# é¢„ç”Ÿäº§åˆ†æ”?â†?Harbor â†?ACK ç”Ÿäº§ K8S æµæ°´çº?

Harbor å®¿ä¸»æœºï¼š**39.106.135.88**ï¼ˆä¸Ž Jenkins åŒæœºæˆ–åŒ VPCï¼‰ã€‚ACK é›†ç¾¤ï¼?*alien-ack-cluster**ï¼ˆåŽåŒ? åŒ—äº¬ï¼‰ã€?

æœ¬ç›®å½•æ”¯æŒ?**å•æœåŠ¡å‘ç‰?* ä¸?**æ•´ä½“/å¤šé€‰å‘ç‰?*ï¼ˆHarbor + ACKï¼‰ï¼›ä¸Žå®¿ä¸»æœº `docker compose` æ™‹å‡æµæ°´çº¿ï¼ˆ`Jenkinsfile-prod-promote-from-uat.groovy`ï¼‰å¹¶è¡Œå­˜åœ¨ï¼Œäº’ä¸æ›¿ä»£ï¼Œç›´åˆ?ACK å…¨é‡åˆ‡æµã€?

---

## å¸¸è§é—®é¢˜ï¼ˆHarbor / ç›®å½•ç»“æž„ / å‘ç‰ˆç²’åº¦ï¼?

### Harbor è¦ä¸è¦åœ¨ Web ç•Œé¢æ‰‹å·¥æ“ä½œï¼?

**æ—¥å¸¸å‘ç‰ˆä¸éœ€è¦ã€?* æµæ°´çº¿åœ¨ `k8s-produ-lib.groovy` é‡Œè‡ªåŠ¨å®Œæˆï¼š

1. `docker login 39.106.135.88`ï¼ˆå‡­æ?`harbor-robot-alien`ï¼?
2. `docker build` â†?æ‰?tag `39.106.135.88/alien_cloud/<æœåŠ¡å?:<tag>`
3. `docker push` åˆ?Harbor
4. `kubectl set image` è®?ACK æ‹‰åŒä¸€ tag

è¿ç»´**ä»…éœ€ä¸€æ¬¡æ€?*åœ?Harbor Webï¼ˆæˆ– APIï¼‰å®Œæˆï¼š`alien` é¡¹ç›®ã€æœºå™¨äººè´¦å·ã€ï¼ˆå¯é€‰ï¼‰é•œåƒä¿ç•™ç­–ç•¥ã€‚ä¹‹åŽæŸ¥é•œåƒ/åˆ æ—§ tag/æŽ’éšœæ—¶ä»å¯æ‰“å¼€ Harbor UIï¼?*ä¸æ˜¯å‘ç‰ˆå¿…ç»æ­¥éª¤**ã€?

### `_shared/k8s-produ-lib.groovy` æ˜¯ä»€ä¹ˆï¼Ÿèƒ½å•ç‹¬éƒ¨ç½²å—ï¼?

| æ–‡ä»¶ | è§’è‰² | Jenkins Script Path æ˜¯å¦æŒ‡å‘å®?|
|------|------|-------------------------------|
| `produ/<æœåŠ¡>/Jenkinsfile` | **å…¥å£**ï¼ˆJenkins åªè®¤è¿™ä¸ªåå­—ï¼?| **æ˜?*ï¼Œæ¯ä¸?Job æŒ‡å‘å„è‡ªè·¯å¾„ |
| `_shared/k8s-produ-lib.groovy` | **å…±äº«å‡½æ•°åº?*ï¼ˆcheckoutã€mvnã€Harborã€kubectlï¼?| **å?*ï¼Œç”±å…¥å£ `load '.../k8s-produ-lib.groovy'` å¼•ç”¨ |
| `_shared/service-registry.groovy` | ä¸ƒä¸ªæœåŠ¡åˆ—è¡¨ + whole/multi ç­›é€?| å¦ï¼Œä¾?`whole/Jenkinsfile` ä½¿ç”¨ |

æ¯ä¸ªå¾®æœåŠ?Job ä»æ˜¯ **å•ç‹¬ä¸€æ¡æµæ°´çº¿**ï¼ˆä¾‹å¦‚åªæž„å»º gatewayï¼‰ï¼›å…±äº«åº“æ˜¯ä¸ºé¿å…?7 ä»½é‡å¤è„šæœ¬ï¼Œ**ä¸ä»£æ›?* `Jenkinsfile`ã€?

### æ—¢è¦å•ç‹¬å‘å¸ƒï¼Œåˆè¦æ•´ä½“å‘å¸ƒï¼Ÿ

| Jenkins Jobï¼ˆå»ºè®®åï¼?| Script Path | ç²’åº¦ |
|----------------------|-------------|------|
| `gateway-k8s` â€?`dining-k8s` | `docs/jenkins/produ/<prodDir>/Jenkinsfile` | **ä»…è¯¥æœåŠ¡**ï¼ˆMaven `-pl alien-xxx`ï¼?|
| `alien-cloud-k8s-whole` | `docs/jenkins/produ/whole/Jenkinsfile` | **whole / single / multi**ï¼ˆå‚æ•?`DEPLOY_MODE`ï¼Œè¯­ä¹‰åŒ prod-promoteï¼?|

æ•´ä½“ Job ä¸€æ¬?`mvn package` æ‰“å…¨ä»“åº“ï¼Œå†æŒ‰é€‰ä¸­æœåŠ¡ä¾æ¬¡ build/push/deployï¼›å•æœåŠ¡ Job åªæ‰“å¯¹åº”æ¨¡å—ï¼Œé€‚åˆçƒ­ä¿®å¤å•ä¸ªæœåŠ¡ã€?

---

## ä¸€ã€Jenkins ä»»åŠ¡å¦‚ä½•ç»„ç»‡ï¼ˆå¯¹åº”ä½ æˆªå›¾ä¸­çš„ã€Œæ–°å»ºä»»åŠ¡ã€ï¼‰

### 1. æ˜¯å¦é€‰ã€Œæ–‡ä»¶å¤¹ã€ï¼Ÿ

**æ˜¯ï¼ŒæŽ¨èé€‰ã€Œæ–‡ä»¶å¤¹ã€ã€?*

| ç±»åž‹ | ç”¨é€?|
|------|------|
| **æ–‡ä»¶å¤?* | ç‹¬ç«‹å‘½åç©ºé—´ï¼Œå…¶ä¸‹å¯å»ºå¤šä¸?**æµæ°´çº?* ä»»åŠ¡ï¼Œä¾‹å¦?`gateway-k8s`ã€`store-k8s`ï¼Œåç§°å¯ä¸Žå…¶ä»–è§†å›¾é‡å¤?|
| **æµæ°´çº?* | çœŸæ­£æ‰§è¡Œæž„å»ºçš?Jobï¼Œæ¯ä¸ªå¾®æœåŠ¡ä¸€æ?|
| **å¤šåˆ†æ”¯æµæ°´çº¿** | æŒ?Git åˆ†æ”¯è‡ªåŠ¨å»ºå­ Jobï¼›è‹¥é¢„ç”Ÿäº§å›ºå®šä¸€æ¡åˆ†æ”¯ï¼ˆå¦?`uat-20260202`ï¼‰ï¼Œç”¨æ™®é€šæµæ°´çº¿ + å‚æ•° `GIT_BRANCH` æ›´ç®€å?|

å»ºè®®ç»“æž„ï¼?

```text
alien-cloud-produ-K8S-from-uat/     â†?æ–‡ä»¶å¤¹ï¼ˆä½ æˆªå›¾ä¸­çš„åç§°ï¼‰
â”œâ”€â”€ alien-cloud-k8s-whole/          â†?æµæ°´çº¿ï¼ŒScript Path: docs/jenkins/produ/whole/Jenkinsfileï¼ˆæ•´ä½?å¤šé€‰ï¼‰
â”œâ”€â”€ gateway-k8s/                    â†?æµæ°´çº¿ï¼ŒScript Path: docs/jenkins/produ/gateway/Jenkinsfile
â”œâ”€â”€ store-k8s/
â”œâ”€â”€ second-k8s/
â”œâ”€â”€ store-platform-k8s/
â”œâ”€â”€ lawyer-k8s/
â”œâ”€â”€ job-k8s/
â””â”€â”€ dining-k8s/
```

**ä¸è¦**åœ¨æ–‡ä»¶å¤¹é‡Œå†é€‰ã€Œæ–‡ä»¶å¤¹ã€ç±»åž‹åŽ»å¥—å¾®æœåŠ¡â€”â€”å¾®æœåŠ¡ä¸€çº§ç”¨ **æµæ°´çº?* å³å¯ã€?

### 2. æ˜¯å¦ç”?Pipeline script from SCMï¼?

**å¯ä»¥ï¼Œä¸”æŽ¨èã€?*

æ¯ä¸ª `*-k8s` æµæ°´çº?Job é…ç½®ï¼?

1. **æµæ°´çº?* â†?**å®šä¹‰**ï¼šPipeline script from SCM  
2. **SCM**ï¼šGitï¼Œä»“åº?`http://8.152.195.41:3000/alien/alien_cloud`ï¼ˆä¸ŽçŽ°ç½‘ä¸€è‡´ï¼‰  
3. **åˆ†æ”¯**ï¼š`*/uat-20260202` æˆ?`*/ä½ çš„é¢„ç”Ÿäº§åˆ†æ”¯`  
4. **Script Path**ï¼ˆæŒ‰æœåŠ¡ä¸åŒï¼‰ï¼š
   - gatewayï¼š`docs/jenkins/produ/gateway/Jenkinsfile`
   - storeï¼š`docs/jenkins/produ/store/Jenkinsfile`
   - â€?è§ä¸‹è¡? 

5. **å‡­æ®**ï¼š`zhanghaomimapingzheng`ï¼ˆä¸Ž UAT æµæ°´çº¿ä¸€è‡´ï¼‰  
6. **æž„å»ºè§¦å‘**ï¼šå¯é€‰æ‰‹åŠ¨ï¼›ç¨³å®šåŽåŠ ã€Œä¸Šæ¸?UAT æž„å»ºæˆåŠŸã€è§¦å? 

ä¸?`Jenkinsfile-prod-promote-from-uat.groovy` çš„å…³ç³»ï¼š

| ç»´åº¦ | prod-promote-from-uat | produ K8S æµæ°´çº?|
|------|----------------------|------------------|
| åˆ¶å“ | UAT ç›®å½• jar â†?ç”Ÿäº§æœ?compose | Maven jar â†?é•œåƒ â†?Harbor â†?ACK |
| å‘ç‰ˆç²’åº¦ | å?Job å†?whole/single/multi | **whole Job** + **æ¯æœåŠ¡ä¸€ä¸?Job** |
| ç°åº¦ | æ—?| æ”¯æŒ Ingress æƒé‡ç°åº¦ï¼ˆè§ README-ACK-GRAY-RELEASE.mdï¼?|

---

## äºŒã€å¾®æœåŠ¡ä¸?Script Path å¯¹ç…§

| prodDir | æ¨¡å— | Jenkins Script Path | ACK Deploymentï¼ˆé»˜è®¤ï¼‰ |
|---------|------|---------------------|-------------------------|
| gateway | alien-gateway | `docs/jenkins/produ/gateway/Jenkinsfile` | `gateway` |
| store | alien-store | `docs/jenkins/produ/store/Jenkinsfile` | `store` |
| second | alien-second | `docs/jenkins/produ/second/Jenkinsfile` | `second` |
| store-platform | alien-store-platform | `docs/jenkins/produ/store-platform/Jenkinsfile` | `store-platform` |
| lawyer | alien-lawyer | `docs/jenkins/produ/lawyer/Jenkinsfile` | `lawyer` |
| job | alien-job | `docs/jenkins/produ/job/Jenkinsfile` | `job` |
| dining | alien-dining | `docs/jenkins/produ/dining/Jenkinsfile` | `dining` |
| **ï¼ˆæ•´ä½“ï¼‰** | å…¨éƒ¨ä¸ƒä¸ª | `docs/jenkins/produ/whole/Jenkinsfile` | æŒ?`DEPLOY_MODE` |

**æœªçº³å…¥æœ¬ç›®å½•**ï¼ˆå±žå…¶ä»–ä»“åº“æˆ–é•œåƒåä¸åŒï¼Œéœ€å¦å»º Jobï¼‰ï¼š

- Pythonï¼š`py_gateway_produ`ã€`py_contract_produ`ã€`py_esign_produ`ï¼ˆé•œåƒ?`alien_gateway:local` ç­‰ï¼‰  
- `xxl-job-admin-produ`ã€Harbor è‡ªèº«ç»„ä»¶  

---

## ä¸‰ã€Jenkins ä¾§å¿…é…é¡¹ï¼ˆé¦–æ¬¡ï¼‰

åœ?Jenkins **å…¨å±€**æˆ–æ–‡ä»¶å¤¹ **å‡­æ®** ä¸­å‡†å¤‡ï¼š

| å‡­æ® IDï¼ˆç¤ºä¾‹ï¼ŒæŒ‰å®žé™…æ”¹ Jenkinsfile å†…å¸¸é‡ï¼‰ | ç±»åž‹ | ç”¨é€?|
|---------------------------------------------|------|------|
| `zhanghaomimapingzheng` | Username/password | Git æ‹‰å– |
| `harbor-robot-alien` | Username/password | `docker login 39.106.135.88` |
| `ack-kubeconfig-alien` | Secret file | `KUBECONFIG`ï¼Œå†…å®¹æ¥è‡?ACKã€Œè¿žæŽ¥ä¿¡æ¯ã€ä¸‹è½?|

Jenkins èŠ‚ç‚¹éœ€å…·å¤‡ï¼?

- `mvn`ã€`docker`ï¼ˆèƒ½è®¿é—® Harbor 443/80ï¼‰ã€`kubectl`  
- è‹?Jenkins åœ¨å®¹å™¨å†…ï¼šæŒ‚è½?`docker.sock`ï¼Œå¹¶å°?`kubectl` ä¸?kubeconfig æŒ‚å…¥æˆ–è£…åœ¨é•œåƒå†…  

Harbor ä¸Šå»ºè®®å»ºé¡¹ç›® **`alien_cloud`**ï¼Œé•œåƒåï¼š`39.106.135.88/alien_cloud/<prodDir>:<tag>`ã€? 
**æ–°å»ºé¡¹ç›®ä¸Žæœºå™¨äººè´¦å·æ­¥éª¤**è§?**[README-HARBOR-SETUP.md](./README-HARBOR-SETUP.md)**ã€?

åŸºç¡€é•œåƒ `my-openjdk8-ffmpeg:v1` éœ€ **å…?push åˆ?Harbor**ï¼ˆå¦‚ `39.106.135.88/alien_cloud/base/openjdk8-ffmpeg:v1`ï¼‰ï¼Œå¹¶åœ¨ Job å‚æ•° `BASE_IMAGE` ä¸­å¡«å†™ï¼Œå¦åˆ™ ACK èŠ‚ç‚¹æ‹‰ä¸åˆ°ã€?

---

## å››ã€ACK ä¸Žç°åº?

è¯¦è¿°è§åŒç›®å½• **[README-ACK-GRAY-RELEASE.md](./README-ACK-GRAY-RELEASE.md)**ï¼ˆé›†ç¾¤æŽ¥å…¥ã€å‘½åç©ºé—´ã€Ingress ç°åº¦ã€èŠ‚ç‚?Unknown æŽ’æŸ¥ï¼‰ã€?

K8S æ¸…å•ç¤ºä¾‹ï¼š`k8s/examples/`ã€?

---

## äº”ã€æµæ°´çº¿å‚æ•°é€Ÿè§ˆ

å„æœåŠ?Jenkinsfile å…±ç”¨åº?`docs/jenkins/produ/_shared/k8s-produ-lib.groovy`ï¼Œä¸»è¦å‚æ•°ï¼š

- `GIT_BRANCH`ï¼šé¢„ç”Ÿäº§åˆ†æ”¯  
- `IMAGE_TAG`ï¼šé»˜è®?`build-${BUILD_NUMBER}`ï¼Œå¯å¡?`uat-20260202-123`  
- `DEPLOY_STRATEGY`ï¼š`rolling`ï¼ˆç›´æŽ¥æ›¿æ¢ï¼‰æˆ?`canary`ï¼ˆIngress æƒé‡ï¼? 
- `CANARY_WEIGHT`ï¼šç°åº¦æµé‡ç™¾åˆ†æ¯”ï¼ˆä»… canaryï¼? 
- `K8S_NAMESPACE`ï¼šé»˜è®?`alien-produ`  

é¦–æ¬¡éƒ¨ç½²å‰åœ¨ ACK åº”ç”¨ `k8s/examples/namespace.yaml` ä¸Žå„æœåŠ¡ `deployment-*.yaml`ï¼ˆæˆ–è®©æµæ°´çº¿ `kubectl apply` é¦–æ¬¡å…¨é‡ applyï¼‰ã€?