之前的三篇文章都是介绍的drone通过docker的形式运行在物理机的情况下,这次介绍一下drone和gogs如何部署在k8s之内,并且如何进行构建发布项目。
一 部署gogs代码仓库
[root@k8s-master01 drone]# cat gogs.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: gogs
labels:
app: gogs
spec:
serviceName: gogs
replicas: 1
selector:
matchLabels:
app: gogs
template:
metadata:
labels:
app: gogs
spec:
terminationGracePeriodSeconds: 180
containers:
- name: gogs
image: gogs/gogs:0.12.0
#image: gogs/gogs
imagePullPolicy: Always
ports:
- containerPort: 3000
name: port
- containerPort: 22
name: ssh-port
volumeMounts:
- name: volume
mountPath: /data
volumes:
- name: volume
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: gogs
labels:
app: gogs
spec:
type: NodePort
ports:
- port: 3000
targetPort: 3000
selector:
app: gogs
二 部署drone-server
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: drone
labels:
app: drone
spec:
serviceName: drone
replicas: 1
selector:
matchLabels:
app: drone
template:
metadata:
labels:
app: drone
spec:
terminationGracePeriodSeconds: 180
containers:
- name: drone
image: drone/drone:2
#image: drone/drone:latest
imagePullPolicy: IfNotPresent
env:
- name: DRONE_AGENTS_ENABLED
value: "true"
- name: DRONE_GOGS_SERVER
value: http://192.168.2.46:31348/ # 注意这里填的是gogs的地址
- name: DRONE_RPC_SECRET
value: qawsedrftg
- name: DRONE_SERVER_HOST
value: http://192.168.2.46:30977/ #drone_server
- name: DRONE_SERVER_PROTO
value: http
- name: DRONE_USER_CREATE #可以激活仓库
value: username:administrator,admin:true
ports:
- containerPort: 80
name: port
- containerPort: 443
name: ssl-port
volumeMounts:
- name: volume
mountPath: /data
volumes:
- name: volume
hostPath:
path: /data/drone
---
apiVersion: v1
kind: Service
metadata:
name: drone
labels:
app: drone
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
selector:
app: drone
三 部署dorne-runner
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
app: drone-run
name: drone-run
spec:
selector:
matchLabels:
app: drone-run
template:
metadata:
labels:
app: drone-run
spec:
containers:
- image: drone/drone-runner-docker
name: drone-runner
ports:
- containerPort: 3000
name: http
env:
- name: DRONE_RPC_PROTO
valueFrom:
configMapKeyRef:
name: drone-run-cm
key: DRONE_RPC_PROTO
- name: DRONE_RPC_HOST
valueFrom:
configMapKeyRef:
name: drone-run-cm
key: DRONE_RPC_HOST
- name: DRONE_RUNNER_CAPACITY
valueFrom:
configMapKeyRef:
name: drone-run-cm
key: DRONE_RUNNER_CAPACITY
- name: DRONE_RPC_SECRET
valueFrom:
configMapKeyRef:
name: drone-run-cm
key: DRONE_RPC_SECRET
- name: DRONE_RUNNER_NAME
valueFrom:
configMapKeyRef:
name: drone-run-cm
key: DRONE_RUNNER_NAME
volumeMounts:
- mountPath: /var/run/docker.sock
name: sock
volumes:
- name: sock
hostPath:
path: /var/run/docker.sock
---
apiVersion: v1
kind: ConfigMap
metadata:
name: drone-run-cm
namespace: default
data:
DRONE_RPC_PROTO: http
DRONE_RPC_HOST: 192.168.2.46:30532 #Drone node:nodePort
DRONE_RUNNER_CAPACITY: "2"
DRONE_RPC_SECRET: qawsedrftg #跟drone server一样
DRONE_RUNNER_NAME: drone-runner
---
apiVersion: v1
kind: Service
metadata:
name: drone-run-svc
labels:
app: drone-run
spec:
ports:
- name: http
targetPort: 3000
port: 3000
selector:
app: drone-run
type: NodePort
status:
loadBalancer: {}
四 查看各个pod状态
五 配置drone.yml
需要把config上传到gogs的仓库代码上才可以,我这里是通过k8s的配置文件去获取k8s的权限的
ls /root/.kube/config
kind: pipeline
name: deploy-k8s
type: docker
steps:
- name: 打包&单元测试
image: maven:3.8.4
pull: if-not-exists
commands:
- mvn clean install
volumes:
- name: cache
path: /root/.m2
- name: 构建镜像
image: plugins/docker
pull: if-not-exists
settings:
purge: false
repo: registry.cn-hangzhou.aliyuncs.com/huningfei/welcome
username: 825536458@qq.com
registry: registry.cn-hangzhou.aliyuncs.com
password: xxxxxx #这里的密码可以配置到drone里,进行引用,无须明文
insecure: true
tags: 1
volumes:
- name: docker
path: /var/run/docker.sock
- name: 部署到k8s
image: bitnami/kubectl
settings:
manifest: deploy.yml
commands:
- kubectl --kubeconfig ./config apply -f ./deploy.yml
volumes:
- name: cache
host:
path: /root/.m2
- name: docker
host:
path: /var/run/docker.sock
trigger:
branch:
- master
最后的构建结果