jenkins流水线k8s-node前端pod

Zach 字数: 6643 阅读耗时: 16 分钟 2023/08/09 博客独享热度: 12 评论: 0

jenkins流水线k8s-node前端pod

1 启动nginx

/ 项目 --please change
def front_nginx_svc = "demo-jbb-nginx-front"

// 认证 --no change
def git_auth = "bb351430-152c-4adb-9c44-6ce9d87df1b8"
def pull_secret = "registry-pull-secret"
def front_nginx_svcname = "${front_nginx_svc}.demo"

podTemplate(label: 'jnlp-slave', cloud: 'kubernetes', containers: [
  containerTemplate(
    name: 'jnlp', 
    image: 'h.zlr.cn/ops/jenkins-slave:v3', 
    alwaysPullImage: true 
  ),
  ],
  volumes: [
    hostPathVolume(mountPath: '/var/run/docker.sock', hostPath: '/var/run/docker.sock'),
    hostPathVolume(mountPath: '/usr/bin/docker', hostPath: '/usr/bin/docker'),
    hostPathVolume(mountPath: '/etc/hosts', hostPath: '/etc/hosts'),
  ],
  imagePullSecrets: ["${pull_secret}"],
  ) 
{
  node("jnlp-slave"){
      stage('添加配置文件'){
            sh '''
cat > nginx.conf <<"EOF"
user  root;
worker_processes  auto;
error_log  logs/error.log;

events {
    use epoll;
    worker_connections  20480;
}

http {
    include       mime.types;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    default_type  application/octet-stream;

    log_format  main  '[$time_local] $remote_addr "$http_x_forwarded_for" $remote_port $remote_user '
                      '$host $upstream_addr $upstream_status $upstream_response_time $upstream_cache_status '
                      '"$request" $status $request_time $body_bytes_sent "$http_referer" "$http_user_agent" ';

    access_log  logs/access.log;

    types_hash_max_size 2048;

    fastcgi_connect_timeout 1200;
    fastcgi_send_timeout 1200;
    fastcgi_read_timeout 1200;
    fastcgi_buffer_size 128k;
    fastcgi_buffers 4 128k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;

    client_body_timeout 120s;
    client_header_timeout 120s;
    send_timeout 120s;

    server_names_hash_bucket_size 256;
    client_max_body_size     100m;
    client_header_buffer_size 356k;
    large_client_header_buffers 4 256k;
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;

    proxy_http_version 1.1;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_connect_timeout 3600;
    proxy_send_timeout 3600;
    proxy_read_timeout 7200;
    proxy_buffer_size 256k;
    proxy_buffers 4 256k;
    proxy_busy_buffers_size 256k;
    proxy_temp_file_write_size 256k;
    proxy_max_temp_file_size 8m;
    proxy_headers_hash_bucket_size 128;
    proxy_headers_hash_max_size 1024;

    keepalive_timeout   150s;
    server_tokens off;

    gzip on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_types       text/plain application/x-javascript text/css application/xml;
    gzip_vary on;

server {
    listen 80;
    server_name _;
    index index.html;
    root html;

    location ~ ^/$ {
        rewrite ^/$ /cloud-guarantee-front;
    }

    location /metadata {
        proxy_pass http://demo-jbb-zds-party:8082;
    }

    location /obs {
        proxy_pass http://demo-jbb-zds-party:8082;
    }

    location /common {
        proxy_pass http://demo-jbb-zds-party:8082;
    }

    location /party {
        proxy_pass http://demo-jbb-zds-party:8082;
    }

    location /files {
        proxy_pass http://demo-jbb-component-files:8080;
    }

    location /guarantee {
        proxy_pass http://demo-jbb-guarantee-backstage:8083;
    }

    access_log logs/ydbdemo.shuyixin.cn.access.log main;
    error_log logs/ydbdemo.shuyixin.cn.error.log debug;
    }
}
EOF
          '''
      }
      stage('npm 构建打包'){
            sh """
          scp nginx.conf ${front_nginx_svcname}:/opt/nginx/nginx.conf
          ssh ${front_nginx_svcname} "/opt/nginx/sbin/nginx -s reload" 
          """
      }
    }
}

2 拉取代码

// 项目 --please change
def k8s_namespace = "demo"
def app_project = "jbb"
def app_name = "nginx-front" //与git里面对应

//      --no change
def dep_name = "${k8s_namespace}-${app_project}-${app_name}"
def image_name = "h.zlr.cn/ops/base-nginx:v4"

// 认证 --no change
def pull_secret = "registry-pull-secret"
def k8s_auth = "ebbd6f98-b993-490a-94fb-9e81bfe0d8f3"


podTemplate(label: 'jnlp-slave', cloud: 'kubernetes', containers: [
  containerTemplate(
    name: 'jnlp', 
    image: 'h.zlr.cn/ops/jenkins-slave:v1', 
    alwaysPullImage: true 
  ),
  ],
  volumes: [
    hostPathVolume(mountPath: '/var/run/docker.sock', hostPath: '/var/run/docker.sock'),
    hostPathVolume(mountPath: '/usr/bin/docker', hostPath: '/usr/bin/docker'),
    hostPathVolume(mountPath: '/etc/hosts', hostPath: '/etc/hosts'),
  ],
  imagePullSecrets: ["${pull_secret}"],
  ) 
{
  node("jnlp-slave"){

      stage('生成k8s yaml文件'){
            sh """cat > deploy.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ${dep_name}
  namespace: ${k8s_namespace}
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ${dep_name}
  template:
    metadata:
      labels:
        app: ${dep_name}
    spec:
      containers:
      - name: ${dep_name}
        image: ${image_name}
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80
        resources:
          limits:
            cpu: "1"
            memory: 512Mi
          requests:
            cpu: "0.5"
            memory: 256Mi
      imagePullSecrets:
      - name: ${pull_secret}
---
apiVersion: v1
kind: Service
metadata:
  name: ${dep_name}
  namespace: ${k8s_namespace}
spec:
  type: NodePort
  ports:
  - name: http
    port: 80
    targetPort: 80
    protocol: TCP
  - name: ssh
    port: 22
    targetPort: 22
    protocol: TCP
  selector:
    app: ${dep_name}
EOF
          """
      }     

      stage('部署到k8s容器云'){
          kubernetesDeploy configs: 'deploy.yaml', kubeConfig: [path: ''], kubeconfigId: "${k8s_auth}", secretName: '', ssh: [sshCredentialsId: '*', sshServer: ''], textCredentials: [certificateAuthorityData: '', clientCertificateData: '', clientKeyData: '', serverUrl: 'https://']
      }
    }
}