diff --git a/task1/task1.sh b/task1/task1.sh new file mode 100644 index 0000000..ffe4eb5 --- /dev/null +++ b/task1/task1.sh @@ -0,0 +1,26 @@ +#!/bin/bash +logFile="../data/test-1-action-ids.log" +outputPath="./output/" +outputFile="test-1-action-ids-output.txt" +tempFile="./output/tempNumber" + +#Check the file +if [ ! -f "$logFile" ]; then + echo "The file doesn't exist..." + exit 1 +fi + +#Check whether the directory exists, if not, create the directory +if [ ! -d "$outputPath" ]; then + mkdir $outputPath +fi + +#Match the string “ongoing” and print the next line +awk '$0~/ongoing/{getline;print$0;}' $logFile > $tempFile + + +#Print the third value divided by space and Remove the double quotation mark +cut -d " " -f 3 $tempFile | sed 's/\"//g' >> $outputPath$outputFile + +#Delet the tempFile +rm $tempFile diff --git a/task2/apisever/main.yml b/task2/apisever/main.yml new file mode 100644 index 0000000..6a29dd5 --- /dev/null +++ b/task2/apisever/main.yml @@ -0,0 +1,14 @@ +--- +- name: Start api services + docker: + name: demo-api + image: registry.wcl.com/wcl/api:latest + state: started + env: + username: demo + passwrod: demo + ports: + - "3000:3000" + +- name: Wait for api services to be up + wait_for: delay=60 port=3000 \ No newline at end of file diff --git a/task2/init/main.yml b/task2/init/main.yml new file mode 100644 index 0000000..8693fa9 --- /dev/null +++ b/task2/init/main.yml @@ -0,0 +1,62 @@ +--- +- name: 01_configure_base_repos + get_url: url=http://mirrors.aliyun.com/repo/Centos-7.repo dest=/etc/yum.repos.d/CentOS-Base.repo + +- name: 02_configure_epel_repos + get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo + +- name: 03_install_server + yum: name={{ item }} state=installed + loop: + - wget + - lrzsz + - lsof + - nmap + - telnet + - tree + - vim + - ntsysv + - unzip + - sysstat + - ntpdate + - iotop + - iftop + ignore_errors: yes + tags: t3 + +- name: 05_close firewalld + systemd: name=firewalld state=stopped enabled=no + +- name: 06_set_timezone + shell: timedatectl set-timezone Asia/Shanghai + +- name: 07_time_update + cron: name="ntpdate" minute="*/5" job="/usr/sbin/ntpdate time1.aliyun.com >/dev/null 2>&1" + ignore_errors: yes + +- name: 08_set_sshd + become: true + block: + + - name: Ensure SSHD server is installed + package: + name: openssh-server + state: present + + - name: Ensure SSHD server service is running + systemd: + daemon_reload: true + enabled: true + name: sshd.service + state: started + + - name: Configure sshd_config + template: + src: templates/sshd_config.j2 + dest: /etc/ssh/sshd_config + owner: root + group: root + mode: '0600' + backup: true + validate: /sbin/sshd -t -f %s + notify: restart sshd diff --git a/task2/init/sshd_config.j2 b/task2/init/sshd_config.j2 new file mode 100644 index 0000000..2f9848e --- /dev/null +++ b/task2/init/sshd_config.j2 @@ -0,0 +1,154 @@ +{{ ansible_managed | comment }} + +# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +# If you want to change the port on a SELinux system, you have to tell +# SELinux about this change. +# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER +# +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +HostKey /etc/ssh/ssh_host_rsa_key +HostKey /etc/ssh/ssh_host_ecdsa_key +HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# System-wide Crypto policy: +# This system is following system-wide crypto policy. The changes to +# Ciphers, MACs, KexAlgoritms and GSSAPIKexAlgorithsm will not have any +# effect here. They will be overridden by command-line options passed on +# the server start up. +# To opt out, uncomment a line with redefinition of CRYPTO_POLICY= +# variable in /etc/sysconfig/sshd to overwrite the policy. +# For more information, see manual page for update-crypto-policies(8). + +# Logging +SyslogFacility AUTH +LogLevel VERBOSE + +# Authentication: + +#LoginGraceTime 2m +{% if sshd_permit_root_login %} +PermitRootLogin yes +{% else %} +PermitRootLogin no +{% endif %} +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PermitEmptyPasswords no +PasswordAuthentication no + + +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no +#KerberosUseKuserok yes + +# GSSAPI options +GSSAPIAuthentication yes +GSSAPICleanupCredentials no +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no +#GSSAPIEnablek5users no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication no +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +# WARNING: 'UsePAM no' is not supported in Fedora and may cause several +# problems. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes + +# It is recommended to use pam_motd in /etc/pam.d/sshd instead of PrintMotd, +# as it is more configurable and versatile than the built-in version. +PrintMotd no + +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /var/run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# Accept locale-related environment variables +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE +AcceptEnv XMODIFIERS + +# override default of no subsystems +Subsystem sftp /usr/libexec/openssh/sftp-server + + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server diff --git a/task2/mysql/add_user.yml b/task2/mysql/add_user.yml new file mode 100644 index 0000000..045ba6a --- /dev/null +++ b/task2/mysql/add_user.yml @@ -0,0 +1,7 @@ +--- +- name: add_mysql_usr + user: + name: "{{ user }}" + shell: /bin/bash + tags: + - add_mysql_usr \ No newline at end of file diff --git a/task2/mysql/install_mysql.yml b/task2/mysql/install_mysql.yml new file mode 100644 index 0000000..e243d95 --- /dev/null +++ b/task2/mysql/install_mysql.yml @@ -0,0 +1,99 @@ +--- +- name: create work_directory + file: + path: "{{ mysql_install_path }}" + state: directory + owner: "{{ user }}" + group: "{{ group }}" + recurse: yes + +- name: copy_mysql_tar + copy: + src: "{{ mysql_version }}.tar.gz" + dest: "{{ mysql_install_path }}" + owner: "{{ user }}" + group: "{{ group }}" + tags: + - copy_mysql_tar + +- name: unarchive_mysql_tar + unarchive: + src: "{{ mysql_install_path }}/{{ mysql_version }}.tar.gz" + dest: "{{ mysql_install_path }}" + copy: no + owner: "{{ user }}" + group: "{{ group }}" + tags: + - unarchive_mysql_tar + +- name: link_mysql + file: + src: "{{ mysql_install_path }}/{{ mysql_version }}" + dest: "{{ mysql_install_path }}" + owner: "{{ user }}" + group: "{{ group }}" + state: link + tags: + - link_mysql + +- name: create data_directory + file: + path: "{{ mysql_install_path }}/{{ mysql_link }}/data" + state: directory + owner: "{{ user }}" + group: "{{ group }}" + +- name: copy_my.cnf + template: + src: my.cnf.j2 + dest: /etc/my.cnf + tags: + - copy_my.cnf + +- name: init_mysql + shell: ./bin/mysqld --initialize --user=mysql + args: + chdir: "{{ mysql_install_path }}/{{ mysql_link }}" + tags: + - init_mysql + +- name: get_mysql_passwd + shell: cat ./error.log |grep localhost|grep "temporary password"|awk '{print $NF}' + register: mysql_init_passwd + args: + chdir: "{{ mysql_install_path }}/{{ mysql_link }}" + tags: + - get_mysql_passwd + +- name: dispaly_passwd + debug: + msg: "{{ mysql_init_passwd.stdout }}" + tags: + - dispaly_passwd + +- name: copy_mysql.server + template: + src: mysql.service.j2 + dest: "/etc/init.d/mysql.server" + mode: 0755 + tags: + - copy_mysql.server + +- name: add_mysql_systemd + template: + src: mysql.service.j2 + dest: /etc/systemd/system/mysql-{{ mysql_port }}.service + tags: + - add_mysql_systemd + +- name: start_mysql_service + command: /etc/init.d/mysql.server start + tags: + - start_mysql_service + +- name: alter_passwd + shell: ./bin/mysqladmin -u root -p'{{mysql_init_passwd.stdout}}' password '{{ mysql_root_passwd }}' + args: + chdir: "{{ mysql_install_path }}/{{ mysql_link }}" + tags: + - alter_passwd \ No newline at end of file diff --git a/task2/mysql/main.yml b/task2/mysql/main.yml new file mode 100644 index 0000000..0408ebf --- /dev/null +++ b/task2/mysql/main.yml @@ -0,0 +1,11 @@ +--- +mysql_version: mysql-5.7.33-linux-glibc2.12-x86_64 +mysql_install_path: /opt/data/mysql_data +mysql_link: mysql +mysql_sock: /tmp/mysql.sock +mysql_port: 8901 +mysql_root_passwd: "Root_123^" +repl_user: repl +repl_passwd: "Repl_123^" +user: mysql +group: mysql \ No newline at end of file diff --git a/task2/mysql/my.cnf.j2 b/task2/mysql/my.cnf.j2 new file mode 100644 index 0000000..aadc84f --- /dev/null +++ b/task2/mysql/my.cnf.j2 @@ -0,0 +1,119 @@ +[client] +port = {{ mysql_port }} +socket = {{ mysql_sock }} +default-character-set=utf8mb4 + +[mysqldump] +single-transaction + +[mysqld] +port = {{ mysql_port }} +socket = {{ mysql_sock }} +character-set-server=utf8mb4 +#skip-grant-tables +sql_mode=STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION +log_bin_trust_function_creators=1 +innodb_flush_log_at_trx_commit=1 +sync_binlog=1 + +gtid-mode = on +enforce_gtid_consistency +log-bin = on +log-slave-updates = on + +#rpl_semi_sync_master_enabled=1 +#rpl_semi_sync_master_timeout=1000 +#rpl_semi_sync_slave_enabled=1 + + +master_info_repository = TABLE +relay_log_info_repository = TABLE + + +replicate-ignore-table=mysql.failover_console + +datadir={{ mysql_install_path }}/{{ mysql_link }}/data + +{% if master is defined %} +server-id=1 +{% else %} +server-id=2 +{% endif %} + +read-only=0 +#relay_log_purge=0 +log_timestamps=SYSTEM +lower_case_table_names=1 +log_slave_updates=on + +skip-name-resolve +#skip-networking +back_log = 600 + +slave_parallel_workers = 16 +slave-parallel-type = LOGICAL_CLOCK +master_info_repository = TABLE +relay_log_info_repository = TABLE +relay_log_recovery = ON +slave_preserve_commit_order = 1 + +innodb_undo_directory={{ mysql_install_path }}/{{ mysql_link }}/undolog +innodb_undo_tablespaces=4 +innodb_undo_logs=128 +innodb_max_undo_log_size=1024M +innodb_purge_rseg_truncate_frequency +innodb_undo_log_truncate=1 + +max_connections = 4000 +max_connect_errors = 6000 +open_files_limit = 65535 +table_open_cache = 4096 +table_open_cache_instances = 64 +max_allowed_packet = 128M +binlog_cache_size = 32M +max_heap_table_size = 128M +tmp_table_size = 32M +read_buffer_size = 8M +read_rnd_buffer_size = 8M +sort_buffer_size = 8M +join_buffer_size = 8M +key_buffer_size = 8M +thread_cache_size = 64 +query_cache_type = 0 +query_cache_size = 0 +#query_cache_size = 16M +#query_cache_limit = 8M +ft_min_word_len = 4 +log_bin = mysql-bin +binlog_format = row +expire_logs_days = 15 +log_error ={{ mysql_install_path }}/{{ mysql_link }}/error.log +slow_query_log = 1 +long_query_time = 3 +performance_schema = 0 +explicit_defaults_for_timestamp +#lower_case_table_names = 1 +skip-external-locking +default_storage_engine = InnoDB +innodb_flush_method = O_DIRECT +innodb_file_per_table = 1 +innodb_stats_persistent_sample_pages = 64 +innodb_open_files = 10000 +innodb_buffer_pool_size = 90G +innodb_write_io_threads = 24 +innodb_read_io_threads = 24 +innodb_thread_concurrency = 0 +innodb_purge_threads = 1 +innodb_log_buffer_size = 64M +innodb_sort_buffer_size = 64M +innodb_log_file_size = 1024M +innodb_log_files_in_group = 3 +innodb_max_dirty_pages_pct = 75 +innodb_lock_wait_timeout = 120 +log_warnings=1 +#local-infile=0 +#connection-control-failed-connections-threshold=10 +#connection-control-min-connection-delay=10800 +wait_timeout = 3600 +interactive_timeout = 3600 +innodb_temp_data_file_path = ibtmp1:200M:autoextend:max:5G \ No newline at end of file diff --git a/task2/mysql/mysql.service.j2 b/task2/mysql/mysql.service.j2 new file mode 100644 index 0000000..734d36d --- /dev/null +++ b/task2/mysql/mysql.service.j2 @@ -0,0 +1,47 @@ +#!/bin/sh +# Copyright Abandoned 1996 TCX DataKonsult AB & Monty Program KB & Detron HB +# This file is public domain and comes with NO WARRANTY of any kind + +# MySQL daemon start/stop script. + +# Usually this is put in /etc/init.d (at least on machines SYSV R4 based +# systems) and linked to /etc/rc3.d/S99mysql and /etc/rc0.d/K01mysql. +# When this is done the mysql server will be started when the machine is +# started and shut down when the systems goes down. + +# Comments to support chkconfig on RedHat Linux +# chkconfig: 2345 64 36 +# description: A very fast and reliable SQL database engine. + +# Comments to support LSB init script conventions +### BEGIN INIT INFO +# Provides: mysql +# Required-Start: $local_fs $network $remote_fs +# Should-Start: ypbind nscd ldap ntpd xntpd +# Required-Stop: $local_fs $network $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: start and stop MySQL +# Description: MySQL is a very fast and reliable SQL database engine. +### END INIT INFO + +# If you install MySQL on some other places than /usr/local/mysql, then you +# have to do one of the following things for this script to work: +# +# - Run this script from within the MySQL installation directory +# - Create a /etc/my.cnf file with the following information: +# [mysqld] +# basedir= +# - Add the above to any other configuration file (for example ~/.my.ini) +# and copy my_print_defaults to /usr/bin +# - Add the path to the mysql-installation-directory to the basedir variable +# below. +# +# If you want to affect other MySQL variables, you should make your changes +# in the /etc/my.cnf, ~/.my.cnf or other MySQL configuration files. + +# If you change base dir, you must also change datadir. These may get +# overwritten by settings in the MySQL configuration files. + +basedir={{ mysql_install_path }}/{{ mysql_link }} +datadir={{ mysql_install_path }}/{{ mysql_link }}/data \ No newline at end of file diff --git a/task2/nginx/api.conf b/task2/nginx/api.conf new file mode 100644 index 0000000..a21ba1c --- /dev/null +++ b/task2/nginx/api.conf @@ -0,0 +1,8 @@ +server { + listen 80; + server_name localhost; + + location /api/ { + proxy_pass http://127.0.0.1:3000/; + } +} \ No newline at end of file diff --git a/task2/nginx/main.yml b/task2/nginx/main.yml new file mode 100644 index 0000000..acaacac --- /dev/null +++ b/task2/nginx/main.yml @@ -0,0 +1,23 @@ +- name: install nginx + yum: name=nginx state=present + +- name: start nginx + service: name=nginx state=started enabled=yes + +- name: copy nginx conf + copy: src=nginx.conf dest=/etc/nginx/nginx.conf backup=yes force=yes + +- name: check nginx.conf + shell: /usr/sbin/nginx -t -c /etc/nginx/nginx.conf + +- name: delete default.conf + file: path=/etc/nginx/conf.d/default.conf state=absent + +- name: copy api_conf + copy: src=api.conf dest=/etc/nginx/conf.d/api.conf backup=yes force=yes + notify: restart nginx + +handlers: + - name: restart nginx + service: name=nginx state=restarted + diff --git a/task4/docker_demo/Dockerfile b/task4/docker_demo/Dockerfile new file mode 100644 index 0000000..833174c --- /dev/null +++ b/task4/docker_demo/Dockerfile @@ -0,0 +1,9 @@ +FROM python:3.9 + +WORKDIR ./docker_demo + +ADD . . + +RUN pip install -r requirements.txt + +CMD ["python3", "./src/main.py"] diff --git a/task4/docker_demo/README.md b/task4/docker_demo/README.md new file mode 100644 index 0000000..3004375 --- /dev/null +++ b/task4/docker_demo/README.md @@ -0,0 +1,7 @@ +#Run in the directory where is dockerfile +sudo docker build -t demo:v1 +#Run the container +sudo docker run demo:v1 +#Load data volume +sudo docker run -v /docker_demo/logs:/logs demo:v1 + diff --git a/task4/docker_demo/requirements.txt b/task4/docker_demo/requirements.txt new file mode 100644 index 0000000..7bef162 --- /dev/null +++ b/task4/docker_demo/requirements.txt @@ -0,0 +1 @@ +flask==2.1.2 diff --git a/task4/docker_demo/src/main.py b/task4/docker_demo/src/main.py new file mode 100644 index 0000000..ddfe528 --- /dev/null +++ b/task4/docker_demo/src/main.py @@ -0,0 +1,35 @@ +from flask import Flask +from flask import request +import os +app = Flask(__name__) + + +@app.route('/welcome', methods=["GET","PUT"]) #Use the route() decorator to bind a function to a URL. +def welcome(): + if request.method == 'GET': + name = requests.args.get('name', '') #Use "name" as a request + connection = db.get_db() # connect to the database,select the name + query = "SELECT * FROM userProfile WHERE name = {}".format(name) + result = query_db(query,one=True) # get a database's cursor + if result is None: + return 'Hello, Wiredcarft!' + else: + return f'Hello, {escape(name)}!' # determine whether the user exists + elif request.method == 'PUT': + #Use "name" as a request + name = request.json.get('name') #Use "name" as a request + connection = db.get_db() + query = "UPDATE userProfile set name = {}".format(name) + connection.excute(query) + connection.commit + return { + "name": name.name #return "name" as aody + } + + +if __name__=='__main__': + os.mknod('../logs/docker.log') + app.run(port=8888,debug=True,host='127.0.0.1') # Create an APIserver + + + diff --git a/task5/PV.yaml b/task5/PV.yaml new file mode 100644 index 0000000..6cf9137 --- /dev/null +++ b/task5/PV.yaml @@ -0,0 +1,80 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv1 +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + nfs: + path: /root/data/pv1 + server: 192.168.5.6 + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv2 +spec: + capacity: + storage: 2Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + nfs: + path: /root/data/pv2 + server: 192.168.5.6 + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv3 +spec: + capacity: + storage: 3Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + nfs: + path: /root/data/pv3 + server: 192.168.5.6 + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc1 + namespace: dev +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc2 + namespace: dev +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc3 + namespace: dev +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi \ No newline at end of file diff --git a/task5/configmap.yaml b/task5/configmap.yaml new file mode 100644 index 0000000..5681a5e --- /dev/null +++ b/task5/configmap.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Pod +metadata: + name: pod-configmap + namespace: dev +spec: + containers: + - name: demo + image: demo:1.0.0 + volumeMounts: + - name: config + mountPath: /configmap/config + volumes: + - name: config + configMap: + name: configmap \ No newline at end of file diff --git a/task5/deployments.yaml b/task5/deployments.yaml new file mode 100644 index 0000000..a0aa9c3 --- /dev/null +++ b/task5/deployments.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx-deployment + namespace: dev +spec: + replicas: 3 + selector: + matchLabels: + app: nginx-pod + template: + metadata: + labels: + app: nginx-pod + spec: + containers: + - name: nginx + image: nginx:1.17.1 + ports: + - containerPort: 80 + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: demo-deployment + namespace: dev +spec: + replicas: 3 + selector: + matchLabels: + app: demo-pod + template: + metadata: + labels: + app: demo-pod + spec: + containers: + - name: demo + image: demo:1.0.0 + ports: + - containerPort: 8888 diff --git a/task5/hap.yaml b/task5/hap.yaml new file mode 100644 index 0000000..f7aff5c --- /dev/null +++ b/task5/hap.yaml @@ -0,0 +1,13 @@ +apiVersion: autoscaling/v1 +kind: HorizontalPodAutoscaler +metadata: + name: pc-hpa + namespace: dev +spec: + minReplicas: 1 + maxReplicas: 10 + targetCPUUtilizationPercentage: 3 + scaleTargetRef: + apiVersion: /v1 + kind: Deployment + name: demo \ No newline at end of file diff --git a/task5/secert.yaml b/task5/secert.yaml new file mode 100644 index 0000000..0259214 --- /dev/null +++ b/task5/secert.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: secret + namespace: dev +type: Opaque +data: + username: YWRtaW4= + password: MTIzNDU2 + +--- +apiVersion: v1 +kind: Pod +metadata: + name: pod-secret + namespace: dev +spec: + containers: + - name: demo + image: demo:1.0.0 + volumeMounts: + - name: config + mountPath: /secret/config + volumes: + - name: config + secret: + secretName: secret \ No newline at end of file diff --git a/task5/service.yaml b/task5/service.yaml new file mode 100644 index 0000000..4d82c3b --- /dev/null +++ b/task5/service.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: nginx-service + namespace: dev +spec: + selector: + app: nginx-pod + clusterIP: None + type: ClusterIP + ports: + - port: 80 + targetPort: 80 +--- +apiVersion: v1 +kind: Service +metadata: + name: demo-service + namespace: dev +spec: + selector: + app: demo-pod + clusterIP: None + type: ClusterIP + ports: + - port: 8888 + targetPort: 8888 \ No newline at end of file diff --git a/task6/REDME.MD b/task6/REDME.MD new file mode 100644 index 0000000..2b5c318 --- /dev/null +++ b/task6/REDME.MD @@ -0,0 +1 @@ +The CI/CD I understand with pipline, I copy the jenkins create the pipline's script. The workflow is about: first, pull the code from gitlab, secondly, build docker image, thirdly, push the image to the Harbor, the last, deploy the service, \ No newline at end of file diff --git a/task6/pipline.txt b/task6/pipline.txt new file mode 100644 index 0000000..962847f --- /dev/null +++ b/task6/pipline.txt @@ -0,0 +1,42 @@ +pipeline { + agent any{ + + environment { + harbroUser = 'admin' + harborPassword = '123456' + harborAddress = '192.168.1.1:80' + harborRepo = repo + } + + } + stages{ + stage('Pull the code from gitlab') { + steps { + checkout([$class:'GitSCM'branches:[[name:'{$version}']], extensioins:[],userRemoteConfigs:[[url:'http://192.168.1.1:8929/ + root/demo.git']]]) + } + } + stage("Build docker image") { + steps { + sh '''mv ./target/*.py ./docker/ + docker build -t ${JOB_NAME}:${version} ./docker/''' + + } + } + stage("Push the image to the Harbor") { + steps { + sh '''docker login -u ${$harbroUser} -p ${harborPassword} ${harborAddress} + docker tag ${JOB_NAME}:${tag} ${harborAddress}/${harborRepo}/${JOB_NAME}:${tag} + docker push ${harborAddress}/${harborRepo}/${JOB_NAME}:${tag} ''' + } + } + stage("Deploy the service") { + steps { + sshPublisher(publishers: [sshPublisherDesc(configName: 'demo',transfers: [sshTransfer(cleanRemot: false, excludes: '', + execCommond: "deploy.sh $harborAddress $harborRepo $JOB_NAME $tag $container_port $host_port", execTimeout: 120000, flatten: false, makeEmptyDirs: + false, noDefaultExculdudes: false, patternSeparator: '[, ]+' remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '',sourceFiles: '')], + usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)]} + } + + } + }