需求

1. 开发人员通过上传 gitlab 新分支代码，通过 jenkinsfile 结合jenkins 自动发现分支并自动化部署该分支对应的容器
2. 更新代码可以实现容器平滑更新

环境

1. k8s 1.16 高可用集群环境
2. harbor 私有仓库已搭建
3. gitlab 可以使用
4. 部署nfs server，可提供给jenkins 存储使用

部署jenkins

# 创建新名称空间
kubectl create  ns   myjenkins 
 
# 准备配置文件 deployment、 svc 、ingress 、证书
1. mkdir /myjenkins/jenkins
2. deployment 准备配置yaml文件，jenkins-deployment.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: jenkins
  namespace: myjenkins
spec:
  replicas: 1
  selector:
    matchLabels:
      app: jenkins
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: jenkins
    spec:
      containers:
      - env:
        - name: JAVA_OPTS
          value: -Duser.timezone=Asia/Shanghai
        image: jenkins:lts
        imagePullPolicy: IfNotPresent
        name: jenkins
        ports:
        - containerPort: 8080
          name: web
          protocol: TCP
        - containerPort: 50000
          name: agent
          protocol: TCP
        resources: {}
        securityContext:
          runAsUser: 0
        volumeMounts:
        - mountPath: /var/jenkins_home
          name: jenkinshome
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      volumes:
      - name: jenkinshome
        nfs:
          path: /data/upload/myjenkins
          server: 172.24.119.30

3.jenkins agent 准备配置yaml 文件，jenkins-agent.yaml 
apiVersion: v1
kind: Service
metadata:
  labels:
    app: jenkins
  name: jenkins-agent
  namespace: myjenkins
spec:
  ports:
  - name: agent
    port: 50000
    protocol: TCP
    targetPort: 50000
  selector:
    app: jenkins
  sessionAffinity: None
  type: ClusterIP
status:
  loadBalancer: {}

4. jenkins svc 配置yaml 文件 jenkins-svc.yaml 
apiVersion: v1
kind: Service
metadata:
  labels:
    app: jenkins
  name: jenkins
  namespace: myjenkins
spec:
  ports:
  - name: web
    port: 8080
    protocol: TCP
    targetPort: 8080
  selector:
    app: jenkins
  sessionAffinity: None
  type: ClusterIP
status:
  loadBalancer: {}

5. jenkins ingress 配置yaml 文件 jenkins-ingress.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: nginx
  name: jenkins
  namespace: myjenkins
spec:
  rules:
  - host: myjenkins.tagtic.cn
    http:
      paths:
      - backend:
          serviceName: jenkins
          servicePort: 8080
        path: /
  tls:
  - hosts:
    - myjenkins.tagtic.cn
    secretName: all-tagtic.cn
status:
  loadBalancer: {}

# 创建以上准备好的yaml 文件
kubectl create -f jenkins-deployment.yaml  
kubectl create -f jenkins-agent.yaml 
kubectl create -f jenkins-svc.yaml
kubectl create -f jenkins-ingress.yaml 

#创建证书,已准备好服务器证书
kubectl create secret tls tls-secret --cert=1979891tagtic.cn.pem    --key=1979891tagtic.cn.key  -n myjenkins

#登陆jenkins 
通过执行  kubectl logs -n myjenkins  jenkins-7f89966ff9-622xm  获取jenkins 登陆密码

#访问jenkins，浏览器输入
https://myjenkins.tagtic.cn/

配置jenkins