流水线到最后一步加载kubeconfig报错，file name too long

linzea

jacklin 你好, 你的解决了吗

jacklin

还没有,不知道啥问题

jacklin

可参考虑尝试解决看看 linzea

jacklin

使用AWS eks kubernetes1.21 部署的kubesphere3.2.x 出现devops kubeconfig认证失败
首见这个应该是kubesphere 官方还没有完善的点,也不是完全BUG;只能说明问题点确实官方也明白,但是社区也没有明确解释清楚,造成很误解,大家可以参考如下操作:
1.参见#https://kubesphere.com.cn/docs/faq/devops/create-devops-kubeconfig-on-aws/创建kubeconfig,注意namespace 要进行更换为自己的
2.参见#https://kubesphere.com.cn/forum/d/6500-kubeconfigfile-name-too-long/12提到的:请注意不是 kubeconfigContent，而是 kubeconfigFile。
剩下部署步骤Jenkinsfile例如:
pipeline {
agent {
node {
label ‘base’
}

}
stages {
stage(‘check out’) {
agent none
steps {
container(‘base’) {
git(url: ‘$CODE_GIT_URL’, credentialsId: ‘code-registry-user-passwd’, branch: ‘master’, changelog: true, poll: false)
sh ‘pwd’
}

}
}

stage(‘build push’) {
agent none
steps {
container(‘base’) {
sh '''docker build -t $REGISTRY_URI/$REGISTRY_NS/$REGISTRY_PROJECT:$DOCKER_IMG_TAG . –network=host
docker images’''
withCredentials([usernamePassword(credentialsId : ‘dockerhub-ali’ ,passwordVariable : ‘DOCKER_PASSWORD’ ,usernameVariable : ‘DOCKER_USERNAME’ ,)]) {
sh ‘echo “$DOCKER_PASSWORD” | docker login $REGISTRY_URI -u “$DOCKER_USERNAME” –password-stdin’
sh '''docker push $REGISTRY_URI/$REGISTRY_NS/$REGISTRY_PROJECT:$DOCKER_IMG_TAG
'''
}

}

}
}

stage(‘deploy to pro’) {
agent none
steps {
input(message: ‘deploy to pro ?’, submitter: '')
}
}

stage(‘deploy app’) {
agent none
steps {
container(‘base’) {
withCredentials([kubeconfigFile(credentialsId : ‘demo-kubeconfig’ ,variable : ‘KUBECONFIG’ ,)]) {
sh ‘envsubst < deploy/pro-ol/deployment.yaml | kubectl apply -f -’
}

}

}
}

}
environment {
KUBECONFIG_CREDENTIAL_ID = ‘demo-kubeconfig’
}
}

3.再提供demo-kubeconfig内容:
在kubesphere后面,相应项目下服务帐户找到刚创建:devops-deploy 的kubeconfig 设置

apiVersion: v1
kind: Config
clusters:

name: devops-deploy@local
cluster:
server: ‘https://kubernetes.default.svc:443’
certificate-authority-data: >-
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxBase64==
users:
name: devops-deploy
user:
token: >-
YYYYYYYYYYYYYYYYYYYYYYYBase64==
contexts:
name: devops-deploy@local
context:
user: devops-deploy
cluster: devops-deploy@local
namespace: sample-namespace
current-context: devops-deploy@local

linzea

jacklin 谢谢你, 我试试
按照这个做法是不是我所有的服务都需要去创建一份这个rbac 权限呢

jacklin

linzea 不需要

doudecheng

折腾了一下午终于是搞好了。一开始遇到这个错误the export parameter, deprecated since v1.14, is no longer supported ,按照官方文档解决了。后面又遇到 file name too long 这个错误，把kubeconfigContent 改为 kubeconfigFile 解决了。最后流水线Jenkinsfile是这样的，供大家参考

doudecheng

pipeline {

agent {

node {

  label 'maven'

}

}

stages {

stage('拉取代码') {

  agent none

  steps {

    container('maven') {

      git(url: '地址写自己的', credentialsId: 'gitlab-repository-credentials', branch: 'master', changelog: true, poll: false)

      sh 'ls -al'

    }

  }

}

stage('部署') {

  parallel {

    stage('部署') {

      agent none

      steps {

        container('maven') {

          withCredentials([kubeconfigFile(credentialsId : 'kubeconfig-credentials' ,variable : 'KUBECONFIG' ,)]) {

            sh '''mkdir \~/.kube

echo “$KUBECONFIG_CONTENT” > ~/.kube/config

envsubst < dev/pbi-portal/deploy.yml | kubectl apply -f -'''

}

environment {

KUBECONFIG_CREDENTIAL_ID = 'kubeconfig-credentials'

REGISTRY = '写自己项目的仓库地址'

DOCKERHUB_NAMESPACE = 'jtcphjglxm'

APP_NAME = 'pdm'

CODE_BRANCH = 'master'

}

parameters {

string(name: 'TAG_NAME', defaultValue: '', description: '')

}

rufei

johnniang 这种确实可以的 666

rufei

johnniang 这种确实可以的 666

19940727

Rick 如果使用图形界面默认就是kubeconfigContent ，手动编辑jenkinsfile 改成 kubeconfigFile 图形界面就会有BUG，会闪退流水线编辑的页面

chilianyi

19940727 的确有这个问题，已经记录 issue：kubesphere/ks-devops#996

« 上一页