6 运行 java 类服务-jenkins
完整项目地址:https://github.com/As9530272755/k8sOfJenkins
一般这类服务都是通过 java-jar 直接起来,但是开发一般会写一个 start.sh 的脚本,这个脚本中就会自带 java-jar 然后通过参数将服务跑起来
基于 java 命令,运行 java war 包或 jar 包,本次以 Jenkins.war 包部署为例,且要求 Jenkins 的数据保存至外部存储上(NFS 或者 pvc),其他的 java 应用看实际需求是否需要将数据保存至外部存储
6.1 下载 JDK 镜像
# 下载 jdk
[11:30:43 root@k8s-master dockerfile]#docker pull elevy/slim_java:8
[11:30:59 root@k8s-master dockerfile]#docker tag elevy/slim_java:8 hub.zhangguiyuan.com/baseimage/elevy/slim_java:8
[11:31:03 root@k8s-master dockerfile]#docker push hub.zhangguiyuan.com/baseimage/elevy/slim_java:8
6.2 构建镜像
6.2.1 构建基础镜像
如果我们要安装别的 filebeat-7.6.2-x86_64.rpm 版本就去官网下载即可
https://www.elastic.co/cn/downloads/beats/filebeat
1.下载 filebeat-7.6.2-x86_64.rpm
[11:19:41 root@master centos]#wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.6.2-x86_64.rpm
2.编写 dockerfile 文件
[11:06:31 root@master centos]#vim Dockerfile
#自定义Centos 基础镜像
FROM centos:7.8.2003
MAINTAINER zhang.g.y
# 用于做日志收集使用,拷贝到 tmp 目录
ADD filebeat-7.6.2-x86_64.rpm /tmp
# 安装依赖
RUN yum install -y /tmp/filebeat-7.6.2-x86_64.rpm vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop && rm -rf /etc/localtime /tmp/filebeat-7.6.2-x86_64.rpm && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && useradd www -u 2020 && useradd nginx -u 2021
3.编写构建脚本
[11:24:21 root@master centos]#vim build-command.sh
#!/bin/bash
# 构建镜像
docker build -t hub.zhangguiyuan.com/baseimage/centos-base:7.8.2003 .
# 推送镜像
docker push hub.zhangguiyuan.com/baseimage/centos-base:7.8.2003
4.执行构建脚本
[11:21:26 root@master centos]#bash build-command.sh
6.2.2 构建 JDK 镜像
jdk-8u212-linux-x64.tar.gz下载地址:https://www.oracle.com/java/technologies/javase/javase8u211-later-archive-downloads.html
1.编写 dockerfile
[16:31:22 root@master jdk-1.8.212]#vim Dockerfile
#JDK Base Image 还是基于gangcaide base 镜像
FROM hub.zhangguiyuan.com/baseimage/centos-base:7.8.2003
MAINTAINER zhangguiyuan
ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/
RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk
ADD profile /etc/profile
# 配置环境变量
ENV JAVA_HOME /usr/local/jdk
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/
ENV PATH $PATH:$JAVA_HOME/bin
2.编写构建脚本
[16:34:13 root@master jdk-1.8.212]#vim build-command.sh
#!/bin/bash
docker build -t hub.zhangguiyuan.com/baseimage/jdk-base:v8.212 .
sleep 1
docker push hub.zhangguiyuan.com/baseimage/jdk-base:v8.212
3.配置文件
[16:34:58 root@master jdk-1.8.212]#vim profile
# /etc/profile
# System wide environment and startup programs, for login setup
# Functions and aliases go in /etc/bashrc
# It's NOT a good idea to change this file unless you know what you
# are doing. It's much better to create a custom.sh shell script in
# /etc/profile.d/ to make custom changes to your environment, as this
# will prevent the need for merging in future updates.
pathmunge () {
case ":${PATH}:" in
*:"$1":*)
;;
*)
if [ "$2" = "after" ] ; then
PATH=$PATH:$1
else
PATH=$1:$PATH
fi
esac
}
if [ -x /usr/bin/id ]; then
if [ -z "$EUID" ]; then
# ksh workaround
EUID=`/usr/bin/id -u`
UID=`/usr/bin/id -ru`
fi
USER="`/usr/bin/id -un`"
LOGNAME=$USER
MAIL="/var/spool/mail/$USER"
fi
# Path manipulation
if [ "$EUID" = "0" ]; then
pathmunge /usr/sbin
pathmunge /usr/local/sbin
else
pathmunge /usr/local/sbin after
pathmunge /usr/sbin after
fi
HOSTNAME=`/usr/bin/hostname 2>/dev/null`
HISTSIZE=1000
if [ "$HISTCONTROL" = "ignorespace" ] ; then
export HISTCONTROL=ignoreboth
else
export HISTCONTROL=ignoredups
fi
export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE HISTCONTROL
# By default, we want umask to get set. This sets it for login shell
# Current threshold for system reserved uid/gids is 200
# You could check uidgid reservation validity in
# /usr/share/doc/setup-*/uidgid file
if [ $UID -gt 199 ] && [ "`/usr/bin/id -gn`" = "`/usr/bin/id -un`" ]; then
umask 002
else
umask 022
fi
for i in /etc/profile.d/*.sh /etc/profile.d/sh.local ; do
if [ -r "$i" ]; then
if [ "${-#*i}" != "$-" ]; then
. "$i"
else
. "$i" >/dev/null
fi
fi
done
unset i
unset -f pathmunge
export LANG=en_US.UTF-8
export HISTTIMEFORMAT="%F %T `whoami` "
export JAVA_HOME=/usr/local/jdk
export TOMCAT_HOME=/apps/tomcat
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$TOMCAT_HOME/bin:$PATH
export CLASSPATH=.$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar
4.执行构建镜像脚本
[16:37:08 root@master jdk-1.8.212]#bash build-command.sh
5.验证镜像
[16:55:26 root@master jdk-1.8.212]#docker run -it --rm hub.zhangguiyuan.com/baseimage/jdk-base:v8.212 /bin/bash
[root@b20e83d131d7 /]# java -version
java version "1.8.0_212"
Java(TM) SE Runtime Environment (build 1.8.0_212-b10)
Java HotSpot(TM) 64-Bit Server VM (build 25.212-b10, mixed mode)
6.2.3 构建 Jenkins 镜像
通过 Jenkins 官方现在镜像:https://www.jenkins.io/download/
1.下载 war 包
[11:27:28 root@k8s-master dockerfile]#wget https://updates.jenkins.io/download/war/2.190.1/jenkins.war
2.编写启动脚本
[11:28:49 root@k8s-master dockerfile]#vim run_jenkins.sh
#!/bin/bash
cd /apps/jenkins && java -server -Xms1024m -Xmx1024m -Xss512k -jar jenkins-2.190.1.war --webroot=/apps/jenkins/jenkins-data --httpPort=808
# 后期我们需要通过参数来进行配置的话直接在脚本中添加对应的参数即可
# -server -Xms1024m -Xmx1024m -Xss512k 直接传递启动参数
# -jar jenkins-2.190.1.war 指定需要启动的 war 包
3.编写 dockerfile
[11:29:13 root@k8s-master dockerfile]#vim Dockerfile
#Jenkins Version 2.190.1
FROM hub.zhangguiyuan.com/baseimage/jdk-base:v8.212
MAINTAINER zhanggy
ADD jenkins-2.190.1.war /apps/jenkins/
ADD run_jenkins.sh /usr/bin/
EXPOSE 8080
CMD ["/usr/bin/run_jenkins.sh"]
4.编写构建脚本
[11:31:28 root@k8s-master dockerfile]#vim build-command.sh
#!/bin/bash
docker build -t hub.zhangguiyuan.com/baseimage/jenkins:v2.190.1 .
echo "镜像制作完成,即将上传至Harbor服务器"
sleep 1
docker push hub.zhangguiyuan.com/baseimage/jenkins:v2.190.1
echo "镜像上传完成"
5.给当前所有脚本添加执行权限
[11:33:08 root@k8s-master dockerfile]#chmod +x *.sh
6.执行脚本
[11:32:16 root@k8s-master dockerfile]#bash build-command.sh
6.3 验证容器
通过启动容器我们可以看到可以直接加载了
[11:44:51 root@k8s-master dockerfile]#docker run -it --rm hub.zhangguiyuan.com/baseimage/jenkins:v2.190.1
Running from: /apps/jenkins/jenkins-2.190.1.war
2021-10-21 03:44:55.655+0000 [id=1] INFO org.eclipse.jetty.util.log.Log#initialized: Logging initialized @690ms to org.eclipse.jetty.util.log.JavaUtilLog
2021-10-21 03:44:55.784+0000 [id=1] INFO winstone.Logger#logInternal: Beginning extraction from war file
....
6.4 创建 NS
1.编写 yaml
[11:51:41 root@k8s-master yaml]#vim jenkins-ns.yaml
apiVersion: v1
kind: Namespace
metadata:
name: jenkins
2.创建
[11:52:45 root@k8s-master yaml]#kubectl apply -f jenkins-ns.yaml
6.5 创建 pv
1.先到 NFS 服务上创建 jenkins 挂载目录
# 该目录用于存储 Jenkins 的数据
[11:54:27 root@harbor-nfs ~]#mkdir -p /data/k8sdata/jenkins/jenkins-data
# 该目录用于存储 Jenkins 的配置文件
[12:41:01 root@harbor-nfs ~]#mkdir -p /data/k8sdata/jenkins/jenkins-root-data
2.编写yaml
[11:51:06 root@k8s-master yaml]#cat pv/jenkins-persistentvolume.yaml
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-datadir-pv
namespace: jenkins
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
nfs:
server: 10.0.0.133
path: /data/k8sdata/jenkins/jenkins-data
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-root-datadir-pv
namespace: jenkins
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
nfs:
server: 10.0.0.133
path: /data/k8sdata/jenkins/jenkins-root-data
3.创建 pv
[12:39:26 root@k8s-master yaml]#kubectl apply -f jenkins-persistentvolume.yaml
6.6 创建 pvc
1.编写 yaml 文件
[12:39:54 root@k8s-master yaml]#vim jenkins-persistentvolumeclaim.yaml
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-datadir-pvc
namespace: jenkins
spec:
volumeName: jenkins-datadir-pv
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 80Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-root-data-pvc
namespace: jenkins
spec:
volumeName: jenkins-root-datadir-pv
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 80Gi
2.创建
[12:43:12 root@k8s-master yaml]#kubectl apply -f jenkins-persistentvolumeclaim.yaml
6.7 创建 deployment 和 svc
1.编写 yaml
[12:45:08 root@k8s-master yaml]#vim jenkins.yaml
kind: Deployment
#apiVersion: extensions/v1beta1
apiVersion: apps/v1
metadata:
labels:
app: jenkins-jenkins
name: jenkins-jenkins-deployment
namespace: jenkins
spec:
replicas: 1
selector:
matchLabels:
app: jenkins-jenkins
template:
metadata:
labels:
app: jenkins-jenkins
spec:
containers:
- name: jenkins-jenkins-container
image: hub.zhangguiyuan.com/baseimage/jenkins:v2.190.1
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- containerPort: 8080
protocol: TCP
name: http
volumeMounts:
- name: jenkins-datadir-jenkins
mountPath: "/apps/jenkins/jenkins-data/"
- name: jenkins-root-datadir
mountPath: "/root/.jenkins"
volumes:
- name: jenkins-datadir-jenkins
persistentVolumeClaim:
claimName: jenkins-datadir-pvc
- name: jenkins-root-datadir
persistentVolumeClaim:
claimName: jenkins-root-data-pvc
---
kind: Service
apiVersion: v1
metadata:
labels:
app: jenkins-jenkins
name: jenkins-jenkins-service
namespace: jenkins
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
nodePort: 38080
selector:
app: jenkins-jenkins
2.创建
[12:45:11 root@k8s-master yaml]#kubectl apply -f jenkins.yaml
3.创建成功
[12:48:04 root@k8s-master yaml]#kubectl get pod -n jenkins -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
jenkins-jenkins-deployment-6fb86f9d65-hm5dn 1/1 Running 0 2m25s 10.10.235.194 k8s-master <none> <none>
6.8 验证 pod
pod 已经被调度到了 master 节点上,通过浏览器访问,并且暴露了 38080 端口
http://10.0.0.131:38080
1.登录
# 到 nfs 服务器上挂载 root 目录找到 initialAdminPassword 文件
[13:19:37 root@harbor-nfs secrets]#pwd
/data/k8sdata/jenkins/jenkins-root-data/secrets
[13:19:34 root@harbor-nfs secrets]#cat initialAdminPassword
7e3476de71ff491a8dba9e36e4a72d3b
2.安装推荐插件
3.初始化
以上就是 Jenkins 通过 K8S 部署