编写Docker文件
创建DockerFile文件
DockerFile:
FROM java:8
WORKDIR /
ADD shortUrl-service-api/target/shortUrl-service-api.jar app.jar
RUN bash -c 'cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && touch /app.jar'
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-server","-Xms2048m","-Xmx2048m","-XX:NewSize=256m","-XX:+UseConcMarkSweepGC","-XX:CMSInitiatingOccupancyFraction=70","-XX:+PrintGCDetails","-XX:+PrintHeapAtGC","-XX:ThreadStackSize=512","-jar","/app.jar"]
Linux安装Docker
由于Jenkins需要push镜像到仓库,所以需要在Jenkins所在的机器安装Docker
安装教程:https://docs.docker.com/engine/install/centos/
配置私有镜像仓库
vi /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"https://dockerhub.azk8s.cn",
"http://hub-mirror.c.163.com",
"https://registry.docker-cn.com",
"https://6kx4zyno.mirror.aliyuncs.com"
],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m",
"max-file":"5"
},
"insecure-registries":[
"harbor-xadd.test.xdf.cn"
]
}
将你的镜像仓库配置到:insecure-registries对应的数组里
改完之后重启一下:systemctl restart docker.service
安装完之后检查是否成功:
如果遇到以下报错信息:
OCI runtime create failed: systemd cgroup flag passed, but systemd support for managing cgroups is not available: unknown
Build step 'Execute shell' marked build as failure
我的解决办法是把daemon.json文件中的这一行删掉:
"exec-opts": ["native.cgroupdriver=systemd"],
docker登陆
docker login 你的docker私有仓库地址
登陆成功之后,会自动保存用户名密码。
如果不执行这步,会报以下错误:
创建Deployment
kind: Deployment
apiVersion: apps/v1
metadata:
name: short-url
namespace: arch-xadd
spec:
replicas: 3
selector:
matchLabels:
name: short-url
template:
metadata:
labels:
app: short-url
name: short-url
version: dev
spec:
containers:
- name: short-url
image: >-
harbor-xadd.staff.xdf.cn/xadd/short-url:v0.1-master-1 #镜像名可以先随便写一个
ports:
- name: http
containerPort: 8991
protocol: TCP
env:
- name: TZ
value: Asia/Shanghai
resources:
limits:
cpu: '2'
memory: 3Gi
requests:
cpu: 400m
memory: 2Gi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 20
dnsPolicy: ClusterFirst
securityContext: {
}
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 25%
maxSurge: 25%
revisionHistoryLimit: 3
progressDeadlineSeconds: 60
注意:创建Deployment的时候,由于程序的镜像还没有push,所以deployment会创建失败,并一直重试,后面通过Jenkins构建之后,执行滚动更新就好了,这一步的目的是避免Jenkins构建的时候,找不到Deployment
拷贝kube配置文件
从部署k8s的机器上拷贝配置文件到Jenkins所在机器
Jenkins机器新建目录:mkdir ~/.kube
从k8s机器拷贝配置文件:scp ~/kube/config [email protected]:/root/.kube,下载后上传也可以
如果不执行这步,会报以下错误信息:
配置Jenkins
第一个脚本,将程序打成镜像并push到私有仓库
WORKSPACE=/root/.jenkins/workspace #jenkins的工作空间
REPOSITORY=shortUrl-k8s #Jenkins构建完之后,项目所在目录
APP_NAME=short-url
BRANCH=dev
DOCKER_IMAGE=harbor-xadd.staff.xdf.cn/xadd/${APP_NAME}:v0.1-${BRANCH}-${BUILD_NUMBER}
cd ${WORKSPACE}/${REPOSITORY}
docker build -t ${DOCKER_IMAGE} .
docker push ${DOCKER_IMAGE}
docker rmi ${DOCKER_IMAGE}
echo 'build_image and push_harbor jobs finished successfully!'
第二个脚本是执行k8s的滚动更新
BRANCH=dev
APP_NAME=short-url
DOCKER_IMAGE=harbor-xadd.staff.xdf.cn/xadd/${APP_NAME}:v0.1-${BRANCH}-${BUILD_NUMBER}
kubectl -n arch-xadd set image deployment/${APP_NAME} ${APP_NAME}=${DOCKER_IMAGE} --record=true
echo "triggered rolling update, check you service several minutes latter."
构建项目
新建Service
由于Pod的IP会改变,通过Service的方式访问。
kind: Service
apiVersion: v1
metadata:
name: short-url
namespace: arch-xadd
labels:
name: short-url
service: short-url
managedFields:
- manager: dashboard
operation: Update
spec:
ports:
- name: http
protocol: TCP
port: 80 #对外端口
targetPort: 8097 #内部Deployment容器端口
selector: #需要配置pod的标签,以便定位到应用服务
name: short-url
这样就完成了一个2个节点(Pod)的K8S应用服务构建,并且可以通过固定的Service访问,访问时,可以直接访问Service的域名,也可以访问Service对应的Cluster IP
测试
可以看到,服务已经可以正常访问了,也可以通过域名:short-url.arch-xadd.svc.xke.test.xdf.cn访问。