一、部署gitlab

? ? ? ?GitLab 是一個集代碼托管、CI/CD、項目管理、安全掃描于一體的 DevOps 平臺，提供從代碼編寫到部署的全生命周期管理。它支持 Git 版本控制，內置自動化流水線，可與 Kubernetes 集成，實現云原生應用的持續交付。同時提供問題追蹤、代碼審查、容器鏡像倉庫等功能，幫助企業高效落地 DevOps 實踐。

1.下載安裝

#下載gitlab-ce-12.0.3組件
https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-12.0.3-ce.0.el7.x86_64.rpm
#安裝 gitlab-ce-12.0.3組件
yum localinstall -y gitlab-ce-12.0.3-ce.0.el7.x86_64.rpm

2.修改配置文件

#修改配置文件
[root@nacos-128 ]# vim /etc/gitlab/gitlab.rb
external_url 'http://gitlab.liux.cn'
prometheus['enable'] = false
prometheus['monitor_kubernetes'] = false
alertmanager['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false
prometheus_monitoring['enable'] = false
grafana['enable'] = false

3.初始化以及啟動

#初始化gitlab-ctl reconfigure#啟動gitlab-ctl statusgitlab-ctl stopgitlab-ctl start#登錄  需要做hosts解析http://gitlab.liux.cnroot/liux12366

4.gitlab創建項目以及服務器clone項目

#gitlab上面創建組和項目
springcloud/passport
#在服務器上clone項目
git config --global user.name "Administrator"
git config --global user.email "admin@example.com"
git clone git@gitlab.liux.cn:springcloud/passport.git
cd passport
touch README.md
git add README.md
git commit -m "add README"
git push -u origin master#將passport項目上傳到服務器，然后push到gitlab
[root@nacos-128 passport]# ll
total 28
-rw-r--r--. 1 root root   379 May  5  2020 HELP.md
-rw-r--r--. 1 root root 10070 May  5  2020 mvnw
-rw-r--r--. 1 root root  6608 May  5  2020 mvnw.cmd
-rw-r--r--. 1 root root  2329 May  5  2020 pom.xml
-rw-r--r--. 1 root root     0 Apr 23 17:45 README.md
drwxr-xr-x. 3 root root    18 Jun 10  2020 src
drwxr-xr-x  6 root root   159 Apr 24 09:43 target
[root@nacos-128 passport]#  git add .
[root@nacos-128 passport]#  git commit -m 'add'
[root@nacos-128 passport]#  git push -u origin master

二、部署harbor

? ? ? Harbor 是一款開源的企業級 Docker 鏡像倉庫管理工具，提供鏡像存儲、訪問控制、漏洞掃描和復制同步等核心功能。它支持多租戶安全策略，集成 Clair 進行鏡像安全掃描，并可與 Kubernetes、CI/CD 工具鏈無縫對接，是企業構建私有容器鏡像倉庫和實現云原生應用安全交付的理想選擇。

? ?? 部署參考docker容器化技術文檔中harbor安裝

1.下載harbor軟件

? ? ? ?上傳服務器 harbor.tar.gz ?我這里是其他服務器上已裝好的harbor，已配置https。

2.解壓安裝

[root@harbor harbor]# mkdir -p /liux/softwares/
[root@harbor ~]# tar -xf harbor.tar.gz -C /liux/softwares/
[root@harbor ~]# cd /liux/softwares/harbor/#安裝
[root@harbor harbor]# ./install.sh

3.將客戶端證書推送到所有的k8s集群

[root@harbor harbor]# scp certs/custom/client/* node-1:/etc/docker/certs.d/harbor.liux.com/
[root@harbor harbor]# scp certs/custom/client/* node-2:/etc/docker/certs.d/harbor.liux.com/

4.挑選任意K8S節點測試harbor能否正常訪問

[root@node-2 ~]# docker login -u admin -p 12366 harbor.liux.com
.....
Login Succeeded

5.harbor啟動、停止命令

[root@harbor harbor]# docker-compose up -d
[root@harbor harbor]# docker-compose down

三、部署nacos

? ? ? ?Nacos 是一款開源的動態服務發現、配置管理和服務治理平臺，支持DNS與RPC式服務注冊與發現，提供實時配置推送、服務健康監測和動態路由功能。作為云原生時代的核心中間件，它無縫兼容Spring Cloud、Kubernetes和Dubbo等生態，幫助開發者快速構建彈性可擴展的微服務架構，實現服務配置的集中化管理與服務的自動化運維。

1.下載

#下載
wget https://download.nacos.io/nacos-server/nacos-server-2.5.1.zip?spm=5238cd80.7a4232a8.0.0.f834e755XxpRod&file=nacos-server-2.5.1.zip
#解壓
unzip nacos-server-2.5.1.zip

2.修改配置文件

[root@nacos-128 conf]# vim application.properties
server.port=8848
spring.datasource.platform=mysql### Count of DB:
db.num=1
### Connect URL of DB:
db.url.0=jdbc:mysql://127.0.0.1:3306/nacos?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true
db.user=nacos
db.password=nacos

3.啟動(單機啟動)

[root@nacos-128 ~]# cd /root/nacos/bin
[root@nacos-128 bin]# ./startup.sh -m standalone#訪問http://192.168.91.128:8848/nacos/index.html
nacos/nacos

4.頁面導入配置

#網關配置spring-cloud-gateway.yaml
server:port: 9000spring:application:name: spring-cloud-gatewaycloud:nacos:discovery:#server-addr: 192.168.0.183:8848server-addr: 192.168.91.128:8848file-extension: yamlconfig:server-addr: 192.168.91.128:8848gateway:discovery:locator:enabled: trueredis:host: 192.168.91.128port: 6379password: 123456lettuce:pool:max-wait: 100000max-idle: 10max-active: 100timeout: 5000database: 0logging:level:root: INFOorg:springframework:security: INFOweb: INFOhibernate: INFOapache:commons:dbcp2: INFOfile: /var/log/gateway.log
network:filter: truecache:filter: falseacl:blacklist: "10.0.0.0/8"whitelist: "0.0.0.0/0"
management:endpoints:web:exposure:include: "*"metrics:enabled: trueprometheus:enabled: trueendpoint:shutdown:enabled: truegateway:enabled: truemetrics:export:prometheus:enabled: truetags:application: ${spring.application.name}#provider-passport-config.yaml
spring:application:name: provider-passportcloud:nacos:discovery:#server-addr: 192.168.0.183:8848server-addr: 192.168.91.128:8848
server:port: 8086
management:endpoints:web:exposure:include: "*"metrics:enabled: trueprometheus:enabled: truemetrics:export:prometheus:enabled: truetags:application: ${spring.application.name}
logging:level:root: INFO        org:springframework:security: INFOweb: INFO    hibernate: INFO        apache:commons:dbcp2: INFOfile: /var/log/provider/passport.log
data:msg: '后臺服務passport'

四、部署jenkins

? ? ? ?Jenkins 是一款開源的持續集成與持續交付（CI/CD）工具，通過自動化構建、測試和部署流程加速軟件開發。它支持豐富的插件生態，可無縫集成 Git、Docker、Kubernetes 等主流技術棧，提供流水線即代碼（Pipeline as Code）能力和分布式任務執行，幫助團隊實現高效、可靠的 DevOps 實踐，適用于從單體應用到云原生微服務的全場景自動化。

1.安裝jdk

#下載jdk
wget https://download.oracle.com/java/21/latest/jdk-21_linux-x64_bin.rpm
#安裝jdk
rpm -ivh jdk-21_linux-x64_bin.rpm

2.部署jenkins

#下載地址 war包地址
wget https://mirrors.tuna.tsinghua.edu.cn/jenkins/war/2.507/jenkins.war

3.編寫啟動文件啟動

[root@node-2 jenkins]#  cat > /root/jenkins/restart.sh <<EOF
#!/bin/bash  
pid=`ps -ef|grep jenkins | grep -v grep | awk '{print $2}'`
kill -9 $pid
sleep 5snohup java -DJENKINS_HOME=/root/jenkins/jenkins_home \
-jar /root/jenkins/jenkins.war --httpPort=8080 >>/root/jenkins/nohup.out 2>&1 &
EOF#授權啟動
[root@node-2 jenkins]#  chmod +x restart.sh
[root@node-2 jenkins]#  ./restart.sh#登錄jenkins
http://192.168.91.22:8080
#修改之后的密碼
admin/admin

4.安裝插件

#頁面安裝插件然后重啟
Maven Integration
Git Parameter
Pipeline
Build With Parameters
Persistent Parameter
Extended Choice Parameter
Localization: Chinese (Simplified)

5.添加憑據

#添加gitlab的憑據
系統管理-->憑據管理-->添加憑據-->填寫用戶密碼
保存之后會有一個憑據，用戶拉取gitlab代碼  cfa063a7-bfae-457a-bf77-61c6227ca52d

6.新增流水線項目

#流水線腳本
pipeline{agent any environment {def git_url="http://gitlab.liux.cn/springcloud/passport.git"def git_branch = "${branch}"def git_auth = "cfa063a7-bfae-457a-bf77-61c6227ca52d"def project_version = "${release}-${UUID.randomUUID().toString()}"def docker_nodes = "${nodes}"def job_mvn = "${WORKSPACE}"def mvn = '/usr/local/apache-maven-3.6.3/bin/mvn'def image_name = 'provider-passport'def page_path = "${WORKSPACE}/target"def project_path="/data/images/passport"def remote_ip="192.168.91.18"def app_name="provider-passport"def remote_yaml="/mnt/yaml/passport/provider-passport.yaml"}stages{stage('Git Checkout'){steps{echo 'check git'checkout([$class: 'GitSCM',branches: [[name: "${git_branch}" ]],doGenerateSubmoduleConfigurations: false,extensions: [],submoduleCfg: [],userRemoteConfigs: [[credentialsId: "${git_auth}",url: "${git_url}"]]])}    }stage('Manven Build'){when {expression {currentBuild.result == null || currentBuild.result == 'SUCCESS'}}steps{sh "cd ${job_mvn} ; ${mvn} clean package -Dmaven.test.skip=true -U"}}stage('Copy Jar'){when {expression {currentBuild.result == null || currentBuild.result == 'SUCCESS'}}steps{sh "/usr/bin/cp -rf ${env.page_path}/demo-*-SNAPSHOT.jar ${project_path}"}}stage('Docker Build'){when {expression {currentBuild.result == null || currentBuild.result == 'SUCCESS'}}steps{sh "cd ${project_path} && docker build -t harbor.liux.com/springcloud/${env.app_name}:${env.project_version} ."}}stage('Push Docker'){when {expression {currentBuild.result == null || currentBuild.result == 'SUCCESS'}}steps{sh "docker push harbor.liux.com/springcloud/${env.app_name}:${env.project_version}"}}stage('Apply Docker'){when {expression {currentBuild.result == null || currentBuild.result == 'SUCCESS'}}steps{sh "ssh ${env.remote_ip} 'sed -i 's@${env.app_name}:.*@${env.app_name}:${env.project_version}@g' ${env.remote_yaml}';ssh ${env.remote_ip} '/usr/local/bin/kubectl apply -f ${env.remote_yaml}'"}}stage('Replicas Docker'){when {expression {currentBuild.result == null || currentBuild.result == 'SUCCESS'}}steps{sh "ssh ${env.remote_ip} '/usr/local/bin/kubectl scale deployment ${env.app_name} --replicas=${env.docker_nodes}'"}}}post {success {sh "echo 'Success success'"}failure {sh "echo 'Faild faild'"}}
}#新增流水線項目build-passport-maven
01:添加參數化構建過程-->git參數-->名稱(branch),默認值(master),描述(分支)
02:添加參數化構建過程-->文本參數-->名稱(nodes),默認值(1),描述(副本數)
03:添加參數化構建過程-->字符參數-->名稱(release),默認值(v1.0),描述(版本信息)
04:流水線-->腳本#Agent: agent any 表示流水線可在任何可用代理節點上執行。

7.編寫dockerfile文件

#dockerfile文件
[root@node-2 passport]# cat Dockerfile 
FROM harbor.liux.com/basic/openjdk8:v1.0
run mkdir -p /usr/local/java/provider && mkdir -p /var/log/provider && touch /var/log/provider/passport.log
copy demo-0.0.1-SNAPSHOT.jar /usr/local/java/provider/demo-0.0.1-SNAPSHOT.jar
run which java
ADD run.sh /run.sh
RUN chmod +x /run.sh
CMD ["sh","/run.sh"]
#CMD ["tail","-f","/etc/hosts"]#啟動文件
[root@node-2 passport]# cat run.sh 
#!/bin/bash
#log
echo '00 23 * * * /usr/bin/find /var/log/sport -type f -mmin +720 -exec rm -f {} \;' > /var/spool/cron/crontabs/root && crond -l 0 -b -L /var/log/crontab.log# Start the second process
#/sbin/tini --
java -Xms512m -Xmx512m  -Dspring.cloud.nacos.discovery.server-addr=192.168.91.128:8848 -Dspring.cloud.nacos.config.server-addr=192.168.91.128:8848 -jar /usr/local/java/provider/demo-0.0.1-SNAPSHOT.jar 
status=$?
if [ $status -ne 0 ]; thenecho "Failed to start passport: $status"exit $status
fi

8.jenkins服務器上面安裝maven

#下載
https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz
#編譯Java服務
tar xf  apache-maven-3.6.3-bin.tar.gz

9.k8s上面編寫yaml文件

[root@master-1 ~]# mkdir -p /data/passport
[root@master-1 passport]# cat > provider-passport.yaml <<EOF
apiVersion: apps/v1
kind: Deployment
metadata:name: provider-passport
spec:replicas: 1selector:matchLabels:app: provider-passportminReadySeconds: 1strategy:type: RollingUpdaterollingUpdate:maxSurge: 1maxUnavailable: 1template:metadata:labels:app: provider-passportspec:imagePullSecrets:- name: registry-passportcontainers:- name: provider-passportimage: harbor.liux.com/springcloud/provider-passport:v1.0-8183e107-fe51-4d68-8d5f-0bb671ddcf3a#可用性檢查readinessProbe:tcpSocket:port: 6161initialDelaySeconds: 10periodSeconds: 5env:- name: aliyun_logs_provider-passport-logsvalue: "stdout"ports:- containerPort: 6161name: httpresources:limits:memory: 1024Mirequests:memory: 1024Mi
EOF
#使用secret存儲harbor用戶密碼
[root@master-1 passport]# kubectl create secret docker-registry registry-passport \
--docker-server=harbor.liux.com  \
--docker-username=admin \
--docker-password=12366 \
--docker-email=admin@abc.com

10.Jenkins運行流水線

? ? ? ?如下圖所示，表示已經完整的使用流水線在k8s中啟動了一個項目。