kubernetes搭建gitlab的CICD

1、前期准备

harbor

https://192.168.2.2/harbor/

修改docker配置文件

[root@caoqinghua-1 ~]# cat /etc/docker/daemon.json
{
“insecure-registries” : [“192.168.2.2”]
}

gitlab及runner

http://192.168.0.229

k8s集群

[root@caoqinghua-1 ingress-nginx]# kubectl get node
NAME STATUS ROLES AGE VERSION
caoqinghua-1.novalocal Ready master 356d v1.18.5
caoqinghua-2.novalocal Ready <none> 356d v1.18.5
caoqinghua-3.novalocal Ready <none> 356d v1.18.5

2、开始搭建

2.1新建测试项目

在gitlab新建一个项目，为了简单测试，直接准备一个index.html页面。

内容为k8s测试nginx-html。

2.1编写配置文件

先编写dockerfile，创建一个nginx的基础环境，方便运行gitlab的测试项目。

 

# base image
FROM centos

# MAINTAINER
MAINTAINER admin@xiaohuait.com

# put nginx-1.21.1.tar.gz into /usr/local/src and unpack nginx
ADD nginx-1.21.1.tar.gz /usr/local/src

# running required command
RUN yum install epel-release -y
RUN yum update -y
RUN yum upgrade -y
RUN yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel
RUN yum install -y libxslt-devel -y gd gd-devel GeoIP GeoIP-devel pcre pcre-devel
RUN useradd -M -s /sbin/nologin nginx

# change dir to /usr/local/src/nginx-1.21.1
WORKDIR /usr/local/src/nginx-1.21.1

# execute command to compile nginx
RUN ./configure –user=nginx –group=nginx –prefix=/usr/local/nginx –with-file-aio –with-http_ssl_module –with-http_realip_module –with-http_addition_module –with-http_xslt_module –with-http_image_filter_module –with-http_geoip_module –with-http_sub_module –with-http_dav_module –with-http_flv_module –with-http_mp4_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_auth_request_module –with-http_random_index_module –with-http_secure_link_module –with-http_degradation_module –with-http_stub_status_module && make && make install

ENV PATH /usr/local/nginx/sbin:$PATH

EXPOSE 80

ENTRYPOINT [“nginx”]

CMD [“-g”,”daemon on;”]

然后下载nginx-1.21.1.tar.gz

wget https://nginx.org/download/nginx-1.21.1.tar.gz

执行镜像打包

docker build -t centos_nginx:v1 .

修改镜像标签，上传到harbor

docker tag centos_nginx:v1 192.168.2.2/test/centos_nginx:v1

docker push 192.168.2.2/test/centos_nginx:v1

查看harbor，

在gitlab项目中建立.gitlab-ci.yml

stages:
  - build
  - deploy
build_job:
  stage: build
  script:
    - tar zcvf nginx-html.tar.gz ./*
    - cp /dockerfile/nginx-html/dockerfile ./
    - docker build -t nginx-html:v$CI_PIPELINE_ID .
    - docker tag nginx-html:v$CI_PIPELINE_ID 192.168.2.2/test/nginx-html:v$CI_PIPELINE_ID
    - docker push 192.168.2.2/test/nginx-html:v$CI_PIPELINE_ID
    - docker rmi nginx-html:v$CI_PIPELINE_ID
    - docker rmi 192.168.2.2/test/nginx-html:v$CI_PIPELINE_ID
deploy_job:
  stage: deploy
  script:
    - ansible -i /root/k8s-master.host all -m shell -a "cp /kubernetes/nginx-html/nginx-html.demo /kubernetes/nginx-html/nginx-html.yaml"
    - ansible -i /root/k8s-master.host all -m shell -a "sed -i "s/version/$CI_PIPELINE_ID/" /kubernetes/nginx-html/nginx-html.yaml"
    - ansible -i /root/k8s-master.host all -m shell -a "kubectl apply -f /kubernetes/nginx-html/nginx-html.yaml"

编写项目dockerfile

# base image
FROM 192.168.2.2/test/centos_nginx:v1

# MAINTAINER
MAINTAINER admin@xiaohuait.com
RUN rm -rf /usr/local/nginx/html/*
ADD nginx-html.tar.gz /usr/local/nginx/html/

EXPOSE 80

ENTRYPOINT [“nginx”]

CMD [“-g”,”daemon on;”]

gitlab runner服务端安装ansible，配置/root/k8s-master.host

把kubernetes的master写入k8s-master.host

3、编写项目kubernetes的yaml文件

建立目录

/kubernetes/nginx-html

放置项目每次构建启动时，更新镜像文件。

[root@caoqinghua-1 nginx-html]# cat nginx-html.demo
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-html
labels:
name: nginx-html
spec:
replicas: 3
selector:
matchLabels:
name: nginx-html
template:
metadata:
labels:
name: nginx-html
spec:
containers:
– name: nginx-html
command: [“nginx”,”-g”,”daemon off;”]
image: 192.168.2.2/test/nginx-html:vversion
ports:
– containerPort: 80

编写项目的service文件

[root@caoqinghua-1 nginx-html]# cat nginx-html-service.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-html-service
labels:
name: nginx-html
spec:
ports:
# the port that this service should serve on
– port: 80
targetPort: 80
selector:
name: nginx-html

编写项目的ingress文件

[root@caoqinghua-1 nginx-html]# cat nginx-html-ingress.yaml
apiVersion: “networking.k8s.io/v1beta1”
kind: “Ingress”
metadata:
name: “nginx-html-ingress”
spec:
rules:
– host: “www.a.com”
http:
paths:
– path: “/”
pathType: “Prefix”
backend:
serviceName: “nginx-html-service”
servicePort: 80

通过命令手动创建service和ingress。

kubectl apply -f nginx-test-service.yaml

kubectl apply -f nginx-test-ingress.yaml

4、测试

配置本地host，192.168.0.41  www.a.com

ip通过kubectl get ingress查看。

通过更新gitlab的项目文件index.html内容测试流程是否正确。