基於 Docker 構建企業 Jenkins CI平臺
阿新 • • 發佈:2021-08-28
1、CI/CD概述
持續整合(Continuous Integration,CI):程式碼合併、構建、部署、測試都在一起,不斷地執行這個過程,並對結果反饋。 持續部署(Continuous Deployment,CD):部署到測試環境、預生產環境、生產環境。 持續交付(Continuous Delivery,CD):將最終產品釋出到生產環境,給使用者使用。2、CI工作流程設計
3、環境部署
環境規劃
| IP | 主機名 | 服務 |
| 10.3.104.52 | docker01 | docker,JDK,Maven,Jenkins |
| 10.3.104.56 | docker02 | Gitlab,docker,docker-compose,Harbor |
3.1 部署Gitlab服務
[root@docker02 ~]# mkdir -p /data/gitlab [root@docker02 ~]# cd /data/gitlab [root@docker02 ~]# docker run -d \ --name gitlab \ -p 8443:443 \ -p 9999:80 \ -p 9998:22 \ -v $PWD/config:/etc/gitlab \ -v $PWD/logs:/var/log/gitlab \ -v $PWD/data:/var/opt/gitlab \ -v /etc/localtime:/etc/localtime \--restart=always \ wuxinchun/gitlab-ce-zh:latest
3.2 Gitlab地址訪問:http://IP:9999
初次會先設定管理員密碼 ,然後登陸,預設管理員使用者名稱root,密碼就是剛設定的
2)先將自己倉庫專案程式碼拉下來,因為沒有內容,所以提示是空的
[root@docker02 data]# yum -y install git [root@docker02 data]# git clone http://10.3.104.56:9999/root/java-demo.gitCloning into 'java-demo'... Username for 'http://10.3.104.56:9999': root Password for 'http://[email protected]:9999': warning: You appear to have cloned an empty repository. [root@docker02 data]# cd java-demo
3)進入到java-demo目錄,將程式碼拷貝到當前目錄,提交到自己的gitlab倉庫裡邊
將tomcat-java-demo-master.zip上傳並解壓到/data/java-demo目錄
[root@docker02 java-demo]# ll total 24 drwxr-x--- 2 root root 34 Aug 5 2019 db -rw-r----- 1 root root 148 Aug 5 2019 Dockerfile -rw-r----- 1 root root 11357 Aug 5 2019 LICENSE -rw-r----- 1 root root 1930 Aug 5 2019 pom.xml -rw-r----- 1 root root 270 Aug 5 2019 README.md drwxr-x--- 3 root root 18 Aug 5 2019 src
4)先提交到暫存區
[root@docker02 java-demo]# git add . [root@docker02 java-demo]# git commit -m 'wxc' *** Please tell me who you are. Run git config --global user.email "[email protected]" git config --global user.name "Your Name" to set your account's default identity. Omit --global to set the identity only in this repository. fatal: unable to auto-detect email address (got 'root@docker02.(none)')
解決方案:(設定下使用者名稱和email再次提交即可) [root@docker02 java-demo]# git config --global user.name "wuxinchun" [root@docker02 java-demo]# git config --global user.email "[email protected]" [root@docker02 java-demo]# git commit -m 'wxc'
5)提交到遠端倉庫master分支
[root@docker02 java-demo]# git push origin master Username for 'http://10.3.104.56:9999': root Password for 'http://[email protected]:9999': \Counting objects: 179, done. Delta compression using up to 4 threads. Compressing objects: 100% (166/166), done. Writing objects: 100% (179/179), 1.12 MiB | 0 bytes/s, done. Total 179 (delta 4), reused 0 (delta 0) remote: Resolving deltas: 100% (4/4), done. To http://10.3.104.56:9999/root/java-demo.git * [new branch] master -> master
6)Gitlab測試上傳成功
1)安裝docker-compose
Harbor 在部署和使用時需要藉助 Docker 的單機編排工具 Docker compose
將docker-compose-Linux-x86_64上傳至/usr/bin [root@docker01 ~]# mv docker-compose-Linux-x86_64 docker-compose [root@docker01 ~]# chmod +x docker-compose
2)離線部署Http Harbor
[root@docker01 ~]# tar -zxvf harbor-offline-installer-v2.0.0.tgz
[root@docker01 ~]# cd harbor
[root@docker01 harbor]# cp harbor.yml.tmpl harbor.yml
[root@docker01 harbor]#vi harbor.yml
#本地IP或域名均可(如果為域名請在hosts檔案加解析)
hostname: reg.wuxc.com
# 本次為Http部署,故先註釋https相關配置
# https related config
# https:
# https port for harbor, default is 443
# port: 443
# The path of cert and key files for nginx
#Harbor初始密碼
harbor_admin_password: Harbor12345
[root@docker01 harbor]# ./prepare
[root@docker01 harbor]# ./install.sh
[root@docker01 harbor]# docker-compose ps
Name Command State Ports
---------------------------------------------------------------------------------------------
harbor-core /harbor/entrypoint.sh Up (healthy)
harbor-db /docker-entrypoint.sh Up (healthy) 5432/tcp
harbor-jobservice /harbor/entrypoint.sh Up (healthy)
harbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/tcp
harbor-portal nginx -g daemon off; Up (healthy) 8080/tcp
nginx nginx -g daemon off; Up (healthy) 0.0.0.0:80->8080/tcp
redis redis-server /etc/redis.conf Up (healthy) 6379/tcp
registry /home/harbor/entrypoint.sh Up (healthy) 5000/tcp
registryctl /home/harbor/start.sh Up (healthy)
注:上述所有容器均為Up(healthy)代表harbor服務啟動成功
3)配置http映象倉庫可信任
1.新增可信任(如果沒有daemon.json請新建一個)
[root@docker01 ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"],
"insecure-registries":["reg.wuxc.com"] //因為是http部署需要將倉庫地址新增可信任
}
2.重啟docker服務使其生效
[root@docker01 ~]# systemctl restart docker
1) 準備JDK和Maven環境
[root@docker01 ~]# tar zxvf jdk-8u45-linux-x64.tar.gz [root@docker01 ~]# mv jdk1.8.0_45 /usr/local/jdk [root@docker01 ~]# tar zxf apache-maven-3.5.0-bin.tar.gz [root@docker01 ~]# mv apache-maven-3.5.0 /usr/local/maven
2)修改Maven源
[root@docker01 ~]# vim /usr/local/maven/conf/settings.xml<mirrors> <mirror> <id>central</id> <mirrorOf>central</mirrorOf> <name>aliyun maven</name> <url>https://maven.aliyun.com/repository/public</url> </mirror> </mirrors>
3)建立jenkins容器
[root@docker01 ~]# docker run -d --name jenkins -p 81:8080 -p 50000:50000 -u root \
-v /data/jenkins_home:/var/jenkins_home \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
-v /usr/local/maven:/usr/local/maven \
-v /usr/local/jdk:/usr/local/jdk \
-v /etc/localtime:/etc/localtime \
--restart=always \
--name jenkins jenkins/jenkins
5) 選擇外掛來安裝
6)選擇“無”,後續根據實際情況選擇安裝
7)設定賬號密碼
【管理Jenkins->系統配置-->管理外掛-->搜尋Localization: Chinese (Simplified),git/pipeline】選中點選安裝
[root@docker01 ~]# cd /data/jenkins_home/updates [root@docker01 updates]# sed -i 's/http:\/\/updates.jenkins-ci.org\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json [root@docker01 updates]# sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json [root@docker01 updates]# docker restart jenkins
4.1 建立流水線專案並配置
1)建立流水線任務
2)This project is parameterized -> String Parameter
Name:Branch # 變數名,下面指令碼中呼叫
Default Value:master # 預設分支
Description:釋出的程式碼分支 # 描述
${BUILD_NUMBER} 這個變數是Jenkins自身記錄的版本號,作為映象的tag,保證其唯一性
3)【系統管理-憑據-系統-全域性憑證】建立haobor和gitlab憑證
注:上述倆憑證ID用於Pipeline指令碼中,docker_registry_auth 和git_auth變數的值
#!/usr/bin/env groovy def registry = "10.3.104.56" def project = "dev" def app_name = "java-demo" def image_name = "${registry}/${project}/${app_name}:${Branch}-${BUILD_NUMBER}" def git_address = "http://10.3.104.56:9999/root/java-demo.git" def docker_registry_auth = "7cfb0855-fa74-4dfe-881f-fa1843d9e55b" def git_auth = "55a1e164-037e-4605-8b24-ce7aa1664f15" pipeline { agent any stages { stage('拉取程式碼'){ steps { checkout([$class: 'GitSCM', branches: [[name: '${Branch}']], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]]]) } } stage('程式碼編譯'){ steps { sh """ pwd ls JAVA_HOME=/usr/local/jdk PATH=$JAVA_HOME/bin:/usr/local/maven/bin:$PATH mvn clean package -Dmaven.test.skip=true """ } } stage('構建映象'){ steps { withCredentials([usernamePassword(credentialsId: "${docker_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) { sh """ echo ' FROM ${registry}/library/tomcat:v1 LABEL maitainer wuxinchun RUN rm -rf /usr/local/tomcat/webapps/* ADD target/*.war /usr/local/tomcat/webapps/ROOT.war ' > Dockerfile docker build -t ${image_name} . docker login -u ${username} -p '${password}' ${registry} docker push ${image_name} """ } } } stage('部署到Docker'){ steps { sh """ REPOSITORY=${image_name} docker rm -f tomcat-java-demo |true docker container run -d --name tomcat-java-demo -p 88:8080 ${image_name} """ } } } }
2)任務構建測試
報錯一:因為dockerfile寫的是從harbor中拉取tomcat:v1映象失敗
解決方法:
1)可以上傳tomcat:v1映象到harbor指定專案下
2)修改dockerfile為:From tomcat:latest(預設從本地獲取)
報錯:二:推送映象失敗,是因為Harbor上沒有這個名為(dev)專案,
解決方法:
在Harbor上新建一個命名為dev,屬性為public即可
3) 再次構建
4)檢查本地映象和容器
[root@docker01 conf]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE 10.3.104.56/dev/java-demo master-4 cc901da59e29 2 minutes ago 686MB [root@docker01 conf]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 74b38842d5a7 10.3.104.56/dev/java-demo:master-4 "catalina.sh run" About a minute ago Up About a minute 0.0.0.0:88->8080/tcp tomcat-java-demo
5)專案地址訪問IP:88
注:至此基於jenkins自動化構建完成
作者:傑巨集唯一 出處:http://www.cnblogs.com/wuxinchun/ 本文版權歸作者和部落格園共有,歡迎轉載,但未經作者同意必須保留此段宣告,且在文章頁面明顯位置給出原文連線,否則保留追究法律責任的權利.