# Inc应用基于jenkins的CI/CD说明
# 背景
jenkins + rancher,可以实现从git拉取相关分支的代码,然后做持续集成(CI)和持续部署(CD)。开发者只需要关注代码的开发,提交代码之后,可自动完成代码的部署。
# 依赖
- 已完成jenkins + rancher的搭建,以及打通两者间的访问权限
- 配置Global Pipeline Libraries,使用https://git.code.tencent.com/panlifu/jenkinsLib.git (opens new window)
# jenkins相关配置
其中COS的配置为公有读私有写,用来存储静态资源。
# 环境变量(不同client,配置不同的环境变量)
- COS_BUCKET:cos桶配置
- COS_REGION:cos地域配置
# 凭据配置(不同client,配置不同的环境变量;使用secret text)
- COS_SECRETID: cos秘钥ID配置
- COS_SECRETKEY:cos秘钥key配置
- DOCKER_USER:docker仓库用户名
- DOCKER_PWD:docker密码密码
此外,还需要创建一个“Username with password”的工蜂 (opens new window)凭据,将在Job的Pipeline Script中用到
# 创建job
# 构建参数配置
- deployment: 部署环境 (dev/test/uat/prd)
# 编写Pipeline Script
#!groovy
@Library('jenkinsLib@inc_dev') _
//func from sharelibrary
def tools = new org.devops.tools()
def Inc = new org.devops.inc()
def config=[
"jihe-dev": [
"env": "dev", // 部署的环境
"branch": "master", // 所在的代码分支
"tkens": "jihe-dev", // 服务部署在TKE上的命名空间
"replicas": "1" // pod实例数
],
"jihe-prd": [
"env": "prd",
"branch": "master",
"tkens": "jihe-prd",
"replicas": "2"
],
]
env.GIT_BRANCH=config[deployment].branch
env.KUBECONFIG=deployment
pipeline{
agent any
stages{
stage("all"){
steps{
checkout scm: [$class: 'GitSCM', userRemoteConfigs: [[url: 'https://git.code.tencent.com/incubator/incubator-center.git', credentialsId: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx']], branches: [[name: "${config[deployment].branch}"]]],poll: false
script{
tools.PrintMes("ALL","green")
// BuildAndDeploy(项目名, 服务名[inc-center], docker命名空间, 部署环境, TKE命名空间, 服务端口[8080], pod实例数)
Inc.BuildAndDeploy("project", "inc-center","jl-dev","${config[deployment].env}", "${config[deployment].tkens}", "8080", "${config[deployment].replicas}")
}
}
}
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# 服务自动部署TKE
jenkins构建过程中,步骤
- 构建docker镜像,并push到docker仓库
- 读取项目目录中的
deployment.yaml
文件,通过kubectl apply
部署服务 - 读取项目目录中的
svc.yaml
文件,通过kubectl apply
生成服务发现(NodePort类型)
# 使用
配置完成后,即可在jenkins的job中,执行“Build with Parameters”,Build完成之后会自动部署服务
# 附录
# Center的deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
generation: 1
labels:
cattle.io/creator: norman
workload.user.cattle.io/workloadselector: deployment-ns-service_name
name: service_name
namespace: ns
spec:
replicas: {replicas}
selector:
matchLabels:
workload.user.cattle.io/workloadselector: deployment-ns-service_name
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
workload.user.cattle.io/workloadselector: deployment-ns-service_name
spec:
containers:
- env:
- name: INC_PLATFORM_CONFIG
valueFrom:
configMapKeyRef:
key: INC_PLATFORM_CONFIG
name: service_name
optional: false
image: imageTest
imagePullPolicy: Always
name: service_name
resources:
limits:
cpu: "4"
memory: 8Gi
requests:
cpu: "2"
memory: 4Gi
imagePullSecrets:
- name: tencent-warehouse-secret
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# Center的svc.yaml
apiVersion: v1
kind: Service
metadata:
name: service_name-svc
namespace: ns
spec:
ports:
- name: inc-http
port: service_port
protocol: TCP
targetPort: service_port
selector:
workload.user.cattle.io/workloadselector: deployment-ns-service_name
type: NodePort
1
2
3
4
5
6
7
8
9
10
11
12
13
14
2
3
4
5
6
7
8
9
10
11
12
13
14