{"id":6834,"date":"2022-11-28T22:41:57","date_gmt":"2022-11-28T13:41:57","guid":{"rendered":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6834"},"modified":"2023-01-13T18:04:40","modified_gmt":"2023-01-13T09:04:40","slug":"kubernetes-ci-cd-%ed%8c%8c%ec%9d%b4%ed%94%84%eb%9d%bc%ec%9d%b8-%ec%84%a4%ec%b9%98","status":"publish","type":"post","link":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6834","title":{"rendered":"Kubernetes &#8211; CI\/CD \ud30c\uc774\ud504\ub77c\uc778 \uad6c\uc131"},"content":{"rendered":"<h1>Kubernetes &#8211; CI\/CD \ud30c\uc774\ud504\ub77c\uc778 \uad6c\uc131<\/h1>\n<p>\uc18c\uc2a4 \ubc30\ud3ec\ubd80\ud130 k8s \ud074\ub7ec\uc2a4\ud130 \ubc30\ud3ec\uae4c\uc9c0\uc758 \uc77c\ub828\uc758 \uacfc\uc815\uc744 \uc124\uce58\ud569\ub2c8\ub2e4.<\/p>\n<p>. . . . . . . . . . . . . . . . . .<\/p>\n<h2>\uae30\ubcf8\uad6c\uc870<\/h2>\n<p><img decoding=\"async\" src=\"https:\/\/www.skyer9.pe.kr\/wordpress\/wp-content\/uploads\/2022\/10\/2022-10-28-01.png\" alt=\"\" \/><\/p>\n<h2>\uc0ac\uc804 \uc900\ube44<\/h2>\n<h3>k8s \ud074\ub7ec\uc2a4\ud130 \uad6c\uc131<\/h3>\n<p><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6630\">\uc5ec\uae30<\/a>, <a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6739\">\uc5ec\uae30<\/a> \ub97c \ucc38\uc870\ud558\uc5ec \ud074\ub7ec\uc2a4\ud130\ub97c \uad6c\uc131\ud569\ub2c8\ub2e4.<\/p>\n<h3>Jenkins \uc124\uce58<\/h3>\n<h4>\uc124\uce58<\/h4>\n<p><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6777\">\uc5ec\uae30<\/a> \ub97c \ucc38\uc870\ud558\uc5ec Jenkins \ub97c \uc124\uce58\ud569\ub2c8\ub2e4.<\/p>\n<h4>Jenkins \ucd94\uac00\uc124\uc815<\/h4>\n<p>\uc544\ub798 Jenkins Plugin \uc744 \uc124\uce58\ud574 \uc90d\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-bash\">kubernetes\ndocker<\/code><\/pre>\n<p>\uc544\ub798 \uc544\uc774\ud53c\ub85c\uc758 \uc811\uadfc\uc744 \ubc29\ud654\ubcbd\uc5d0\uc11c \ud5c8\uc6a9\ud574\uc90d\ub2c8\ub2e4.(Github webhook)<br \/>\n\uc811\uc18d\ud558\ub294 \ud3ec\ud2b8\ub294 30088 \uc785\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-text\">&quot;192.30.252.0\/22&quot;,\n&quot;185.199.108.0\/22&quot;,\n&quot;140.82.112.0\/20&quot;<\/code><\/pre>\n<p><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=3563\">\uc5ec\uae30<\/a> \ub97c \ucc38\uc870\ud558\uc5ec Personal Access Token \uc744 \uc0dd\uc131\ud569\ub2c8\ub2e4.<\/p>\n<h3>Private Docker Repository \uc124\uce58<\/h3>\n<p><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6840\">\uc5ec\uae30<\/a> \ub97c \ucc38\uc870\ud558\uc5ec Repository \ub97c \uc124\uce58\ud569\ub2c8\ub2e4.<\/p>\n<h3>ArgoCD \uc124\uce58<\/h3>\n<p><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6845\">\uc5ec\uae30<\/a> \ub97c \ucc38\uc870\ud558\uc5ec ArgoCD \ub97c \uc124\uce58\ud569\ub2c8\ub2e4.<\/p>\n<h2>\uac1c\ubc1c\uc790\uac00 \uc18c\uc2a4 push<\/h2>\n<p>\ud504\ub85c\uc81d\ud2b8 \ub8e8\ud2b8\uc5d0 Dockerfile \uc744 \ucd94\uac00\ud558\uace0 \uc544\ub798 \ub0b4\uc6a9\uc744 \ucd94\uac00\ud569\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-text\">FROM openjdk:11.0.6-jre\nEXPOSE 8080\nARG JAR_FILE=build\/libs\/*.jar\nCOPY ${JAR_FILE} app.jar\nENTRYPOINT [&quot;java&quot;, &quot;-jar&quot;, &quot;\/app.jar&quot;]<\/code><\/pre>\n<h2>Github \uac00 Jenkins \uc5d0 \ub178\ud2f0<\/h2>\n<h3>Github Webhook \uc124\uc815<\/h3>\n<p>Github private repo \ub85c \uc774\ub3d9 \ud6c4,<br \/>\nSettings &gt; Webhooks \uc73c\ub85c \uc774\ub3d9\ud55c\ub2e4.<\/p>\n<ul>\n<li>Payload URL : <a href=\"http:\/\/worker\">http:\/\/worker<\/a> public ip:30088\/github-webhook\/<\/li>\n<li>Content type : application\/json<\/li>\n<\/ul>\n<h3>Jenkins \uc544\uc774\ud15c \uc0dd\uc131<\/h3>\n<p>\uc820\ud0a8\uc2a4 \uc544\uc774\ud15c\uc744 Pipeline \uc73c\ub85c \uc0dd\uc131\ud558\uace0 \uc544\ub798 script \ub97c \uc785\ub825\ud569\ub2c8\ub2e4.<br \/>\n\uc704\uc5d0\uc11c \uc0dd\uc131\ud55c Personal Access Token \uc73c\ub85c \uc811\uadfc\ud569\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-groovy\">node {\n    stage(&quot;Get Source&quot;) {\n        git url: &quot;https:\/\/ghp_a16NFKcFmOXXXXXXXXXXXXXX@github.com\/skyer9\/TestPrivate.git&quot;,\n            branch: &quot;master&quot;\n    }\n}<\/code><\/pre>\n<p>Build now(\uc9c0\uae08 \ube4c\ub4dc) \ub97c \ud074\ub9ad\ud574\uc11c \uc18c\uc2a4\ub97c \uac00\uc838\uc624\ub294\uc9c0 \ud655\uc778\ud569\ub2c8\ub2e4.<\/p>\n<h3>\uc18c\uc2a4 \ube4c\ub4dc<\/h3>\n<pre><code class=\"language-groovy\">node {\n    stage(&quot;Get Source&quot;) {\n        git url: &quot;https:\/\/ghp_a16NFKcFmOXXXXXXXXXXXXXX@github.com\/skyer9\/TestPrivate.git&quot;,\n            branch: &quot;master&quot;\n    }\n\n    stage(&quot;Build&quot;) {\n        sh &quot;chmod 700 gradlew&quot;\n        sh &quot;.\/gradlew clean&quot;\n        sh &quot;.\/gradlew bootJar&quot;\n    }\n}<\/code><\/pre>\n<p>\ube4c\ub4dc\uac00 \uc774\ub8e8\uc5b4\uc9c0\ub294\uc9c0 \ud655\uc778\ud569\ub2c8\ub2e4.<\/p>\n<h3>webhook \uccb4\ud06c<\/h3>\n<p>\uc820\ud0a8\uc2a4 \uc544\uc774\ud15c\uc5d0 GitHub hook trigger for GITScm polling \uc744 \uccb4\ud06c\ud574 \uc90d\ub2c8\ub2e4.<\/p>\n<p>\uc18c\uc2a4\ub97c Github \uc5d0 push \ud574\uc11c \uc815\uc0c1\uc801\uc73c\ub85c \ube4c\ub4dc\uac00 \uc774\ub8e8\uc5b4\uc9c0\ub294\uc9c0 \ud655\uc778\ud569\ub2c8\ub2e4.<\/p>\n<h2>Jenkins \uac00 Docker image \uc0dd\uc131 \ud6c4 Private repo \uc5d0 \ubc30\ud3ec<\/h2>\n<h3>Kubernetes \ud50c\ub7ec\uadf8\uc778 \uc124\uc815<\/h3>\n<p><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6883\">\uc5ec\uae30<\/a> \ub97c \ucc38\uc870\ud558\uc5ec \ud50c\ub7ec\uadf8\uc778\uc744 \uc124\uc815\ud574 \uc90d\ub2c8\ub2e4.<\/p>\n<h3>Jenkins \uc544\uc774\ud15c \uc218\uc815<\/h3>\n<pre><code class=\"language-groovy\">pipeline {\n    agent {\n        kubernetes {\n            defaultContainer &#039;jnlp&#039;\n            yaml &quot;&quot;&quot;\nspec:\n  dnsPolicy: Default       # \uc774\uac8c \uc65c \ud544\uc694\ud560\uae4c?\n  containers:\n    - name: docker\n      image: docker:latest\n      command:\n        - cat\n      tty: true\n      privileged: true\n      volumeMounts:\n        - name: dockersock\n          mountPath: \/var\/run\/docker.sock\n  volumes:\n    - name: dockersock\n      hostPath:\n        path: \/var\/run\/docker.sock\n    - name: m2\n      hostPath:\n        path: \/root\/.m2\n            &quot;&quot;&quot;\n        }\n    }\n\n    stages {\n        stage(&quot;Get Source&quot;) {\n            steps {\n                git url: &quot;https:\/\/ghp_a16NFKXXXXXXXXXXXXXXXXX@github.com\/skyer9\/TestPrivate.git&quot;,\n                branch: &quot;master&quot;\n            }\n        }\n\n        stage(&quot;Build&quot;) {\n            steps {\n                sh &quot;chmod 700 gradlew&quot;\n                sh &quot;.\/gradlew clean&quot;\n                sh &quot;.\/gradlew bootJar&quot;\n            }\n        }\n\n        stage(&#039;Docker Build&#039;) {\n            steps {\n                container(&#039;docker&#039;) {\n                    sh &quot;docker build -t 10.101.46.90\/skyer9\/testprivate:0.1.${build_number} .&quot;\n                    sh &quot;docker build -t 10.101.46.90\/skyer9\/testprivate:latest .&quot;\n                }\n            }\n        }\n    }\n}<\/code><\/pre>\n<p>docker build \uc2dc \uc544\uc774\ud53c\ub294 docker-repository \uc758 \ud074\ub7ec\uc2a4\ud130 \uc544\uc774\ud53c\uc785\ub2c8\ub2e4.<\/p>\n<h3>Private Docker Repository \uc5d0 push<\/h3>\n<p>push \ub294 https \ub9cc \ud5c8\uc6a9\ud558\ubbc0\ub85c \uc544\ub798 \uc124\uc815\ubcc0\uacbd\uc744 \ud1b5\ud574,<br \/>\nhttp push \ub97c \ud5c8\uc6a9\ud574 \uc900\ub2e4.<\/p>\n<p>\ub9c8\uc2a4\ud130 \ub178\ub4dc\uc5d0\uc11c \ud074\ub7ec\uc2a4\ud130 \uc544\uc774\ud53c\ub97c \ud655\uc778\ud55c\ub2e4.<\/p>\n<pre><code class=\"language-bash\">kubectl get svc -n repository\nNAME                TYPE       CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE\ndocker-repository   NodePort   10.105.115.134   &lt;none&gt;        80:30099\/TCP   10m<\/code><\/pre>\n<p>\uc6cc\ucee4 \ub178\ub4dc\uc758 \ub3c4\ucee4 \uc11c\ube44\uc2a4\ub97c \uc218\uc815\ud55c\ub2e4.<\/p>\n<pre><code class=\"language-bash\">sudo vi \/lib\/systemd\/system\/docker.service\nExecStart=\/usr\/bin\/dockerd ...... --insecure-registry 10.105.115.134<\/code><\/pre>\n<pre><code class=\"language-bash\">sudo systemctl daemon-reload\nsudo systemctl restart docker\nsudo docker info<\/code><\/pre>\n<pre><code class=\"language-groovy\">        stage(&#039;Docker Build&#039;) {\n            steps {\n                container(&#039;docker&#039;) {\n                    sh &quot;docker build -t 10.105.115.134\/skyer9\/testprivate:0.1.${build_number} .&quot;\n                    sh &quot;docker build -t 10.105.115.134\/skyer9\/testprivate:latest .&quot;\n                    sh &quot;docker info&quot;\n                    sh &quot;docker push 10.105.115.134\/skyer9\/testprivate:0.1.${build_number}&quot;\n                    sh &quot;docker push 10.105.115.134\/skyer9\/testprivate:latest&quot;\n                }\n            }\n        }<\/code><\/pre>\n<p>\uc544\ub798 \uba85\ub839\uc73c\ub85c \uc5c5\ub85c\ub4dc\ub41c \uc774\ubbf8\uc9c0\ub97c \ud655\uc778\ud560 \uc218 \uc788\ub2e4.<\/p>\n<pre><code class=\"language-bash\">curl http:\/\/localhost:30099\/v2\/_catalog<\/code><\/pre>\n<h3>Private Docker Repository \uc5d0 https \uc801\uc6a9<\/h3>\n<p><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=7217\">\uc5ec\uae30<\/a> \ub97c \ucc38\uc870\ud558\uc5ec \uc0ac\uc124\uc778\uc99d\uc11c\ub97c \uc0dd\uc131\ud569\ub2c8\ub2e4.<\/p>\n<p>\uc820\ud0a8\uc2a4 \uc124\uc815\ud30c\uc77c\uc740 \uc544\ub798\ucc98\ub7fc \uc218\uc815\ud574 \uc90d\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-gradle\">pipeline {\n    agent {\n        kubernetes {\n            defaultContainer &#039;jnlp&#039;\n            yaml &quot;&quot;&quot;\nspec:\n  dnsPolicy: Default       # \uc774\uac8c \uc65c \ud544\uc694\ud560\uae4c?\n  containers:\n  - name: docker\n    image: docker:latest\n    command:\n    - cat\n    tty: true\n    privileged: true\n    volumeMounts:\n    - name: private-rootca-crt\n      mountPath: \/etc\/docker\/certs.d\/docker-repository.repository.svc.cluster.local\/ca.crt\n      subPath: rootCA.crt\n      readOnly: true\n    - name: dockersock\n      mountPath: \/var\/run\/docker.sock\n  volumes:\n  - name: private-rootca-crt\n    configMap:\n      name: private-rootca.crt\n  - name: dockersock\n    hostPath:\n      path: \/var\/run\/docker.sock\n  - name: m2\n    hostPath:\n      path: \/root\/.m2\n            &quot;&quot;&quot;\n        }\n    }\n\n    stages {\n        stage(&quot;Get Source&quot;) {\n            steps {\n                git url: &quot;https:\/\/ghp_ttA52XKpXXXXXXXXXXXXXXX@github.com\/skyer9\/TestPrivate.git&quot;,\n                branch: &quot;master&quot;\n            }\n        }\n\n        stage(&quot;Build&quot;) {\n            steps {\n                sh &quot;chmod 700 gradlew&quot;\n                sh &quot;.\/gradlew clean&quot;\n                sh &quot;.\/gradlew bootJar&quot;\n            }\n        }\n\n        stage(&#039;Docker Build&#039;) {\n            steps {\n                container(&#039;docker&#039;) {\n                    sh &quot;docker build -t docker-repository.repository.svc.cluster.local\/testprivate:0.1.${build_number} .&quot;\n                    sh &quot;docker build -t docker-repository.repository.svc.cluster.local\/testprivate:latest .&quot;\n                    sh &quot;docker info&quot;\n                    \/\/ sh &quot;apk update &amp;&amp; apk add ca-certificates&quot;\n                    \/\/ sh &quot;cp \/etc\/docker\/certs.d\/repository.repository.svc.cluster.local\/ca.crt \/usr\/local\/share\/ca-certificates\/my-cert.crt&quot;\n                    \/\/ sh &quot;update-ca-certificates&quot;\n                    \/\/ sh &quot;wget https:\/\/repository.repository.svc.cluster.local\/v2\/&quot;\n                    sh &quot;docker push docker-repository.repository.svc.cluster.local\/testprivate:0.1.${build_number}&quot;\n                    sh &quot;docker push docker-repository.repository.svc.cluster.local\/testprivate:latest&quot;\n                }\n            }\n        }\n    }\n}<\/code><\/pre>\n<h2>\uc6b4\uc601\uc790\uac00 \uc18c\uc2a4\ub97c Github \uc5d0 push<\/h2>\n<p><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=7221\">\uc5ec\uae30<\/a> \ub97c \ucc38\uc870\ud558\uc5ec Repo \ub97c \uc124\uc815\ud569\ub2c8\ub2e4.<\/p>\n<p>\uc774\ubbf8\uc9c0 \uc8fc\uc18c\ub97c \uc124\uc815\ud574 \uc8fc\uba74 \ub429\ub2c8\ub2e4.<\/p>\n<p>Worker \ub178\ub4dc\uc5d0\uc11c \uc774\ubbf8\uc9c0\ub97c \ub561\uaca8 \uc624\uae30\uc5d0,<br \/>\nWorker \ub178\ub4dc\uc5d0 \ub8e8\ud2b8\uc778\uc99d\uc11c\uac00 \ub4f1\ub85d\ub418\uc5b4 \uc788\uc5b4\uc57c \ud569\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-bash\">apiVersion: apps\/v1\nkind: Deployment\nmetadata:\n  name: testprivate\n  namespace: default\n  labels:\n    app: testprivate\nspec:\n  replicas: 1\n  selector:\n    matchLabels:\n      app: testprivate\n  template:\n    metadata:\n      labels:\n        app: testprivate\n    spec:\n      containers:\n      - name: testprivate\n        image: docker-repository.repository.svc.cluster.local\/testprivate:0.1.16\n        ports:\n        - containerPort: 8080<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Kubernetes &#8211; CI\/CD \ud30c\uc774\ud504\ub77c\uc778 \uad6c\uc131 \uc18c\uc2a4 \ubc30\ud3ec\ubd80\ud130 k8s \ud074\ub7ec\uc2a4\ud130 \ubc30\ud3ec\uae4c\uc9c0\uc758 \uc77c\ub828\uc758 \uacfc\uc815\uc744 \uc124\uce58\ud569\ub2c8\ub2e4. . . . . . . . . . . . . . . . . . . \uae30\ubcf8\uad6c\uc870 \uc0ac\uc804 \uc900\ube44 k8s \ud074\ub7ec\uc2a4\ud130 \uad6c\uc131 \uc5ec\uae30, \uc5ec\uae30 \ub97c \ucc38\uc870\ud558\uc5ec \ud074\ub7ec\uc2a4\ud130\ub97c \uad6c\uc131\ud569\ub2c8\ub2e4. Jenkins \uc124\uce58 \uc124\uce58 \uc5ec\uae30 \ub97c \ucc38\uc870\ud558\uc5ec Jenkins \ub97c \uc124\uce58\ud569\ub2c8\ub2e4. Jenkins \ucd94\uac00\uc124\uc815 \uc544\ub798\u2026 <span class=\"read-more\"><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6834\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-6834","post","type-post","status-publish","format-standard","hentry","category-kubernetes"],"_links":{"self":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6834","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6834"}],"version-history":[{"count":62,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6834\/revisions"}],"predecessor-version":[{"id":7451,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6834\/revisions\/7451"}],"wp:attachment":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6834"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6834"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6834"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}