath: "/usr/share/maven/ref/"name: "maven-repo"subPath: "settings.xml"readOnly: true- mountPath: "/root/.m2"name: "maven-data"- name: nodejsimage: node:14command: ['cat']tty: true- name: kubectlimage: kubesphere/kubectl:v1.22.0imagePullPolicy: IfNotPresenttty: truecommand: ["cat"]volumeMounts:- mountPath: "/etc/localtime"name: "volume-2"readOnly: false- mountPath: "/var/run/docker.sock"name: "volume-docker"readOnly: false- mountPath: "/root/.kube/config"subPath: configname: "kubeconfig"readOnly: false- name: dockerimage: docker:19.03.15-gitcommand: ['cat']tty: truevolumeMounts:- mountPath: "/var/run/docker.sock"name: "volume-docker"readOnly: false// 定義Pod使用的卷volumes:- name: volume-2hostPath:path: "/usr/share/zoneinfo/Asia/Shanghai"- name: volume-dockerhostPath:path: "/var/run/docker.sock"- name: kubeconfigsecret:secretName: kubeconfigitems:- key: configpath: config- name: maven-repoconfigMap:name: maven-repo- name: maven-datahostPath: path: "/opt/data/m2""""}}// 定義流水線的各個階段stages {// 第一階段：Maven打包stage('Maven 打包') {steps {// 使用Maven容器來構(gòu)建Java應(yīng)用container('maven') {sh """mvn clean package -Dmaven.test.skip=true && cp ruoyi-admin/target/ruoyi-admin.jar cloud/ruoyi-java"""}}post {// Maven打包成功或失敗后的通知success {// Maven打包成功時的釘釘消息配置dingtalk (// 其他配置...)}failure {// Maven打包失敗時的釘釘消息配置dingtalk (// 其他配置...)}}}// 第二階段：Node.js打包stage('Node.js 打包') {steps {container('nodejs') {sh """cd ruoyi-ui && npm install --registry http://registry.npmmirror.com && npm run build:prod && cp -r dist ../cloud/ruoyi-nginx"""}}post {success {// Node.js打包成功的釘釘消息配置dingtalk (// 其他配置...)}failure {// Node.js打包失敗的釘釘消息配置dingtalk (// 其他配置...)}}}// 第三階段：構(gòu)建鏡像stage('構(gòu)建鏡像') {steps {withCredentials([usernamePassword(credentialsId: env.DOCKER_REPOSITORY_CREDENTIAL_ID, passwordVariable: 'PASSWORD', usernameVariable: 'USERNAME')]) {container('docker') {sh """docker build -t ${env.HARBOR_HOST}/${env.NAMESPACE_NAME}/${env.JAVA_REPOSITORY_NAME}:${env.JAVA_TAG} cloud/ruoyi-javadocker build -t ${env.HARBOR_HOST}/${env.NAMESPACE_NAME}/${env.NODE_REPOSITORY_NAME}:${env.NODE_TAG} cloud/ruoyi-nginxdocker login ${env.HARBOR_HOST} --username ${env.USERNAME} --password ${env.PASSWORD}docker push ${env.HARBOR_HOST}/${env.NAMESPACE_NAME}/${env.JAVA_REPOSITORY_NAME}:${env.JAVA_TAG}docker push ${env.HARBOR_HOST}/${env.NAMESPACE_NAME}/${env.NODE_REPOSITORY_NAME}:${env.NODE_TAG}"""}}}post {success {// 構(gòu)建鏡像成功的釘釘消息配置dingtalk (// 其他配置...)}failure {// 構(gòu)建鏡像失敗的釘釘消息配置dingtalk (// 其他配置...)}}}// 第四階段：部署到kubernetesstage('部署到kubernetes') {steps {container('kubectl') {sh """sed -i "s/REPLICAS/${env.JAVA_REPLICAS}/;s/HARBOR_HOST/${env.HARBOR_HOST}/;s/NAMESPACE_NAME/${env.NAMESPACE_NAME}/;s/REPOSITORY_NAME/${env.JAVA_REPOSITORY_NAME}/;s/TAG/${env.JAVA_TAG}/" ${env.YAML_PATH}${env.JAVA_DEPLOYMENT_NAME}sed -i "s/REPLICAS/${env.NODE_REPLICAS}/;s/HARBOR_HOST/${env.HARBOR_HOST}/;s/NAMESPACE_NAME/${env.NAMESPACE_NAME}/;s/REPOSITORY_NAME/${env.NODE_REPOSITORY_NAME}/;s/TAG/${env.NODE_TAG}/" ${env.YAML_PATH}${env.NODE_DEPLOYMENT_NAME}kubectl apply -f ${env.YAML_PATH} --record"""}}post {success {// 部署成功的釘釘消息配置dingtalk (// 其他配置...)}failure {// 部署失敗的釘釘消息配置dingtalk (// 其他配置...)}}}}
}

6.2 cloud/deploy/ruoyi-nginx.yaml

apiVersion: apps/v1
kind: Deployment
metadata:name: ruoyi-nginx
spec:replicas: REPLICASselector:matchLabels:app: ruoyi-nginxtemplate:metadata:labels:app: ruoyi-nginxspec:containers:- name: ruoyi-nginximage: HARBOR_HOST/NAMESPACE_NAME/REPOSITORY_NAME:TAGimagePullPolicy: Alwaysports:- containerPort: 80---
apiVersion: v1
kind: Service
metadata:name: ruoyi-nginx-service
spec:selector:app: ruoyi-nginxports:- port: 80targetPort: 80---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:name: ruoyi-nginx-ingresslabels:name: ruoyi-nginx-ingress
spec:ingressClassName: nginxrules:- host: ruoyi.nginx.comhttp:paths:- pathType: Prefixpath: "/"backend:service:name: ruoyi-nginx-serviceport: number: 80

6.3 cloud/deploy/ruoyi-java.yamll

---
apiVersion: apps/v1
kind: Deployment
metadata:name: ruoyi-java
spec:replicas: REPLICASselector:matchLabels:app: ruoyi-javatemplate:metadata:labels:app: ruoyi-javaspec:containers:- name: ruoyi-javaimage: HARBOR_HOST/NAMESPACE_NAME/REPOSITORY_NAME:TAGimagePullPolicy: Alwaysports:- containerPort: 8080---
apiVersion: v1
kind: Service
metadata:name: ruoyi-java-service
spec:selector:app: ruoyi-javaports:- port: 8080targetPort: 8080

6.4 cloud/deploy/mysql.yml

apiVersion: apps/v1
kind: Deployment
metadata:name: database
spec:selector:matchLabels:app: databasetemplate:metadata:labels:app: databasespec:containers:- name: databaseimage: daocloud.io/library/mysql:5.7env:- name: MYSQL_ROOT_PASSWORDvalue: "123456"- name: MYSQL_DATABASEvalue: "ry"volumeMounts:- mountPath: /docker-entrypoint-initdb.dname: ruoyi-dataresources:limits:memory: "500Mi"cpu: "500m"ports:- containerPort: 3306volumes:- name: ruoyi-dataconfigMap:name: ruoyi-init-data---
apiVersion: v1
kind: Service
metadata:name: ruoyi-db
spec:selector:app: databaseports:- port: 3306targetPort: 3306

6.5 cloud/deploy/redis.yml

apiVersion: apps/v1
kind: Deployment
metadata:name: redis
spec:selector:matchLabels:app: redistemplate:metadata:labels:app: redisspec:containers:- name: redisimage: redisresources:limits:memory: "128Mi"cpu: "500m"ports:- containerPort: 6379---
apiVersion: v1
kind: Service
metadata:name: ruoyi-redis
spec:selector:app: redisports:- port: 6379targetPort: 6379

6.6 cloud/ruoyi-java/Dockerfile

FROM buildo/java8-wkhtmltopdf:latestCOPY ruoyi-admin.jar /optEXPOSE 8080CMD ["java", "-jar", "/opt/ruoyi-admin.jar"]

6.7 cloud/ruoyi-nginx/Dockerfile