jenkins pipeline封装api请求调用kubernetes
来源:原创
时间:2021-03-01
作者:脚本小站
分类:Jenkins
先在k8s集群上测试获取借口的Token:
curl --header "Authorization: Bearer $TOKEN" --insecure -XGET https://192.168.0.45:6443/api/v1/nodes
查看已有的或创建Token:
kubectl create serviceaccount dashboard-admin -n kube-system kubectl create clusterrolebinding admin-k8s-dashboard --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin kubectl get secret -n kube-system kubectl describe secret dashboard-admin-token-cxls2 -n kube-system
测试token:将上面的$TOKEN换成token的值来测试token是否可用。
curl --header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IlUzcFlsZmdEQWpRRm13RnRsa1BTTXdfcUwwVzFobUFNSUlUUENtUGhQbDAifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tYmJmYmQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiZDJiZmY3YzAtYzdmOS00NmM4LWFhZDktODA1YzcxNWExYjM5Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.e1bROxgrN-MO1kXjL7yCVamGEZZGjknMOEaWU0F5LmdqWzPembLsq0M6UStw_HoOyTxLszD_NacLyzDEjVwLZ9c8oJeiwyTKhaSuRuBfCEXQ9tdNaMdFfo00ThO9hVAOsVIxY2M1e4XV8F2eT-j6VBnsaUqaGDaodkwccDLt_qphVUyGBj35N2OddrtEn3cQG9oSMuN6n7_C8mqJ_lTnCehCdIA36Vih4pqYs_uCoQ0Ltesc9ueQ7ahOjHKgPrf63zm-xc931mVpvVPa8r7ADXCjiL99ryrCn8r2RMKQEOATmUB2fO826Ua2NaneV4D5BaCN_JQebZjTLf5gzJOSAA" --insecure -XGET https://192.168.0.45:6443/api/v1/nodes
将token添加到全局凭据里面:
Jenkins > 凭据 > 系统 > 全局凭据 (unrestricted) > 添加凭据 > 类型(Secret text)。
安装jenkins插件:
在jenkins插件列表中搜索“HTTP Request”的插件,并安装。
插件官方文档:
https://www.jenkins.io/doc/pipeline/steps/http_request/
在pipeline中封装http_request 请求: src/org/devops/kubernetes.groovy
package org.devops //封装HTTP请求 def HttpReq(reqType,reqUrl,reqBody){ def apiServer = "https://192.168.0.45:6443/apis/apps/v1" withCredentials([string(credentialsId: 'kubernetes-token', variable: 'kubernetestoken')]) { result = httpRequest customHeaders: [[maskValue: true, name: 'Authorization', value: "Bearer ${kubernetestoken}"], [maskValue: false, name: 'Content-Type', value: 'application/yaml'], [maskValue: false, name: 'Accept', value: 'application/yaml']], httpMode: reqType, consoleLogResponseBody: true, ignoreSslErrors: true, requestBody: reqBody, url: "${apiServer}/${reqUrl}" //quiet: true } return result } //新建Deployment def CreateDeployment(nameSpace,deployName,deplyBody){ apiUrl = "namespaces/${nameSpace}/deployments/" response = HttpReq('POST',apiUrl,deplyBody) println(response) } //删除deployment def DeleteDeployment(nameSpace,deployName){ apiUrl = "namespaces/${nameSpace}/deployments/${deployName}" response = HttpReq('DELETE',apiUrl,deplyBody) println(response) } //更新Deployment def UpdateDeployment(nameSpace,deployName,deplyBody){ apiUrl = "namespaces/${nameSpace}/deployments/${deployName}" response = HttpReq('PUT',apiUrl,deplyBody) println(response) } //获取Deployment def GetDeployment(nameSpace,deployName){ apiUrl = "namespaces/${nameSpace}/deployments/${deployName}" response = HttpReq('GET',apiUrl,'') return response }
在pipeline中使用借口获取资源:
stage("deployment"){ steps{ script{ tools.PrintMes("GetDeployment","green") response = k8s.GetDeployment("kube-system", "coredns") response = response.content println(response) // print deployment content fileData = readYaml text: """${response}""" println(fileData) println(fileData["spec"]["template"]["spec"]["containers"][0]["image"]) // 修改镜像 fileData["spec"]["template"]["spec"]["containers"][0]["image"] = "myharbor.com/solo/solo:0.4" println(fileData["spec"]["template"]["spec"]["containers"][0]["image"]) tools.PrintMes("newimage", "green") println(fileData) } } }