1.Jenkins 실습을 위해 로컬 클러스터를 구축.
master, node1(worker1), node2(worker2)
Ubuntu 템플릿(4core, 4gb, 40gb)에서 메모리를 3GB 으로 구성,
IP는 bridge 대역에서 DHCP로 받아올 수 있도록 3서버를 전부 구성
각 서버에서 daemaon.json 파일 수정해서 사설저장소에 접근 가능해야한다.
-> "insecure registries "
master 에서 시크릿 생성 및 default namespace 에 등록
kubeadam init reset 하는 법
worker nodes 에서 init 한 경우
kubeadam reset --cri-socket unix:///run/cri-dockerd.sock1. Jenkins (CI Tool)
접속창에 192.168.0.1 접속
포트 포워딩 - 외부 PORT 로 내부 PORT 로 접속
2. Jenkins 설치
root@master:~/cri-dockerd# apt-get -y update
<openjdk 11 version 설치>
root@master:~/cri-dockerd# apt-get -y install openjdk-11-jdk
root@master:~/cri-dockerd# wget -q -O - https://pkg.jenkins.io/debian/jenkins-ci.org.key | sudo apt-key add -
root@master:~/cri-dockerd# echo deb http://pkg.jenkins.io/debian-stable binary/ | sudo tee /etc/apt/sources.list.d/jenkins.list
root@master:~/cri-dockerd# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FCEF32E745F2C3D5
root@master:~/cri-dockerd# sudo apt-get -y update
root@master:~/cri-dockerd# sudo apt-get install -y jenkinsroot@master:~# vi /etc/default/jenkins 
root@master:~# vi /usr/lib/systemd/system/jenkins.service
<:/JENKINS_PORT 검색>
# IP address to listen on for HTTP requests.
# The default is to listen on all interfaces (0.0.0.0).
#Environment="JENKINS_LISTEN_ADDRESS="
# Port to listen on for HTTP requests. Set to -1 to disable.
# To be able to listen on privileged ports (port numbers less than 1024),
# add the CAP_NET_BIND_SERVICE capability to the AmbientCapabilities
# directive below.
Environment="JENKINS_PORT=7777"
# IP address to listen on for HTTPS requests. Default is disabled.
#Environment="JENKINS_HTTPS_LISTEN_ADDRESS="
root@master:~# systemctl restart jenkins
Warning: The unit file, source configuration file or drop-ins of jenkins.service changed on disk. Run 'systemctl daemon-reload' to reload units.
sysroot@master:~# systemctl daemon-reload jenkins
Too many arguments.
root@master:~# systemctl daemon-reload
root@master:~# systemctl enable --now jenkins
Synchronizing state of jenkins.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable jenkins
root@master:~# cat /var/lib/jenkins/secrets/initialAdminPassword
3. Git hub
자신의 Git Hub 으로 가서 repository 생성
간단한 파일 작성
AWS 의 PipeLine 과는 다르다
AWS 는 커밋 부터 디플로이까지 전 과정을 Pipeline 이라 칭하고
Jenkins 는 빌드 과정의 단계별 작업등을 Pipeline 이라고 한다.
systemctl restart jenkins
크롬 접속창에서 포트 7777로 접속
크롬 접속창에서 rapa.iptime.org:30082 로 접속
반드시 7777 port에서 작업할 것
Console Output 을 클릭해 빌드가 어떻게 이뤄줬는지 확인
빌드에 성공하면 file 들이 workspace 경로에 저장된다.
root@master:~# cd /var/lib/jenkins/workspace/test
root@master:/var/lib/jenkins/workspace/test# ls
index.html
root@master:/var/lib/jenkins/workspace/test# cat index.html
Hello World!
git clone - 생성한 repository
root@master:~# git clone https://github.com/Leeeuijooo/jen
Cloning into 'jen'...
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (3/3), 602 bytes | 602.00 KiB/s, done.
root@master:~# ls
cri-dockerd get-docker.sh go installer_linux jen snap
root@master:~# cd jen/
root@master:~/jen# git init
Reinitialized existing Git repository in /root/jen/.git/
root@master:~/jen# ls
index.html
root@master:~/jen# git add .
root@master:~/jen# git commit -m "commit1"
*** Please tell me who you are.
Run
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
to set your account's default identity.
Omit --global to set the identity only in this repository.
fatal: unable to auto-detect email address (got 'root@master.(none)')
root@master:~/jen# git config --global user.email "euojoo323@gmail.com"
root@master:~/jen# git config --global user.name "euojoo323gmail.com"
root@master:~/jen# git commit -m "commit1"
On branch main
Your branch is up to date with 'origin/main'.
nothing to commit, working tree clean
root@master:~/jen# git remote show origin
* remote origin
Fetch URL: https://github.com/Leeeuijooo/jen
Push URL: https://github.com/Leeeuijooo/jen
HEAD branch: main
Remote branch:
main tracked
Local branch configured for 'git pull':
main merges with remote main
Local ref configured for 'git push':
main pushes to main (up to date)
# origin 은 이미 clone 해온 상태임
<동기화 해주기>
root@master:~/jen# git push -u origin main
Username for 'https://github.com': Leeeuijooo
Password for 'https://Leeeuijooo@github.com':
Branch 'main' set up to track remote branch 'main' from 'origin'.
Everything up-to-date
<이미지를 생성해서 CI 해볼 것임>
root@master:~/jen# vi Dockerfile
# 192.168.0.195:5000 이 이미 rapa.iptime.org:5000 으로 포트포워딩이 잡혀있는 상태
****
FROM rapa.iptime.org:5000/nginx:latest
****
root@master:~/jen# git add .
root@master:~/jen# git commit -m "Dockerfile add"
[main 8293807] Dockerfile add
1 file changed, 1 insertion(+)
create mode 100644 Dockerfile
root@master:~/jen# git push -u origin main
Username for 'https://github.com': Leeeuijooo
Password for 'https://Leeeuijooo@github.com':
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Delta compression using up to 4 threads
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 317 bytes | 317.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To https://github.com/Leeeuijooo/jen
f6084ae..8293807 main -> main
Branch 'main' set up to track remote branch 'main' from 'origin'.
Jenkins 콘솔로 이동
sudo 명령어 문제 솔루션
root@master:~/jen# visudo /etc/sudoers
****
# 맨 끝줄에다가 jenkins ALL=(ALL) NOPASSWD: ALL 추가
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
jenkins ALL=(ALL) NOPASSWD: ALL
^G Get Help ^O Write Out ^W Where Is ^K Cut Text ^J Justify
^X Exit ^R Read File ^\ Replace ^U Paste Text^T To Spell
*****
# Ctrl + x -> yes -> Enter
지금 빌드 1
Failed Message - insecure 에 등록을 안한 오류
root@master:~/jen# vi /etc/docker/daemon.json
root@master:~/jen# cat /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"insecure-registries" : ["192.168.0.195:5000","rapa.iptime.org:5000"]
}
지금 빌드 2
Success Message
<성공적인지 테스트>
root@master:~/jen# curl localhost:5656
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
성공적으로 테스트가 완료됐으므로 test 컨테이너 삭제
root@master:~/jen# docker rm -f test
test
4. Git Hub 에서 push , 자동으로 Jenkins 가 자동으로 빌드하도록 구현
Git Hub 레포지토리 접속
Web Hook 설정
체크표시가 되어있으면 web hook 이 성공적인 것임
redeliver 수행
자동으로 빌드되는지 테스트하기 위해 Index.html 파일 수정
<문제>
index.html에 변경사항이 발생했을때 해당파일을 포함한 이미지로 컨테이너가 생성되도록
필요 : master 서버의 git 과 Git Hub 의 레지스트리를 동기화
상태 : master 서버의 index.html 형상은 Hello world 가 찍혀있고
Git hub 의 index.html 형상은 Hello world Hello Long 정은이 찍혀있다
동기화
root@master:~/jen# git pull origin main
From https://github.com/Leeeuijooo/jen
* branch main -> FETCH_HEAD
Updating 8293807..5a1bea6
Fast-forward
index.html | 1 +
1 file changed, 1 insertion(+)
master 서버에서 Dockerfile을 수정
root@master:~/jen# cat Dockerfile
FROM rapa.iptime.org:5000/nginx:latest
ADD index.html /usr/share/nginx/html
root@master:~/jen# git init
Reinitialized existing Git repository in /root/jen/.git/
root@master:~/jen# git add .
root@master:~/jen# git commit -m "Go"
[main 5786bce] Go
1 file changed, 1 insertion(+)
<Git Push>
root@master:~/jen# git push -u origin main
Username for 'https://github.com': Leeeuijooo
Password for 'https://Leeeuijooo@github.com':
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Delta compression using up to 4 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 339 bytes | 339.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To https://github.com/Leeeuijooo/jen
5a1bea6..5786bce main -> main
Branch 'main' set up to track remote branch 'main' from 'origin'.
동기화 시킨 상태
Docker file 을 수정하고 Git repository 에 Push
자동으로 Build 되어 있음을 확인
Web hook 활성
root@master:~/jen# curl localhost:5656
Hello World!
Hello Long 정은
<문제>
노드포트 30001번으로 접속 가능한 Pod를 하나 띄울 것
해당 노드포트로 접속했을때 'Hello-World" 라는 내용이 뜨도록
**************
<Dockerfile>
root@master:~/jen# cat Dockerfile
FROM 192.168.0.195:5000/nginx:latest
ADD index.html /usr/share/nginx/html
**************
<index.html>
root@master:~/jen# cat index.html
Hello World!
Hello Long jung perfect!!
**************
<pod.yml> - 간단한 Pod , service 띄우는 yaml
root@master:~/jen# cat pod.yml
apiVersion: v1
kind: Pod
metadata:
name: pod-test
labels:
app: pod-test
spec:
containers:
- name: pod-test
image: 192.168.0.195:5000/nginx:joo
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: pod-test-service
spec:
selector:
app: pod-test
ports:
- name: http
protocol: TCP
port: 80
targetPort: 80
nodePort: 30001
type: NodePort
**************
<git hub에 PUSH>
root@master:~/jen# git init
Reinitialized existing Git repository in /root/jen/.git/
root@master:~/jen# git add .
root@master:~/jen# git commit -m "Last"
[main 023ccc4] Last
2 files changed, 2 insertions(+), 2 deletions(-)
root@master:~/jen# git push -u origin main
Username for 'https://github.com': Leeeuijooo
Password for 'https://Leeeuijooo@github.com':
Enumerating objects: 7, done.
Counting objects: 100% (7/7), done.
Delta compression using up to 4 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (4/4), 378 bytes | 378.00 KiB/s, done.
Total 4 (delta 1), reused 0 (delta 0)
remote: Resolving deltas: 100% (1/1), completed with 1 local object.
To https://github.com/Leeeuijooo/jen
e200620..023ccc4 main -> main
Branch 'main' set up to track remote branch 'main' from 'origin'.
<Pod, Service 확인>
root@master:~/jen# kubectl get pod
NAME READY STATUS RESTARTS AGE
pod-test 1/1 Running 0 13s
<Curl 명령어로 테스트>
root@master:~/jen# curl localhost:30001
Hello World!
Hello Long jung perfect!!
무럭무럭 자라볼까