An overview of the
DevOps is a set of practices and tools that automate processes between IT and software development teams. As agile software development becomes more and more popular, continuous integration (CI) and continuous delivery (CD) have become an ideal solution in this field. In the CI/CD workflow, each integration is verified through automated builds, including coding, publishing, and testing, which helps developers find integration errors ahead of time and allows teams to quickly, safely, and reliably deliver in-house software to production. However, the traditional Jenkins master-agent architecture (that is, multiple agents work for a Master) has the following deficiencies.Copy the code
If Master goes down, the entire CI/CD pipeline will collapse. Resource allocation is unbalanced. Pipelined jobs of some agents are queued, while other agents are idle. Different Agents may have different configuration environments and use different coding languages. This difference may cause inconvenience for management and maintenance.
Understand KubeSphere conversation
The KubeSphere DevOps project supports source code management tools such as GitHub, Git, and SVN. Users can build CI/CD pipelines from graphical editing panels (Jenkinsfile out of SCM) or create jenkinsfile-based pipelines from code repositories (Jenkinsfile in SCM).
KubeSphere CI/CD pipelined workflow
The KubeSphere CI/CD pipeline is based on the underlying Kubernetes Jenkins Agent. These Jenkins Agents can be dynamically expanded or shrunk, that is, dynamically supplied or released according to the task status. Jenkins Master and Agent run on KubeSphere node in the form of Pod. The Master runs on one of the nodes, and its configuration data is stored in a Volume. Agents run on each node, but may not be running all the time. Instead, they are dynamically created and automatically deleted based on requirements.
When the Jenkins Master receives the build request, it will dynamically create the Jenkins Agent running in Pod according to the tag and register it with the Master. When the Agent completes the task, it will be released and the related Pod will be deleted.
Dynamic supply of Jenkins Agent
Dynamic provisioning Jenkins Agent has the following advantages: Reasonable resource allocation: KubeSphere dynamically allocates created agents to idle nodes to avoid task queuing due to high resource utilization of a single node. High scalability: You can add nodes to the KubeSphere cluster when tasks are queued for a long time due to insufficient resources. High availability: When Jenkins Master fails, KubeSphere will automatically create a new Jenkins Master container and mount the storage volume to the newly created container to ensure that data will not be lost, thus achieving high availability of the cluster.
Enterprise development
To enable the conversation
- Log in to the console as admin, click Platform Management in the upper left corner, and select Cluster Management.
2. Click on theCustomize resource CRD, enter ClusterConfiguration in the search box, and click the search result to view its details.In 3.The resource listTo the right of ks-Installer, the choice ofEditing a Configuration File.4. In the YAML file, search for devops and change the enabled false value to true. When you’re done, click on the one in the lower right cornerupdate, save the configuration5. Run the following command to view installation logs
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f
Copy the code
6. If this page is displayed, the installation is successful
Integrated SonarQube
1. Install the Helm so that you can use the tool to install SonarQube later. For example, run the following command to install Helm 3:
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
Copy the code
2. Install sonarqube server
helm upgrade --install sonarqube sonarqube --repo https://charts.kubesphere.io/main -n kubesphere-devops-system --create-namespace --set service.type=NodePort
Copy the code
3. Run the following command to obtain the address of the Sonarqube server
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services sonarqube-sonarqube)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
Copy the code
4. Check the SonarQube Pod status. After all SonarQube pods are installed and run successfully, log in to the SonarQube server using the admin and admin password. Click MyAccount-> Security ->generate generate token copy and keep 6. Obtain Jenkins’ SonarQube Webhook address
export NODE_PORT=$(kubectl get --namespace kubesphere-devops-system -o jsonpath="{.spec.ports[0].nodePort}" services ks-jenkins)
export NODE_IP=$(kubectl get nodes --namespace kubesphere-devops-system -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT/sonarqube-webhook/
Copy the code
7. Click in sequenceAdministration,Configuration 和 WebhooksCreate a Webhook.8. Add the SonarQube configuration to the KS-Installer (see the SonarQube configuration captured in Step 4) 9. Log in to Jenkins with the same account and password as kubesphere (remove the suffix from Step 6 to obtain the address) 10. Choose System Administration > System Configuration > Find the SonarQube Servers column and add the credentials. Enter secret and enter the token generated in Step 5. Select Secret Text and ID to customize. Then fill in sonarqube service information 11. Add sonarqubeURL to the KubeSphere console to jump directly to Sonarqube from the console
Add sonarqube address and save
kubectl edit cm -n kubesphere-system ks-console-config
Copy the code
12. Restart kS-Apiserver and Ks-Console
kubectl -n kubesphere-system rollout restart deploy ks-apiserver
kubectl -n kubesphere-system rollout restart deploy ks-console
Copy the code
Integrated pipeline
1. Use Kubesphere to create enterprise space, create enterprise space Manager, project Manager, Project Developer, referenceKubesphere.com.cn/docs/quick-…2. Create a devOps project using the project manager3. Click the project Creation pipeline and add three String parameters to the parameterized build. REGISTRY docker repository address, DOCKERHUB_NAMESPACE Docker repository namespace, APP_NAME project name4. Add credentials. Create credentials under devOPS project Git account and Dockerhub account belong to the same category of account credentials. You can enter your account password. Sonarqube needs to select the secret text type and paste the token previously saved.
5. Click the assembly line to enter its details page. To use the graphics edit panel, click Edit Pipeline under the Pipeline TAB. In the pop-up dialog box, click ** custom assembly line to edit. ** or edit Jenkinsfile The following example uses Jenkinsfile: Jenkins pipeline syntax portal
Pipeline {agent {# instructs Jenkins to assign an executor (on any agent/node available in the Jenkins environment) and workspace node {label to the entire pipeline'maven'The pipeline will run on a node labeled maven}} stages {stage('Checkout SCM'Agent None steps {git() {git() {git()url: 'https://gitee.com/xxx.git'.credentialsId: 'gitee-id'.branch: 'master'.changelog: true.poll: false)
}
}
stage('Unit Test') {# Execute unit test steps {container('maven') {# specify the container sh'mvn clean -o -gs `pwd`/configuration/settings.xml test'# execute shell script}}} stage('Code Analysis'Step {container() {container() {'maven') {
withCredentials([string(credentialsId : 'sonar-token' ,variable : 'SONAR_TOKEN' ,)]) {
withSonarQubeEnv('sonar') {# Execute script sh with credentials using sonar environment'mvn sonar:sonar -o -gs `pwd`/configuration/settings.xml -Dsonar.login=$SONAR_TOKEN'
}
}
timeout(unit: 'HOURS'.activity: true.time: 1) {# Start counting the timeout waitForQualityGate after no log output'true'The code Quality inspection standard comes from SonarQube's Quality Gate (Quality threshold). If you need to customize the inspection standard, please go to SonarQube to set}}}} stage('Build and Push'Agent None steps {container('maven') {# build the image from the dockerFile and push it to the remote repository sh'mvn -o -Dmaven.test.skip=true -gs `pwd`/configuration/settings.xml clean package'
sh 'docker build -f Dockerfile-online -t $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:SNAPSHOT-$BUILD_NUMBER .'
withCredentials([usernamePassword(credentialsId : 'dockerhub-id' ,passwordVariable : 'DOCKER_PASSWORD' ,usernameVariable : 'DOCKER_USERNAME' ,)]) {
sh 'echo "$DOCKER_PASSWORD" | docker login $REGISTRY -u "$DOCKER_USERNAME" --password-stdin'
}
sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:SNAPSHOT-$BUILD_NUMBER'
}
}
}
stage('update-yml'Agent None steps {container('maven') {
sh 'sed -i "s/\\$REGISTRY\\/\\$DOCKERHUB_NAMESPACE\\/\\$APP_NAME:\\$TAG_NAME/\\"$REGISTRY\\/$DOCKERHUB_NAMESPACE\\/$APP_NAME:SNAPSH OT-$BUILD_NUMBER\\"/g" `pwd`/deploy/prod-ol/devops-sample.yaml'
}
}
}
stage('Artifacts') {# Save the jars you built into the project build space steps {archiveArtifacts'target/*.jar'
}
}
stage('Deploy to Dev'Dev Agent None steps {input'Deploy to dev environment'Stage will continue container('maven') {
sh '''kubectl apply -f `pwd`/deploy/prod-ol/devops-sample.yaml
kubectl apply -f `pwd`/deploy/prod-ol/devops-sample-svc.yaml'''
}
}
}
}
}
Copy the code
6. Run the assembly lineSee the log7. Look at code analysis 8. Look at the workloadView the successfully deployed applicationsGo back to the upper view service to view the exposed port and access itAccess successful!9. You can also log in to Jenkins to view builds