基于docker的cicd

基于docker的cicd

基于docker的cicd

飞书链接： ​​https://dlk2qiw7lh.feishu.cn/docs/doccnyu14HTaamVzASIXreCSNjf​​

相关软件

链接：​​https://pan.baidu.com/s/1HMjA3hoQVxqu6iTQwhZMDw?pwd=gp75​​ 提取码：gp75

流程图

服务器规划

harbor配置

#部署harbor前需要安装docker docker-compose# 下载docker部署包# ~]# tar xf docker-20.10.10.tgz [root@harbor ~]# mv docker/* /usr/bin/#加入systemd管理#--------------------------------------------------------cat > /usr/lib/systemd/system/docker.service << 'EOF'[Unit]Description=Docker Application Container EngineDocumentation=firewalld.serviceWants=network-online.target[Service]Type=notifyExecStart=/usr/bin/dockerdExecReload=/bin/kill -s HUP $MAINPIDLimitNOFILE=infinityLimitNPROC=infinityLimitCORE=infinityTimeoutStartSec=0Delegate=yesKillMode=processRestart=on-failureStartLimitBurst=3StartLimitInterval=60s[Install]WantedBy=multi-user.targetEOF#--------------------------------------------------------#创建配置文件rm -f /etc/docker/*sudo mkdir -p /etc/dockersudo tee /etc/docker/daemon.json <<-'EOF'{ "registry-mirrors": [" "exec-opts": ["native.cgroupdriver=systemd"]}EOFsudo systemctl daemon-reloadsudo systemctl restart dockersystemctl enable docker.service#个人docker源：#这个是阿里云配置的加速,直接添加阿里云加速源就可以了,上面显示了配置办法。#enable dockersystemctl start docker# 部署docker-composecurl -L -s`-`uname -m` > /usr/local/bin/docker-composechmod +x /usr/local/bin/docker-composedocker-compose -v#harbor下载：# wget ~]# llanaconda-ks.cfgharbor-offline-installer-v2.3.2.tgz#解压部署包tar xf harbor-offline-installer-v2.3.2.tgz -C /usr/local/cd /usr/local/harbor#harbor配置文件修改：\cp harbor.yml.tmpl harbor.yml vi harbor.yml #也可以尝试用sed修改 sed -i '5ahostname: 192.168.10.23' harbor.yml#修改hostname为本机IP地址#hostname: reg.mydomain.comhostname: 192.168.10.23#注释 port: 443 # The path of cert and key files for nginx# certificate: /your/certificate/path# private_key: /your/private/key/path验证:[root@node01 harbor]# grep '^hostname' harbor.ymlhostname: 192.168.10.23 #也可以写成IP地址#部署harbor[root@node01 harbor]# cd /usr/local/harbor[root@node01 harbor]# ./prepare #准备环境配置文件[root@node01 harbor]# ./install.sh#部署完成 ⠿ Container harbor-core Started ⠿ Container harbor-jobservice Started ⠿ Container nginx Started ✔ ----Harbor has been installed and started successfully.----#默认登录账号adminHarbor12345

harbor创建一个公开项目

gitlab部署配置测试

起gitlab容器

mkdir -p /opt/gitlabcd /opt/gitlab#启动gitlab容器docker run -d \ --name gitlab \ -p 8443:443 \ -p 80:80 \ -p 9998:22 \ -v /opt/gitlab/config:/etc/gitlab \ -v /opt/gitlab/logs:/var/log/gitlab \ -v /opt/gitlab/data:/var/opt/gitlab \ -v /etc/localtime:/etc/localtime \ --hostname 192.168.10.21 \ registry.cn-hangzhou.aliyuncs.com/chenleilei/gitlab:latest

第一次打开需要设置密码: 默认账号: root 默认密码: 启动时设置

创建密钥

服务器上新建一个密钥，用于推送代码到gitlab

上传代码添加ssh-key

#配置无密码推送[root@node01 ~]# ssh-keygen #一路回车[root@node01 ~]# cat ~/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFiRM/NMTNRVCleVI8i7he+NHJevTtdp0CeSG/AWEKZBZOUr/pDNtHwlqHlBjc1ikDsZTgQLad7yavDpESXrP8C9bTTNmuk22JnXQDyQIt17NNV65esELaiIax01MNgIofnxeKe5vCFvkeW+LG/UjAkATuBAd6DqBheh6Ji3TPXE6tyjgtFYnA7ovZls/sKxBpbdgryvcM16VCMmJfTECx2ioKQ78y1LQsUhgD34+QHTd55fe9aWiD6TA08fWr6DEdwx3pHPyizXskPpWeZLLX6jIUDRwHEiJIpXPm5JkqGgvk/TlNDs5WWawl6ND5zmjtjcT3hZbp76Y6O4MW4Hrb root@node01

创建项目仓库

进入gitlab后创建项目

tomcat-java-demo-master

创建一个私有仓库

默认指引操作：

Git 全局设置git config --global user.name "Administrator"git config --global user.email "admin@example.com"创建新版本库git clone tomcat-java-demotouch README.mdgit add README.mdgit commit -m "add README"git push -u origin master已存在的文件夹cd existing_foldergit initgit remote add origin add .git commit -m "Initial commit"git push -u origin master已存在的 Git 版本库cd existing_repogit remote rename origin old-origingit remote add origin push -u origin --allgit push -u origin --tags

提交代码

yum install -y gitunzip tomcat-java-demo-master.zip#初始化cd tomcat-java-demogit init#提交代码：cd java-demogit add .git commit -m "java-demo commit"git push -u origin master#默认gitlab账号root #密码为自己创建的gitlab密码

Jenkins部署配置测试

架构图:

#部署jdktar zxvf jdk-8u211-linux-x64.tar.gzmv jdk1.8.0_211 /usr/local/jdk#部署maventar xf apache-maven-3.3.9-bin.tar.gz -C /usr/local/mv /usr/local/apache-maven-3.3.9 /usr/local/maven#部署Jenkins 挂载djk maven，配置域名docker run -d --name jenkins -p 80:8080 -p 50000:50000 -u root \-v /opt/jenkins_home:/var/jenkins_home \-v /var/run/docker.sock:/var/run/docker.sock \-v /usr/bin/docker:/usr/bin/docker \-v /usr/local/maven:/usr/local/maven \-v /usr/local/jdk:/usr/local/jdk \-v /etc/localtime:/etc/localtime \-v /root/.m2:/root/.m2 \--env JAVA_OPTS=-Dhudson.footerURL=\--name jenkins registry.cn-hangzhou.aliyuncs.com/chenleilei/jenkins#建议配置，这是构建缓存-v /root/.m2:/root/.m2#通过日志找到jenkins密码：执行命令： docker logs jenkins |& grep -A 2 'installation:'|tail -n1结果:714f9c9c6e9d472dbfcd907659ad3ebf

安装jenkins初始化配置：

安装推荐插件

选择安装pipeline插件,直接推荐安装就行

保存并完成：

Jenkins下载插件

​​提取码：hs0n #安装插件：tar xf plugins.tar.gz mv plugins/* /opt/jenkins_home/plugins/docker restart jenkins #[如果是非容器，直接移动到目录即可，建议先尝试引导页安装插件]

重新登录后就OK了，页面也汉化了，包里还有pipline等各类插件，都不需要再次安装了

确认pipline是否安装好了 只需要新建任务时看到又流水线即可

如果第一次启动时就安装了pipeline插件这里就会显示出来流水线，建议第一次的时候就安装

pipeline示例：

pipeline { agent any stages { stage ('1.拉取代码拉取'){ steps { echo '拉取代码' } } stage ('2.编译代码'){ steps { echo '编译代码' } } stage ('3.发布代码'){ steps { echo '发布代码' } } }}

测试发布：

配置参数化构建

配置完成后保存

多个分支配置：

这样就可以把代码分支发布到多个环境中

这就完成了第一步的发布配置，随后需要添加这3个环境的发布脚本来选择不同环境的发布配置

jenkins配置harbor认证

def docker_registry_auth = "c1b519ad-fd4e-4462-9a12-57a6da8617ba" #镜像认证,连接harbor的用户密码

添加git的访问gitlab凭据登录用户 root 登录密码 x19900606

最后查看 (描述不用管)：

将这个认证密钥也放入脚本中

def git_auth = "96150ecc-638e-4bce-82dc-78709b0c2c26" #git镜像认证

最终代码：

脚本如下：

#!/usr/bin/env groovydef registry = "192.168.10.23"def project = "library"def app_name = "demo"def image_name = "${registry}/${project}/${app_name}:${Branch}-${BUILD_NUMBER}"def git_address = "docker_registry_auth = "a2925179-7377-4788-b83a-176ec629d0c6"def git_auth = "96150ecc-638e-4bce-82dc-78709b0c2c26"pipeline { agent any stages { stage('拉取代码'){ steps { checkout([$class: 'GitSCM', branches: [[name: '${Branch}']], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]]]) } } stage('代码编译'){ steps { sh """ pwd JAVA_HOME=/usr/local/jdk PATH=$JAVA_HOME/bin:/usr/local/maven/bin:$PATH mvn clean package -Dmaven.test.skip=true """ } } stage('构建镜像'){ steps { withCredentials([usernamePassword(credentialsId: "${docker_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) { sh """ echo ' FROM lizhenliang/tomcat LABEL maitainer lizhenliang RUN rm -rf /usr/local/tomcat/webapps/* ADD target/*.war /usr/local/tomcat/webapps/ROOT.war ' > Dockerfile docker build -t ${image_name} . docker login -u ${username} -p '${password}' ${registry} docker push ${image_name} """ } } } stage('部署到Docker'){ steps { sh """ docker rm -f tomcat-java-demo |true docker container run -d --name tomcat-java-demo -p 88:8080 ${image_name} """ } } }}

流水线测试

选择需要使用的仓库，通过配置的凭据来添加仓库

正确结果：

错误结果:

生成流水线脚本

checkout([$class: 'GitSCM', branches: [[name: '*/master']], extensions: [], userRemoteConfigs: [[credentialsId: '69728f95-d881-4eeb-bdc0-a49d747e8250', url: '所以这时候就不需要做这步了 这里只是为了演示如何获取认证的脚本#通过变量解决这些问题 stages { stage('拉取代码'){ steps { checkout([$class: 'GitSCM', branches: [[name: '${Branch}']], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]]]) } }

流水线代码：

#!/usr/bin/env groovydef registry = "192.168.10.23" #harbor地址def project = "library"def app_name = "demo"def image_name = "${registry}/${project}/${app_name}:${Branch}-${BUILD_NUMBER}"def git_address = "docker_registry_auth = "a2925179-7377-4788-b83a-176ec629d0c6"def git_auth = "96150ecc-638e-4bce-82dc-78709b0c2c26"pipeline { agent any stages { stage('拉取代码'){ steps { checkout([$class: 'GitSCM', branches: [[name: '${Branch}']], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]]]) } } stage('代码编译'){ steps { sh """ pwd JAVA_HOME=/usr/local/jdk PATH=$JAVA_HOME/bin:/usr/local/maven/bin:$PATH mvn clean package -Dmaven.test.skip=true """ } } stage('构建镜像'){ steps { withCredentials([usernamePassword(credentialsId: "${docker_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) { sh """ echo ' FROM lizhenliang/tomcat LABEL maitainer lizhenliang RUN rm -rf /usr/local/tomcat/webapps/* ADD target/*.war /usr/local/tomcat/webapps/ROOT.war ' > Dockerfile docker build -t ${image_name} . docker login -u ${username} -p '${password}' ${registry} docker push ${image_name} """ } } } stage('部署到Docker'){ steps { sh """ docker rm -f tomcat-java-demo |true docker container run -d --name tomcat-java-demo -p 88:8080 ${image_name} """ } } }}

发布测试

web页面检查：

该操作仅能把服务部署到本机，如需远程部署，继续往下看

远程部署多台机器

远程部署需要安装插件publish Over SSH, Jenkins服务器中需要安装软件 sshpass 远程部署3要素:每台服务器都需要安装apt install sshpassjenkins配置 选项参数 以便于部署时可以选择发布的机器远程部署pipeline脚本

#发布到其他服务器更新源：sed -e "s,deb.debian.org,opentuna.cn,g" -e "s,security.debian.org,opentuna.cn,g" -e "s,^deb-src,#deb-src,g" -i.bak /etc/apt/sources.list# Jenkins服务器容器中安装 sshpass 让这台机器具有远程部署能力apt install sshpass再修改java-damo项目中的 pipeline script配置：#添加认证密码 -p "123456"sh """set +e/usr/bin/sshpass -p "123456" ssh -o StrictHostKeyChecking=no root@${installserver} "docker rm -f tomcat-java-demo |true;docker container run -d --name tomcat-java-demo -p 88:8080 ${image_name}""""

添加下拉框，选择指定服务器发布：

远程部署pipeline脚本:

#!/usr/bin/env groovydef registry = "192.168.10.23" #23是Harbor地址，192.168.10.21是gitlab地址def project = "library"def app_name = "demo"def image_name = "${registry}/${project}/${app_name}:${Branch}-${BUILD_NUMBER}"def git_address = "docker_registry_auth = "a2925179-7377-4788-b83a-176ec629d0c6"def git_auth = "96150ecc-638e-4bce-82dc-78709b0c2c26"pipeline { agent any stages { stage('拉取代码'){ steps { checkout([$class: 'GitSCM', branches: [[name: '${Branch}']], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]]]) } } stage('代码编译'){ steps { sh """ JAVA_HOME=/usr/local/jdk PATH=$JAVA_HOME/bin:/usr/local/maven/bin:$PATH mvn clean package -Dmaven.test.skip=true """ } } stage('构建镜像'){ steps { withCredentials([usernamePassword(credentialsId: "${docker_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) { sh """ echo ' FROM lizhenliang/tomcat LABEL maitainer lizhenliang RUN rm -rf /usr/local/tomcat/webapps/* ADD target/*.war /usr/local/tomcat/webapps/ROOT.war ' > Dockerfile docker build -t ${image_name} . docker login -u ${username} -p '${password}' ${registry} docker push ${image_name} """ } } } stage('部署到Docker'){ steps { sh """ set +e /usr/bin/sshpass -p "123456" ssh -o StrictHostKeyChecking=no root@${installserver} "docker rm -f tomcat-java-demo |true;docker container run -d --name tomcat-java-demo -p 88:8080 ${image_name}" """ } } }}

部署测试：

部署到192.168.10.21

部署到192.168.10.22

部署到192.168.10.23

检查页面

java示例源码:

链接：​​https://pan.baidu.com/s/1HMjA3hoQVxqu6iTQwhZMDw?pwd=gp75​​

提取码：gp75

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。