使用gitlab自带的ci/cd实现.net6部署到k8s
第一步: 安装gitlab,这个自然不用多说
第二步: 使用docker容器安装gitlab-runner组件
新建一个docker-compose.yml文件,内容如下,在linux系统下使用 docker-compose up -d 命令跑起来就好(如果不会,可度娘搜索安装和使用)
version: "3.3" services: gitlab-runner: image: gitlab/gitlab-runner:latest # user: root container_name: gitlab-runner #总是重启后启动 restart: always privileged: true volumes: - ./config:/etc/gitlab-runner - /root/.docker:/var/gitlab_home/.docker - /usr/bin/docker:/usr/bin/docker - /var/run/docker.sock:/var/run/docker.sock - /etc/docker/certs.d/reg.frame4j.local/reg.frame4j.local.crt:/certs/reg.frame4j.local.crt - /etc/docker/daemon.json:/etc/docker/daemon.json networks: - gitlab_runner_net networks: gitlab_runner_net: driver: bridge
其中
- /etc/docker/certs.d/reg.frame4j.local/reg.frame4j.local.crt:/certs/reg.frame4j.local.crt 为挂载的私服harbor证书.
第三步: 安装完之后,需要将安装好的gitlab-runner注册到gitlab中去,这里我们就需要用到如下图中红色框框内的token令牌
温馨提示:从图1中进入图2中红色框框项勾选上,则可以即使提交代码时没有tag标签也可以支持构建
四、添加gitlab-runner账号授权
1、添加一个 gitlab-runner 用户(一般这个用户是不存在的)
sudo adduser gitlab-runner
2、将gitlab-runner用户添加到docker组内
sudo gpasswd -a gitlab-runner docker
3、查看docker组中是否已经成功(如果出现:docker:x:973:root,gitlab-runner则成功)
cat /etc/group |grep docker
4、重启docker容器服务
sudo systemctl restart docker
5、给docker.sock设置权限
sudo chmod a+rw /var/run/docker.sock
五、创建文件名为 .gitlab-ci.yml 的文件
在项目根目录下创建文件名为 .gitlab-ci.yml 的文件,此文件是用来构建打包部署的
stages: - build - deploy build: stage: build script: - cd ./ - docker build -f "./Dockerfile" -t reg.frame4j.local/nslxh/hsapi-gitlabcicd:latest --label "com.microsoft.created-by=lxh" --label "com.microsoft.visual-studio.project-name=HansWebApi" "./" - docker login -uadmin -pDz666666 reg.frame4j.local - docker push reg.frame4j.local/nslxh/hsapi-gitlabcicd:latest - docker rmi reg.frame4j.local/nslxh/hsapi-gitlabcicd:latest - docker image prune -f only: - master deploy: stage: deploy script: - cd ./ - pwd - ls - whoami - scp ./deployment.yml root@192.168.9.100:/root/ - ssh root@192.168.9.100 'kubectl apply -f /root/deployment.yml' - ssh root@192.168.9.100 'kubectl rollout restart deployment erapi' - ssh root@192.168.9.100 'kubectl rollout restart deployment erapi2' - ssh root@192.168.9.100 'kubectl rollout restart deployment erapi3' only: - master
deployment.yml文件内容如下:
# 第一个k3cloud账号部署webapi apiVersion: apps/v1 kind: Deployment metadata: name: erapi labels: app: erapi spec: # 配置rs,初始副本数 replicas: 1 strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 maxSurge: 1 selector: matchLabels: app: erapi ## 配置是POD模板 template: metadata: labels: app: erapi env: erapi-test spec: containers: - name: erapi-container volumeMounts: - name: harbor-certs mountPath: /etc/harbor-certs #harbor自定义证书在k8s中的挂载 readOnly: true imagePullPolicy: Always # image: registry.cn-hangzhou.aliyuncs.com/nslxh/hsapi-bl:latest # image: reg.frame4j.local/nslxh/hsapi-bl:latest image: reg.frame4j.local/nslxh/hsapi-gitlabcicd:latest # 容器资源限制 resources: limits: cpu: "1" memory: "1Gi" requests: cpu: "0.5" memory: "512Mi" ports: - name: erapi-port # 必须和dockerfile中暴露端口一致 containerPort: 80 imagePullSecrets: # harbor登录在k8s中的生成的secret: kubectl create secret docker-registry harborusrpwd --docker-server=reg.frame4j.local --docker-username=admin --docker-password=Dz666666 --docker-email=haikuang@126.com - name: harborusrpwd volumes: - name: harbor-certs secret: # harbor自定义证书在k8s中的挂载: kubectl create secret generic harborkey --from-file=/usr/local/share/ca-certificates/reg.frame4j.local.crt # ,其中reg.frame4j.local.crt 为harbor生成的自定义证书 secretName: harborkey --- apiVersion: v1 kind: Service metadata: name: erapi spec: type: NodePort ports: - port: 80 targetPort: 80 nodePort: 30301 selector: app: erapi --- apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: erapi-hpa spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: erapi minReplicas: 1 maxReplicas: 4 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 80 # 第一个k3cloud账号部署 ingress负载均衡器 --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: erapi-ingress spec: rules: - host: k8s.com http: paths: - path: / pathType: Prefix backend: service: name: erapi port: number: 80 # 第二个个k3cloud账号部署webapi --- apiVersion: apps/v1 kind: Deployment metadata: name: erapi2 labels: app: erapi2 spec: # 配置rs,初始副本数 replicas: 1 strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 maxSurge: 1 selector: matchLabels: app: erapi2 ## 配置是POD模板 template: metadata: labels: app: erapi2 env: erapi2-test spec: containers: - name: erapi2-container volumeMounts: - name: harbor-certs mountPath: /etc/harbor-certs #harbor自定义证书在k8s中的挂载 readOnly: true imagePullPolicy: Always # image: registry.cn-hangzhou.aliyuncs.com/nslxh/hsapi-bl:latest # image: reg.frame4j.local/nslxh/hsapi-bl:latest image: reg.frame4j.local/nslxh/hsapi-gitlabcicd:latest # 容器资源限制 resources: limits: cpu: "1" memory: "1Gi" requests: cpu: "0.5" memory: "512Mi" ports: - name: hsapi2-port # 必须和dockerfile中暴露端口一致 containerPort: 80 imagePullSecrets: # harbor登录在k8s中的生成的secret: kubectl create secret docker-registry harborusrpwd --docker-server=reg.frame4j.local --docker-username=admin --docker-password=Dz666666 --docker-email=haikuang@126.com - name: harborusrpwd volumes: - name: harbor-certs secret: # harbor自定义证书在k8s中的挂载: kubectl create secret generic harborkey --from-file=/usr/local/share/ca-certificates/reg.frame4j.local.crt
使用gitlab自带的ci/cd实现.net6部署到k8s
第一步: 安装gitlab,这个自然不用多说第二步: 使用docker容器安装gitlab-runner组件新建一个docker-compose.yml文件,内容如下,在linux系...
点击下载文档文档为doc格式
声明:除非特别标注,否则均为本站原创文章,转载时请以链接形式注明文章出处。如若本站内容侵犯了原著者的合法权益,可联系本站删除。
上一篇
已经是第一篇
