内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
风哥提示:
本文档介绍Kubernetes与CI/CD工具的集成方法。
Part01-CI/CD概述
1.1 CI/CD流程
[root@k8s-master ~]# cat > /root/k8s-cicd.txt << 'EOF' Kubernetes CI/CD流程 ==================== 1. 持续集成(CI) - 代码提交触发 - 自动构建镜像 - 单元测试 - 镜像推送 2. 持续部署(CD) - 自动更新配置 - 滚动更新部署 - 自动化测试 - 生产发布 3. CI/CD工具 - GitLab CI/CD - Jenkins - ArgoCD - Tekton 4. 部署策略 - 滚动更新 - 蓝绿部署 - 金丝雀发布 - A/B测试 EOF
Part02-GitLab CI/CD
2.1 配置GitLab Runner
[root@k8s-master ~]# cat > gitlab-runner.yaml << 'EOF' apiVersion: apps/v1 kind: Deployment metadata: name: gitlab-runner namespace: gitlab spec: replicas: 1 selector: matchLabels: app: gitlab-runner template: metadata: labels: app: gitlab-runner spec: containers: - name: runner image: gitlab/gitlab-runner:latest volumeMounts: - name: config mountPath: /etc/gitlab-runner - name: docker mountPath: /var/run/docker.sock volumes: - name: config configMap: name: gitlab-runner-config - name: docker hostPath: path: /var/run/docker.sock EOF # 创建.gitlab-ci.yml [root@k8s-master ~]# cat > .gitlab-ci.yml << 'EOF' stages: - build - test - deploy variables: IMAGE_NAME: registry.fgedu.net.cn/fgedu/app KUBE_NAMESPACE: fgedu-prod build: stage: build image: docker:latest services: - docker:dind script: - docker login -u $REGISTRY_USER -p $REGISTRY_PASSWORD registry.fgedu.net.cn - docker build -t $IMAGE_NAME:$CI_COMMIT_SHA . - docker push $IMAGE_NAME:$CI_COMMIT_SHA - docker tag $IMAGE_NAME:$CI_COMMIT_SHA $IMAGE_NAME:latest - docker push $IMAGE_NAME:latest only: - main test: stage: test image: python:3.11 script: - pip install -r requirements.txt - python -m pytest tests/ only: - main deploy: stage: deploy image: bitnami/kubectl:latest script: - kubectl config set-cluster k8s --server="$KUBE_URL" --insecure-skip-tls-verify=true - kubectl config set-credentials admin --token="$KUBE_TOKEN" - kubectl config set-context default --cluster=k8s --user=admin - kubectl config use-context default - kubectl set image deployment/fgedu-app fgedu-app=$IMAGE_NAME:$CI_COMMIT_SHA -n $KUBE_NAMESPACE - kubectl rollout status deployment/fgedu-app -n $KUBE_NAMESPACE only: - main when: manual EOF
Part03-ArgoCD部署
3.1 安装ArgoCD
[root@k8s-master ~]# kubectl create namespace argocd
namespace/argocd created
# 安装ArgoCD
[root@k8s-master ~]# kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
customresourcedefinition.更多视频教程www.fgedu.net.cnapiextensions.k8s.io/学习交流加群风哥QQ113257174applications.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/applicationsets.argoproj.io created
customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io created
serviceaccount/argocd-application-controller created
serviceaccount/argocd-applicationset-controller created
serviceaccount/argocd-dex-server created
serviceaccount/argocd-notifications-controller created
serviceaccount/argocd-redis created
serviceaccount/argocd-repo-server created
serviceaccount/argocd-server created
role.rbac.authorization.k8s.io/argocd-application-controller created
role.rbac.authorization.k8s.io/argocd-applicationset-controller created
role.rbac.authorization.k8s.io/argocd-dex-server created
role.rbac.authorization.k8s.io/argocd-notifications-controller created
role.rbac.authorization.k8s.io/argocd-redis created
role.rbac.authorization.k8s.io/argocd-repo-server created
role.rbac.authorization.k8s.io/argocd-server created
clusterrole.rbac.authorization.k8s.io/argocd-application-controller created
clusterrole.rbac.authorization.k8s.io/argocd-server created
rolebinding.rbac.authorization.k8s.io/argocd-application-controller cr更多学习教程公众号风哥教程itpux_comeated
rolebinding.rbac.authorization.k8s.io/argocd-applicationset-controller created
rolebinding.rbac.authorization.k8s.io/argocd-dex-server created
rolebinding.rbac.authorization.k8s.io/argocd-notifications-controller created
rolebinding.rbac.authorization.k8s.io/argocd-redis created
rolebinding.rbac.authorization.k8s.io/argocd-repo-server created
rolebinding.rbac.authorization.k8s.io/argocd-server created
clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller creat学习交流加群风哥微信: itpux-comed
clusterrolebinding.rbac.authorization.k8s.io/argocd-server created
configmap/argocd-cm created
configmap/argocd-cmd-params-cm created
configmap/argocd-gpg-keys-cm created
configmap/argocd-rbac-cm created
configmap/argocd-ssh-known-hosts-cm created
configmap/argocd-tls-certs-cm created
secret/argocd-secret created
service/argocd-applicationset-controller created
service/argocd-dex-server created
service/argocd-metrics created
service/argocd-notifications-controller-metrics created
service/argocd-redis created
service/argocd-repo-server created
service/argocd-server created
service/argocd-server-metrics created
deployment.apps/argocd-applicationset-controller created
deployment.apps/argocd-dex-server created
deployment.apps/argocd-notifications-controller created
deployment.apps/argocd-redis created
deployment.apps/argocd-repo-server created
deployment.apps/argocd-server created
statefulset.apps/argocd-application-controller created
# 获取初始密码
[root@k8s-master ~]# kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath=”{.data.password}” | base64 -d
abc123def456
# 端口转发访问
[root@k8s-master ~]# kubectl port-forward svc/argocd-server -n argocd 8080:443
Forwarding from 127.0.0.1:8080 -> 8080
Part04-创建ArgoCD应用
4.1 应用部署
[root@k8s-master ~]# cat > fgedu-app-argocd.yaml << 'EOF' apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: fgedu-app namespace: argocd spec: project: default source: repoURL: https://git.fgedu.net.cn/fgedu/k8s-apps.git targetRevision: HEAD path: apps/fgedu-app destination: server: https://kubernetes.default.svc namespace: fgedu-prod syncPolicy: automated: prune: true selfHeal: true syncOptions: - CreateNamespace=true EOF [root@k8s-master ~]# kubectl apply -f fgedu-app-argocd.yaml application.argoproj.io/fgedu-app created # 查看应用状态 [root@k8s-master ~]# kubectl get application -n argocd NAME SYNC STATUS HEALTH STATUS fgedu-app Synced Healthy # 手动同步应用 [root@k8s-master ~]# argocd app sync fgedu-app TIMESTAMP GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE 2026-04-04T16:00:00+08:00 apps Deployment fgedu-prod fgedu-app Running Healthy deployment.apps/fgedu-app configured 2026-04-04T16:00:00+08:00 Service fgedu-prod fgedu-app Healthy service/fgedu-app configured 2026-04-04T16:00:00+08:00 networking.k8s.io Ingress fgedu-prod fgedu-app Healthy ingress.networking.k8s.io/fgedu-app configured Name: argocd/fgedu-app Project: default Server: https://kubernetes.default.svc Namespace: fgedu-prod URL: https://argocd.fgedu.net.cn/applications/fgedu-app Repo: https://git.fgedu.net.cn/fgedu/k8s-apps.git Target: HEAD Path: apps/fgedu-app SyncWindow: Sync Allowed Sync Policy: Automated (Prune) Sync Status: Synced to HEAD (abc123) Health Status: Healthy
- 使用GitOps管理配置
- 配置自动化测试
- 使用镜像标签管理版本
- 配置回滚机制
- 监控部署状态
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
