|
@@ -4,7 +4,7 @@ pipeline {
|
|
|
parameters {
|
|
parameters {
|
|
|
choice(name: 'env', choices: ['dev', 'test', 'prod'], description: '部署环境')
|
|
choice(name: 'env', choices: ['dev', 'test', 'prod'], description: '部署环境')
|
|
|
string(name: 'NAMESPACE', defaultValue: 'portal-frontend', description: 'K8s 命名空间')
|
|
string(name: 'NAMESPACE', defaultValue: 'portal-frontend', description: 'K8s 命名空间')
|
|
|
- string(name: 'DOMAIN', defaultValue: 'radar-power.asia', description: 'Ingress 域名(留空则不创建 Ingress)')
|
|
|
|
|
|
|
+ string(name: 'DOMAIN', defaultValue: '', description: 'Ingress 域名(留空则不创建 Ingress)')
|
|
|
string(name: 'TLS_SECRET', defaultValue: 'portal-tls', description: 'TLS Secret 名称(仅在 DOMAIN 非空时使用)')
|
|
string(name: 'TLS_SECRET', defaultValue: 'portal-tls', description: 'TLS Secret 名称(仅在 DOMAIN 非空时使用)')
|
|
|
booleanParam(name: 'FORCE_UPDATE_CONFIG', defaultValue: false, description: '强制更新配置(包括 Deployment 和 Ingress)')
|
|
booleanParam(name: 'FORCE_UPDATE_CONFIG', defaultValue: false, description: '强制更新配置(包括 Deployment 和 Ingress)')
|
|
|
}
|
|
}
|
|
@@ -12,7 +12,7 @@ pipeline {
|
|
|
environment {
|
|
environment {
|
|
|
PROJECT_NAME = 'portal-frontend'
|
|
PROJECT_NAME = 'portal-frontend'
|
|
|
BUILD_DIR = 'dist'
|
|
BUILD_DIR = 'dist'
|
|
|
- NODE_ENV = 'production' // ✅ 修复:改为固定值
|
|
|
|
|
|
|
+ NODE_ENV = 'production'
|
|
|
HARBOR_HOST = '8.130.28.21:81'
|
|
HARBOR_HOST = '8.130.28.21:81'
|
|
|
KUBECONFIG_PATH = '/root/.kube/config'
|
|
KUBECONFIG_PATH = '/root/.kube/config'
|
|
|
HARBOR_USER = 'admin'
|
|
HARBOR_USER = 'admin'
|
|
@@ -29,6 +29,9 @@ pipeline {
|
|
|
echo ">>> 环境:${params.env}, Harbor项目:${env.HARBOR_PROJECT}, K8s命名空间:${params.NAMESPACE}"
|
|
echo ">>> 环境:${params.env}, Harbor项目:${env.HARBOR_PROJECT}, K8s命名空间:${params.NAMESPACE}"
|
|
|
if (params.DOMAIN?.trim()) {
|
|
if (params.DOMAIN?.trim()) {
|
|
|
echo ">>> 域名:${params.DOMAIN}, TLS Secret:${params.TLS_SECRET}"
|
|
echo ">>> 域名:${params.DOMAIN}, TLS Secret:${params.TLS_SECRET}"
|
|
|
|
|
+ echo ">>> 将使用 LoadBalancer 类型访问"
|
|
|
|
|
+ } else {
|
|
|
|
|
+ echo ">>> 未配置域名,将使用 NodePort 类型访问"
|
|
|
}
|
|
}
|
|
|
echo ">>> 强制更新配置:${params.FORCE_UPDATE_CONFIG}"
|
|
echo ">>> 强制更新配置:${params.FORCE_UPDATE_CONFIG}"
|
|
|
}
|
|
}
|
|
@@ -42,6 +45,48 @@ pipeline {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+ stage('🔐 配置 Ingress 控制器') {
|
|
|
|
|
+ when {
|
|
|
|
|
+ expression { params.DOMAIN?.trim() }
|
|
|
|
|
+ }
|
|
|
|
|
+ steps {
|
|
|
|
|
+ script {
|
|
|
|
|
+ sh """
|
|
|
|
|
+ export KUBECONFIG=${KUBECONFIG_PATH}
|
|
|
|
|
+
|
|
|
|
|
+ echo ">>> 配置 Ingress 控制器为 LoadBalancer 类型..."
|
|
|
|
|
+
|
|
|
|
|
+ # 检查 Ingress 控制器 Service 类型
|
|
|
|
|
+ INGRESS_SERVICE_TYPE=\$(kubectl get svc ingress-nginx-controller -n ingress-nginx -o jsonpath='{.spec.type}')
|
|
|
|
|
+ echo ">>> 当前 Ingress 控制器类型: \${INGRESS_SERVICE_TYPE}"
|
|
|
|
|
+
|
|
|
|
|
+ if [ "\${INGRESS_SERVICE_TYPE}" != "LoadBalancer" ]; then
|
|
|
|
|
+ echo ">>> 修改 Ingress 控制器为 LoadBalancer 类型..."
|
|
|
|
|
+ kubectl patch svc ingress-nginx-controller -n ingress-nginx -p '{"spec":{"type":"LoadBalancer"}}'
|
|
|
|
|
+
|
|
|
|
|
+ echo ">>> 等待 LoadBalancer 分配外部 IP..."
|
|
|
|
|
+ kubectl wait --for=condition=Available --timeout=300s svc/ingress-nginx-controller -n ingress-nginx
|
|
|
|
|
+
|
|
|
|
|
+ # 获取外部 IP
|
|
|
|
|
+ EXTERNAL_IP=\$(kubectl get svc ingress-nginx-controller -n ingress-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
|
|
|
|
|
+ if [ -n "\${EXTERNAL_IP}" ]; then
|
|
|
|
|
+ echo "✅ Ingress 控制器获得外部 IP: \${EXTERNAL_IP}"
|
|
|
|
|
+ echo ">>> 请将域名 ${params.DOMAIN} 解析到: \${EXTERNAL_IP}"
|
|
|
|
|
+ else
|
|
|
|
|
+ echo "⚠️ LoadBalancer 尚未分配外部 IP,请稍后检查"
|
|
|
|
|
+ fi
|
|
|
|
|
+ else
|
|
|
|
|
+ echo "✅ Ingress 控制器已经是 LoadBalancer 类型"
|
|
|
|
|
+ EXTERNAL_IP=\$(kubectl get svc ingress-nginx-controller -n ingress-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
|
|
|
|
|
+ if [ -n "\${EXTERNAL_IP}" ]; then
|
|
|
|
|
+ echo ">>> 当前外部 IP: \${EXTERNAL_IP}"
|
|
|
|
|
+ fi
|
|
|
|
|
+ fi
|
|
|
|
|
+ """
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
stage('�� 验证 TLS Secret') {
|
|
stage('�� 验证 TLS Secret') {
|
|
|
when {
|
|
when {
|
|
|
expression { params.DOMAIN?.trim() }
|
|
expression { params.DOMAIN?.trim() }
|
|
@@ -106,10 +151,11 @@ pipeline {
|
|
|
echo ">>> 强制更新配置,删除现有资源..."
|
|
echo ">>> 强制更新配置,删除现有资源..."
|
|
|
kubectl delete deployment ${PROJECT_NAME} -n ${params.NAMESPACE} --ignore-not-found=true
|
|
kubectl delete deployment ${PROJECT_NAME} -n ${params.NAMESPACE} --ignore-not-found=true
|
|
|
kubectl delete svc ${PROJECT_NAME} -n ${params.NAMESPACE} --ignore-not-found=true
|
|
kubectl delete svc ${PROJECT_NAME} -n ${params.NAMESPACE} --ignore-not-found=true
|
|
|
|
|
+ kubectl delete svc ${PROJECT_NAME}-nodeport -n ${params.NAMESPACE} --ignore-not-found=true
|
|
|
kubectl delete ingress ${PROJECT_NAME}-ingress -n ${params.NAMESPACE} --ignore-not-found=true
|
|
kubectl delete ingress ${PROJECT_NAME}-ingress -n ${params.NAMESPACE} --ignore-not-found=true
|
|
|
fi
|
|
fi
|
|
|
|
|
|
|
|
- echo ">>> 创建 Deployment 和 Service..."
|
|
|
|
|
|
|
+ echo ">>> 创建 Deployment..."
|
|
|
kubectl apply -n ${params.NAMESPACE} -f - <<EOF
|
|
kubectl apply -n ${params.NAMESPACE} -f - <<EOF
|
|
|
apiVersion: apps/v1
|
|
apiVersion: apps/v1
|
|
|
kind: Deployment
|
|
kind: Deployment
|
|
@@ -149,7 +195,12 @@ spec:
|
|
|
port: 80
|
|
port: 80
|
|
|
initialDelaySeconds: 5
|
|
initialDelaySeconds: 5
|
|
|
periodSeconds: 5
|
|
periodSeconds: 5
|
|
|
----
|
|
|
|
|
|
|
+EOF
|
|
|
|
|
+
|
|
|
|
|
+ # 根据是否配置域名创建不同的 Service
|
|
|
|
|
+ if [ -n "${domain}" ]; then
|
|
|
|
|
+ echo ">>> 创建 ClusterIP Service(用于 Ingress)..."
|
|
|
|
|
+ kubectl apply -n ${params.NAMESPACE} -f - <<EOF
|
|
|
apiVersion: v1
|
|
apiVersion: v1
|
|
|
kind: Service
|
|
kind: Service
|
|
|
metadata:
|
|
metadata:
|
|
@@ -163,6 +214,24 @@ spec:
|
|
|
targetPort: 80
|
|
targetPort: 80
|
|
|
protocol: TCP
|
|
protocol: TCP
|
|
|
EOF
|
|
EOF
|
|
|
|
|
+ else
|
|
|
|
|
+ echo ">>> 创建 NodePort Service(用于直接访问)..."
|
|
|
|
|
+ kubectl apply -n ${params.NAMESPACE} -f - <<EOF
|
|
|
|
|
+apiVersion: v1
|
|
|
|
|
+kind: Service
|
|
|
|
|
+metadata:
|
|
|
|
|
+ name: ${PROJECT_NAME}-nodeport
|
|
|
|
|
+spec:
|
|
|
|
|
+ type: NodePort
|
|
|
|
|
+ selector:
|
|
|
|
|
+ app: ${PROJECT_NAME}
|
|
|
|
|
+ ports:
|
|
|
|
|
+ - port: 80
|
|
|
|
|
+ targetPort: 80
|
|
|
|
|
+ nodePort: 30085
|
|
|
|
|
+ protocol: TCP
|
|
|
|
|
+EOF
|
|
|
|
|
+ fi
|
|
|
|
|
|
|
|
# 创建 Ingress(如果提供了域名)
|
|
# 创建 Ingress(如果提供了域名)
|
|
|
if [ -n "${domain}" ]; then
|
|
if [ -n "${domain}" ]; then
|
|
@@ -209,22 +278,25 @@ EOF
|
|
|
fi
|
|
fi
|
|
|
|
|
|
|
|
# 等待 Deployment 就绪
|
|
# 等待 Deployment 就绪
|
|
|
- echo ">>> 等待 Deployment 就绪..."
|
|
|
|
|
- kubectl wait --for=condition=available --timeout=300s deployment/${PROJECT_NAME} -n ${params.NAMESPACE}
|
|
|
|
|
|
|
+ # echo ">>> 等待 Deployment 就绪..."
|
|
|
|
|
+ # kubectl wait --for=condition=available --timeout=300s deployment/${PROJECT_NAME} -n ${params.NAMESPACE}
|
|
|
|
|
|
|
|
# 显示部署状态
|
|
# 显示部署状态
|
|
|
echo ">>> 部署状态:"
|
|
echo ">>> 部署状态:"
|
|
|
kubectl get all -n ${params.NAMESPACE}
|
|
kubectl get all -n ${params.NAMESPACE}
|
|
|
kubectl get ingress -n ${params.NAMESPACE} || echo ">>> 未配置 Ingress"
|
|
kubectl get ingress -n ${params.NAMESPACE} || echo ">>> 未配置 Ingress"
|
|
|
|
|
|
|
|
- # 如果配置了域名,显示访问信息
|
|
|
|
|
|
|
+ # 根据配置显示访问信息
|
|
|
if [ -n "${domain}" ]; then
|
|
if [ -n "${domain}" ]; then
|
|
|
echo "✅ 应用部署完成!"
|
|
echo "✅ 应用部署完成!"
|
|
|
echo "🌐 访问地址:https://${domain}"
|
|
echo "🌐 访问地址:https://${domain}"
|
|
|
- echo " 注意:确保域名 ${domain} 已正确解析到集群公网IP"
|
|
|
|
|
|
|
+ echo " 注意:请确保域名 ${domain} 已正确解析到 Ingress 控制器的外部 IP"
|
|
|
else
|
|
else
|
|
|
echo "✅ 应用部署完成!"
|
|
echo "✅ 应用部署完成!"
|
|
|
- echo "📝 注意:未配置域名,请手动配置 Ingress 或使用 NodePort 访问"
|
|
|
|
|
|
|
+ echo "🌐 访问地址:"
|
|
|
|
|
+ echo " HTTP: http://47.121.135.46:30085"
|
|
|
|
|
+ echo " HTTPS: https://47.121.135.46:30085"
|
|
|
|
|
+ echo " 注意:使用 NodePort 方式访问,端口为 30085"
|
|
|
fi
|
|
fi
|
|
|
"""
|
|
"""
|
|
|
}
|
|
}
|
|
@@ -232,9 +304,6 @@ EOF
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
stage('🔍 部署验证') {
|
|
stage('🔍 部署验证') {
|
|
|
- when {
|
|
|
|
|
- expression { params.DOMAIN?.trim() }
|
|
|
|
|
- }
|
|
|
|
|
steps {
|
|
steps {
|
|
|
script {
|
|
script {
|
|
|
def domain = params.DOMAIN?.trim()
|
|
def domain = params.DOMAIN?.trim()
|
|
@@ -247,13 +316,19 @@ EOF
|
|
|
kubectl get pods -n ${params.NAMESPACE} -l app=${PROJECT_NAME}
|
|
kubectl get pods -n ${params.NAMESPACE} -l app=${PROJECT_NAME}
|
|
|
|
|
|
|
|
# 检查 Service 状态
|
|
# 检查 Service 状态
|
|
|
- kubectl get svc -n ${params.NAMESPACE} ${PROJECT_NAME}
|
|
|
|
|
-
|
|
|
|
|
- # 检查 Ingress 状态
|
|
|
|
|
- kubectl get ingress -n ${params.NAMESPACE} ${PROJECT_NAME}-ingress
|
|
|
|
|
|
|
+ if [ -n "${domain}" ]; then
|
|
|
|
|
+ kubectl get svc -n ${params.NAMESPACE} ${PROJECT_NAME}
|
|
|
|
|
+ kubectl get ingress -n ${params.NAMESPACE} ${PROJECT_NAME}-ingress
|
|
|
|
|
+ kubectl get secret -n ${params.NAMESPACE} ${params.TLS_SECRET}
|
|
|
|
|
+ else
|
|
|
|
|
+ kubectl get svc -n ${params.NAMESPACE} ${PROJECT_NAME}-nodeport
|
|
|
|
|
+ fi
|
|
|
|
|
|
|
|
- # 检查 TLS Secret
|
|
|
|
|
- kubectl get secret -n ${params.NAMESPACE} ${params.TLS_SECRET}
|
|
|
|
|
|
|
+ # 检查 Ingress 控制器状态(如果配置了域名)
|
|
|
|
|
+ if [ -n "${domain}" ]; then
|
|
|
|
|
+ echo ">>> Ingress 控制器状态:"
|
|
|
|
|
+ kubectl get svc ingress-nginx-controller -n ingress-nginx
|
|
|
|
|
+ fi
|
|
|
|
|
|
|
|
echo "✅ 部署验证完成"
|
|
echo "✅ 部署验证完成"
|
|
|
"""
|
|
"""
|
|
@@ -307,6 +382,11 @@ EOF
|
|
|
script {
|
|
script {
|
|
|
if (params.DOMAIN?.trim()) {
|
|
if (params.DOMAIN?.trim()) {
|
|
|
echo "🌐 应用可通过 https://${params.DOMAIN} 访问"
|
|
echo "🌐 应用可通过 https://${params.DOMAIN} 访问"
|
|
|
|
|
+ echo " 请确保域名已解析到 Ingress 控制器的外部 IP"
|
|
|
|
|
+ } else {
|
|
|
|
|
+ echo "🌐 应用可通过以下地址访问:"
|
|
|
|
|
+ echo " HTTP: http://47.121.135.46:30085"
|
|
|
|
|
+ echo " HTTPS: https://47.121.135.46:30085"
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
