一、流水线DevOps
-
DevOps流水线主要为Jenkinsfile,实现自动化构建部署项目。
-
在Kubesphere中实现
1、后端
1.1、Jenkins
pipeline {
agent {
node {
label 'maven'
}
}
stages {
stage('拉取代码') {
agent none
steps {
container('maven') {
git(url: 'https://github.com/JeffeyShaw/his.git', credentialsId: 'jeffyshaw', branch: 'main', changelog: true, poll: false)
sh 'ls -al'
}
}
}
stage('编译') {
agent none
steps {
container('maven') {
sh 'ls'
sh 'mvn clean package -Dmaven.test.skip=true'
sh 'ls hospital-manage/target'
}
}
}
stage('构建镜像') {
parallel {
stage('构建hospital-manage镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t hospital-manage:latest -f hospital-manage/Dockerfile ./hospital-manage/ '
}
}
}
stage('构建server-gateway镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t server-gateway:latest -f server-gateway/Dockerfile ./server-gateway/ '
}
}
}
stage('构建service-cmn镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-cmn:latest -f service/service-cmn/Dockerfile ./service/service-cmn/ '
}
}
}
stage('构建service-hosp镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-hosp:latest -f service/service-hosp/Dockerfile ./service/service-hosp/ '
}
}
}
stage('构建service-order镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-order:latest -f service/service-order/Dockerfile ./service/service-order/ '
}
}
}
stage('构建service-oss镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-oss:latest -f service/service-oss/Dockerfile ./service/service-oss/ '
}
}
}
stage('构建service-sms镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-sms:latest -f service/service-sms/Dockerfile ./service/service-sms/ '
}
}
}
stage('构建service-statistics镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-statistics:latest -f service/service-statistics/Dockerfile ./service/service-statistics/ '
}
}
}
stage('构建service-task镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-task:latest -f service/service-task/Dockerfile ./service/service-task/ '
}
}
}
stage('构建service-user镜像') {
agent none
steps {
container('maven') {
sh 'docker build -t service-user:latest -f service/service-user/Dockerfile ./service/service-user/ '
}
}
}
}
}
stage('推送镜像') {
parallel {
stage('推送hospital-manage镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag hospital-manage:latest $REGISTRY/$DOCKERHUB_NAMESPACE/hospital-manage:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/hospital-manage:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('推送server-gateway镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag server-gateway:latest $REGISTRY/$DOCKERHUB_NAMESPACE/server-gateway:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/server-gateway:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('推送service-cmn镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag service-cmn:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-cmn:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-cmn:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('推送service-hosp镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag service-hosp:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-hosp:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-hosp:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('推送service-order镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag service-order:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-order:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-order:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('推送service-oss镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag service-oss:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-oss:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-oss:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('推送service-sms镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag service-sms:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-sms:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-sms:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('推送service-statistics镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag service-statistics:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-statistics:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-statistics:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('推送service-task镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag service-task:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-task:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-task:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('推送service-user镜像') {
agent none
steps {
container('maven') {
withCredentials([usernamePassword(credentialsId : 'docker-hub' ,passwordVariable : 'DOCKERPWD' ,usernameVariable : 'DOCKERUSER' ,)]) {
sh 'echo $DOCKERPWD | docker login --username $DOCKERUSER --password-stdin'
sh 'docker tag service-user:latest $REGISTRY/$DOCKERHUB_NAMESPACE/service-user:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/service-user:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
}
}
stage('部署项目') {
parallel {
stage('deploy hospital-manage') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < hospital-manage/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
stage('deploy server-gateway') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < server-gateway/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
stage('deploy service-cmn') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < service/service-cmn/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
stage('deploy service-hosp') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < service/service-hosp/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
stage('deploy service-order') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < service/service-order/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
stage('deploy service-oss') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < service/service-oss/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
stage('deploy service-sms') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < service/service-sms/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
stage('deploy service-statistics') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < service/service-statistics/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
stage('deploy service-task') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < service/service-task/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
stage('deploy service-user') {
agent none
steps {
container('maven') {
withCredentials([kubeconfigFile(credentialsId: env.KUBECONFIG_CREDENTIAL_ID,variable: 'KUBECONFIG')]) {
sh 'envsubst < service/service-user/deploy/deploy.yml | kubectl apply -f -'
}
}
}
}
}
}
stage('deploy to production') {
agent none
steps {
mail(to: '[email protected]', subject: '部署成功', body: 'KubeSphere项目部署完成')
}
}
}
environment {
DOCKER_CREDENTIAL_ID = 'dockerhub-id'
GITHUB_CREDENTIAL_ID = 'github-id'
KUBECONFIG_CREDENTIAL_ID = 'demo-kubeconfig'
REGISTRY = 'docker.io'
DOCKERHUB_NAMESPACE = 'jeffyshaw'
GITHUB_ACCOUNT = 'kubesphere'
APP_NAME = 'devops-java-sample'
}
parameters {
string(name: 'TAG_NAME', defaultValue: '', description: '')
}
}
1.2、Dockerfile
FROM openjdk:8-jdk
LABEL maintainer=leifengyang
#启动自行加载 服务名-prod.yml配置
ENV PARAMS="--server.port=8080 --spring.profiles.active=prod --spring.cloud.nacos.server-addr=his-nacos.his:8848 --spring.cloud.nacos.config.file-extension=yml"
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone
COPY target/*.jar /app.jar
EXPOSE 8080
#
ENTRYPOINT ["/bin/sh","-c","java -Dfile.encoding=utf8 -Djava.security.egd=file:/dev/./urandom -jar /app.jar ${PARAMS}"]
1.3、deploy.yml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: service-cmn
name: service-cmn
namespace: his #一定要写名称空间
spec:
progressDeadlineSeconds: 600
replicas: 1
selector:
matchLabels:
app: service-cmn
strategy:
rollingUpdate:
maxSurge: 50%
maxUnavailable: 50%
type: RollingUpdate
template:
metadata:
labels:
app: service-cmn
spec:
imagePullSecrets:
- name: docker-hub #提前在项目下配置访问阿里云的账号密码
containers:
- image: $REGISTRY/$DOCKERHUB_NAMESPACE/service-cmn:SNAPSHOT-$BUILD_NUMBER
# readinessProbe:
# httpGet:
# path: /actuator/health
# port: 8080
# timeoutSeconds: 10
# failureThreshold: 30
# periodSeconds: 5
imagePullPolicy: Always
name: app
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
cpu: 300m
memory: 600Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
terminationGracePeriodSeconds: 30
---
apiVersion: v1
kind: Service
metadata:
labels:
app: service-cmn
name: service-cmn
namespace: his
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: service-cmn
sessionAffinity: None
type: ClusterIP
1.4、配置docker密钥
在项目(工作台-密钥-镜像)配置好镜像仓库的密钥
需要创建凭证
部署
stage('deploy to dev') {
steps {
container ('maven') {
withCredentials([
kubeconfigFile(
credentialsId: env.KUBECONFIG_CREDENTIAL_ID,
variable: 'KUBECONFIG')
]) {
sh 'envsubst < deploy/all-in-one/devops-sample.yaml | kubectl apply -f -'
}
}
}
}
注意部署kubeconfigFile及env.KUBECONFIG_CREDENTIAL_ID
2、前端部署
- Dockerfile
FROM nginx
#将dist目录内容复制到nginx容器html内部
COPY dist /usr/share/nginx/html/
EXPOSE 80
- deploy.yml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: yygh-admin
name: yygh-admin
namespace: his #一定要写名称空间
spec:
progressDeadlineSeconds: 600
replicas: 1
selector:
matchLabels:
app: yygh-admin
strategy:
rollingUpdate:
maxSurge: 50%
maxUnavailable: 50%
type: RollingUpdate
template:
metadata:
labels:
app: yygh-admin
spec:
imagePullSecrets:
- name: aliyun-docker-hub #提前在项目下配置访问阿里云的账号密码
containers:
- image: $REGISTRY/$ALIYUNHUB_NAMESPACE/yygh-admin:SNAPSHOT-$BUILD_NUMBER
# readinessProbe:
# httpGet:
# path: /actuator/health
# port: 8080
# timeoutSeconds: 10
# failureThreshold: 30
# periodSeconds: 5
imagePullPolicy: Always
name: app
ports:
- containerPort: 80
protocol: TCP
resources:
limits:
cpu: 300m
memory: 600Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
terminationGracePeriodSeconds: 30
---
apiVersion: v1
kind: Service
metadata:
labels:
app: yygh-admin
name: yygh-admin
namespace: his
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
nodePort: 32248
selector:
app: yygh-admin
sessionAffinity: None
type: NodePort
- Jenkinsfile
pipeline {
agent {
node {
label 'nodejs'
}
}
stages {
stage('拉取代码') {
agent none
steps {
container('nodejs') {
git(url: 'https://gitee.com/leifengyang/yygh-admin.git', credentialsId: 'gitee-id', branch: 'master', changelog: true, poll: false)
sh 'ls -al'
}
}
}
stage('项目编译') {
agent none
steps {
container('nodejs') {
sh 'npm i node-sass --sass_binary_site=https://npm.taobao.org/mirrors/node-sass/'
sh 'npm install --registry=https://registry.npm.taobao.org'
sh 'npm run build'
sh 'ls'
}
}
}
stage('构建镜像') {
agent none
steps {
container('nodejs') {
sh 'ls'
sh 'docker build -t yygh-admin:latest -f Dockerfile .'
}
}
}
stage('推送镜像') {
agent none
steps {
container('nodejs') {
withCredentials([usernamePassword(credentialsId : 'aliyun-docker-registry' ,usernameVariable : 'DOCKER_USER_VAR' ,passwordVariable : 'DOCKER_PWD_VAR' ,)]) {
sh 'echo "$DOCKER_PWD_VAR" | docker login $REGISTRY -u "$DOCKER_USER_VAR" --password-stdin'
sh 'docker tag yygh-admin:latest $REGISTRY/$DOCKERHUB_NAMESPACE/yygh-admin:SNAPSHOT-$BUILD_NUMBER'
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/yygh-admin:SNAPSHOT-$BUILD_NUMBER'
}
}
}
}
stage('部署到dev环境') {
agent none
steps {
kubernetesDeploy(configs: 'deploy/**', enableConfigSubstitution: true, kubeconfigId: "$KUBECONFIG_CREDENTIAL_ID")
}
}
//1、配置全系统的邮件: 全系统的监控
//2、修改ks-jenkins的配置,里面的邮件; 流水线发邮件
stage('发送确认邮件') {
agent none
steps {
mail(to: '[email protected]', subject: 'yygh-admin构建结果', body: "构建成功了 $BUILD_NUMBER")
}
}
}
environment {
DOCKER_CREDENTIAL_ID = 'dockerhub-id'
GITHUB_CREDENTIAL_ID = 'github-id'
KUBECONFIG_CREDENTIAL_ID = 'demo-kubeconfig'
REGISTRY = 'registry.cn-hangzhou.aliyuncs.com'
DOCKERHUB_NAMESPACE = 'lfy_hello'
GITHUB_ACCOUNT = 'kubesphere'
APP_NAME = 'devops-java-sample'
ALIYUNHUB_NAMESPACE = 'lfy_hello'
}
}
评论区