在如今的互聯網時代,隨著軟體開發複雜度的不斷提高,軟體開發和發佈管理也越來越重要。目前已經形成一套標準的流程,最重要的組成部分就是持續集成(Continuous Integration,CI)及持續部署、交付(CD)。在此,我們來以一個案例初步瞭解 CI 流程。那麼什麼是 CI 呢?簡單來講,CI ...
在如今的互聯網時代,隨著軟體開發複雜度的不斷提高,軟體開發和發佈管理也越來越重要。目前已經形成一套標準的流程,最重要的組成部分就是持續集成(Continuous Integration,CI)及持續部署、交付(CD)。在此,我們來以一個案例初步瞭解 CI 流程。那麼什麼是 CI 呢?簡單來講,CI 就是將傳統的代碼合併、構建、部署、測試都集成在一起,不斷地執行這個過程,並對結果進行反饋。
CI 流程設計圖:
工作流程:
1. 開發人員提交代碼到Git版本倉庫;
2. Jenkins人工/定時觸發項目構建;
3. Jenkins拉取代碼、代碼編碼、打包鏡像、推送到鏡像倉庫;
4. Jenkins在Docker主機創建容器併發布
主機環境規劃:
docker-jenkins: 10.0.0.98
docker-git-harbor:10.0.0.99
1. 部署Git代碼版本倉庫
安裝:
[root@docker-git-harbor ~]# yum install git -y
配置git用戶:
[root@docker-git-harbor ~]# useradd git [root@docker-git-harbor ~]# passwd git
創建庫:
[git@docker-git-harbor ~]$ mkdir tomcat-java-demo.git [git@docker-git-harbor ~]$ cd tomcat-java-demo.git/ [git@docker-git-harbor tomcat-java-demo.git]$ git --bare init Initialized empty Git repository in /home/git/tomcat-java-demo.git/ [git@docker-git-harbor tomcat-java-demo.git]$ ls branches config description HEAD hooks info objects refs [git@docker-git-harbor tomcat-java-demo.git]$
另一臺docker-jenkins訪問該倉庫:
[root@docker-jenkins ~]# git clone [email protected]:/home/git/tomcat-java-demo.git Cloning into 'solo'... The authenticity of host '10.0.0.99 (10.0.0.99)' can't be established. ECDSA key fingerprint is SHA256:XNWQhGsAsqd84k/6OYV3xl1+mPGjtASsxeV1YVLZVas. ECDSA key fingerprint is MD5:b4:bd:16:2b:de:e7:7c:fd:c5:dd:91:75:20:ff:3e:0a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.0.0.99' (ECDSA) to the list of known hosts. [email protected]'s password: warning: You appear to have cloned an empty repository. [root@docker-jenkins ~]# ls anaconda-ks.cfg tomcat-java-demo.git [root@docker-jenkins ~]# ls tomcat-java-demo.git [root@docker-jenkins ~]#
模擬生產項目,拉取github上的一個demo,並上傳至本地git庫
[root@docker-jenkins ~]# mv tomcat-java-demo tomcat-java-demo.bak [root@docker-jenkins ~]# git clone https://github.com/dingkai163/tomcat-java-demo.git [root@docker-jenkins tomcat-java-demo]# cat .git/config [core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = [email protected]:/home/git/tomcat-java-demo.git # 修改為本地的git庫地址 fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master [root@docker-jenkins tomcat-java-demo]# git add . [root@docker-jenkins tomcat-java-demo]# git status # On branch master nothing to commit, working directory clean [root@docker-jenkins tomcat-java-demo]# git commit -m "all" # On branch master nothing to commit, working directory clean [root@docker-jenkins tomcat-java-demo]# git push origin master [email protected]'s password: Counting objects: 229, done. Compressing objects: 100% (185/185), done. Writing objects: 100% (229/229), 4.52 MiB | 0 bytes/s, done. Total 229 (delta 25), reused 229 (delta 25) To [email protected]:/home/git/tomcat-java-demo.git * [new branch] master -> master [root@docker-jenkins tomcat-java-demo]#
2. jenkins環境部署
部署jdk環境及maven
[root@docker-jenkins ~]# mkdir tools [root@docker-jenkins ~]# cd tools [root@docker-jenkins tools]# rz -y [root@docker-jenkins tools]# tar zxvf jdk-8u45-linux-x64.tar.gz [root@docker-jenkins tools]# mv jdk1.8.0_45 /usr/local/jdk [root@docker-jenkins tools]# vim /etc/profile JAVA_HOME=/usr/local/jdk PATH=$PATH:$JAVA_HOME/bin CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar export JAVA_HOME PATH CLASSPATH [root@docker-jenkins tools]# source /etc/profile [root@docker-jenkins tools]# java -version java version "1.8.0_45" Java(TM) SE Runtime Environment (build 1.8.0_45-b14) Java HotSpot(TM) 64-Bit Server VM (build 25.45-b02, mixed mode) [root@docker-jenkins tools]# tar zxf apache-maven-3.5.0-bin.tar.gz [root@docker-jenkins tools]# mv apache-maven-3.5.0 /usr/local/maven
在10.0.0.98主機安裝Jenkins,下載Tomcat二進位包將war包到webapps下即可:
[root@docker-jenkins tools]# wget http://mirrors.jenkins.io/war-stable/latest/jenkins.war [root@docker-jenkins tools]# wget http://mirrors.shu.edu.cn/apache/tomcat/tomcat-8/v8.5.38/bin/apache-tomcat-8.5.38.tar.gz [root@docker-jenkins tools]# tar zxf apache-tomcat-8.5.38.tar.gz [root@docker-jenkins tools]# ls apache-tomcat-8.5.38 apache-tomcat-8.5.38.tar.gz jdk-8u45-linux-x64.tar.gz jenkins.war [root@docker-jenkins tools]# mv apache-tomcat-8.5.38 /usr/local/tomcat-jenkins [root@docker-jenkins tools]# ls /usr/local/tomcat-jenkins/webapps/ docs examples host-manager manager ROOT [root@docker-jenkins tools]# rm -rf /usr/local/tomcat-jenkins/webapps/* [root@docker-jenkins tools]# mv jenkins.war /usr/local/tomcat-jenkins/webapps/ROOT.war [root@docker-jenkins tools]# ll /usr/local/tomcat-jenkins/webapps/ total 75520 -rw-r--r--. 1 root root 77330344 Mar 15 00:55 ROOT.war [root@docker-jenkins tools]# cd /usr/local/tomcat-jenkins/bin/ [root@docker-jenkins bin]# ./startup.sh Using CATALINA_BASE: /usr/local/tomcat-jenkins Using CATALINA_HOME: /usr/local/tomcat-jenkins Using CATALINA_TMPDIR: /usr/local/tomcat-jenkins/temp Using JRE_HOME: /usr/local/jdk1.8 Using CLASSPATH: /usr/local/tomcat-jenkins/bin/bootstrap.jar:/usr/local/tomcat-jenkins/bin/tomcat-juli.jar Tomcat started. [root@docker-jenkins bin]#
啟動後,瀏覽器訪問http://10.0.0.98:8080/,按提示輸入密碼,登錄即可。
3. 部署私有鏡像倉庫
企業級harbor鏡像倉庫部署:
https://www.cnblogs.com/kaye/p/10524391.html
構建Tomcat基礎鏡像,並推送到harbor鏡像庫:
[root@docker-git-harbor ~]# cd tomcat
[root@docker-git-harbor tomcat]# cat Dockerfile-tomcat
FROM centos:7
MAINTAINER www.cnblogs.com/kaye/
ENV VERSION=8.5.38
RUN yum install java-1.8.0-openjdk wget curl unzip iproute net-tools -y && \
yum clean all && \
rm -rf /var/cache/yum/*
RUN wget http://mirrors.shu.edu.cn/apache/tomcat/tomcat-8/v${VERSION}/bin/apachetomcat-${VERSION}.tar.gz && \
tar zxf apache-tomcat-${VERSION}.tar.gz && \
mv apache-tomcat-${VERSION} /usr/local/tomcat && \
rm -rf apache-tomcat-${VERSION}.tar.gz /usr/local/tomcat/webapps/* && \
mkdir /usr/local/tomcat/webapps/test && \
echo "ok" > /usr/local/tomcat/webapps/test/status.html && \
sed -i '1a JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom"' /usr/local/tomcat/bin/catalina.sh && \
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ENV PATH $PATH:/usr/local/tomcat/bin
EXPOSE 8080
CMD ["catalina.sh", "run"]
[root@docker-git-harbor tomcat]# docker build -t tomcat:v1 -f Dockerfile-tomcat .
[root@docker-git-harbor tomcat]# docker tag tomcat:v1 reg.dingkai.com/library/tomcat:v1
[root@docker-git-harbor tomcat]# docker login reg.dingkai.com
[root@docker-git-harbor tomcat]# docker push reg.dingkai.com/library/tomcat:v1
4. Jenkins安裝必要插件
由於jenkins是離線安裝,所有在此需要配置一下插件下載地址:系統管理-->插件管理-->Advanced
修改下方地址,將https修改為http 再點Submit
Submit後點擊Available,Check now此時我們可以看到很多可獲得插件
首先搜索並安裝Pipeline插件
pipeline 是一套運行於jenkins上的工作流框架,將原本獨立運行於單個或者多個節點的任務連接起來,實現單個任務難以完成的複雜流程編排與
可視化。
再安裝SCM to job 插件,同上步驟(搜索,安裝)。
5. 項目創建
創建jobs
選擇流水線類型
到這裡我們就開始配置Pipeline script,點擊Pipeline語法,來自動生成我們需要的配置。
如下圖,我們Git方式,配置Git倉庫地址,再添加認證相關。
這裡我們使用的是秘鑰認證方式,需要將jenkins上生成的公鑰發送到git伺服器上,然後將jenkins上的生成的私鑰內容粘貼到下圖Key中,這樣jenkins就可以免交互的拉取git倉庫中的代碼了。
[root@docker-jenkins bin]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:1vD8XM3lDYFmrxgAbwPTLwb0fl+oEx8cFgtykpg4ODI root@docker-jenkins The key's randomart image is: +---[RSA 2048]----+ | . o==o.o ... | |E o o +=++ .+o . | | o . . .*o o+.. .| | oo*oo o.=o| | .S.*o+.o =| | . ..B.+ | | o = | | . | | | +----[SHA256]-----+ [root@docker-jenkins bin]# cd [root@docker-jenkins ~]# [root@docker-jenkins ~]# [root@docker-jenkins ~]# ls .ssh/ id_rsa id_rsa.pub known_hosts [root@docker-jenkins ~]# ssh-copy-id [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. [root@docker-jenkins ~]#
配置完成後,我們就可以生成Pipeline腳本了。點擊下方Generate Pipeline Script,然後複製方框內的內容。
編寫我們所需要的Pipeline腳本如下,將其粘貼到script的拉取代碼模塊中,並修改分支master為${branch},其他模塊內容自行編寫。
node { // 拉取代碼 stage('Git Checkout') { checkout([$class: 'GitSCM', branches: [[name: '${branch}']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: 'c42214eb-db1e-49fb-83c9-f78d1f4310a2', url: '[email protected]:/home/git/tomcat-java-demo.git']]]) } // 代碼編譯 stage('Maven Build') { sh ''' export JAVA_HOME=/usr/local/jdk /usr/local/maven/bin/mvn clean package -Dmaven.test.skip=true ''' } // 項目打包到鏡像並推送到鏡像倉庫 stage('Build and Push Image') { sh ''' REPOSITORY=reg.dingkai.com/library/tomcat-java-demo:${branch} cat > Dockerfile << EOF FROM reg.dingkai.com/library/tomcat:v1 MAINTAINER kai RUN rm -rf /usr/local/tomcat/webapps/* ADD target/*.war /usr/local/tomcat/webapps/ROOT.war EOF docker build -t $REPOSITORY . docker login reg.dingkai.com -u admin -p 123456 docker push $REPOSITORY ''' } // 部署到Docker主機 stage('Deploy to Docker') { sh ''' REPOSITORY=reg.dingkai.com/library/tomcat-java-demo:${branch} docker rm -f tomcat-java-demo |true docker pull $REPOSITORY docker container run -d --name tomcat-java-demo -p 88:8080 $REPOSITORY ''' } }
在Pipeline腳本裡面我們指定了一個branch參數,所以我們需要傳遞一個參數變數,這裡我們選擇參數化構建,預設值為master分支。
然後保存配置。
6. 開始構建任務
回到主界面,我們開始構建任務
可以通過Console Output輸出查看jenkins構建流程
成功構建會提示: SUCCESS
我們也可以查看構建成功後的圖形構建過程
通過瀏覽器來訪問tomcat-java-demo項目:http://10.0.0.98:88/
可以看到可以正常訪問,至此基於 Jenkins+Docker+Git 的CI流程已經成功部署了。
