在Devops建设过程中介绍到CI/CD持续集成持续部署的流程,本文则通过Jenkins+Docker工具来实现持续集成持续部署整个流程。
1、持续集成持续部署CI/CD流程
开发push代码到git
触发jenkins自动pull代码
通过maven编译、打包,然后通过执行shell脚本使docker构建镜像并push到仓库
此操作完成后jenkins服务器上再执行SSH命令登录到部署服务器
docker从仓库拉取镜像,启动容器
这样,基于Jenkins+Docker的自动化部署整个操作流程完成。
1.1 Jenkins介绍、
Jenkins可以构建一个自动化的持续集成持续部署环境,可以用来完成“自动化”编译、打包、分发部署应用,它兼容ant、maven、gradle等多种第三方构建工具,同时与svn、git能无缝集成,也支持直接与知名源代码托管网站,如github、bitbucket直接集成。
jdk环境,Jenkins是java语言开发的,因此需要jdk环境
git/svn客户端,因一般代码是放在git/svn服务器上的,需要拉取代码
maven客户端,因一般java程序是由maven工程,需要maven打包,当然也有其他打包方式,如:gradle
使用PyInstaller构建Python应用
1.2 Git本地仓库
分布式:Git是分布式的,SVN不是,这是Git和其它版本控制系统SVN,CVS等最核心的区别;
存储方式:Git把内容按元数据方式存储,而SVN是按文件。所有的资源控制系统都是把文件的元信息隐藏在一个类似.svn、.cvs等的文件夹里
分支不同:Git中的分支比较特别,SVN中分支其实就是版本库中的另外一个目录
版本号:Git没有一个全局的版本号,而SVN有
内容完整性:Git的内容完整性要优于SVN,Git的内容存储使用的是SHA-1哈希算法,这能确保代码内容的完整性,确保在遇到磁盘故障和网络问题时降低对版本库的破坏
2、服务器软件环境配置
| Hostname | IP | 系统 | 角色 |
|---|---|---|---|
| tango-01 | 192.168.112.10 | Centos7_64 | Jenkins |
| tango-01 | 192.168.112.10 | Centos7_64 | Git/Registry |
| tango-centos01 | 192.168.112.101 | Centos7_64 | Docker |
2.1 Java环境
1)查看Java版本
[root@tango-01 ~]# java -version
openjdk version "1.8.0_262"
OpenJDK Runtime Environment (build 1.8.0_262-b10)
OpenJDK 64-Bit Server VM (build 25.262-b10, mixed mode)复制
2)自动安装Java后的路径
[root@tango-01 ~]# which java
/bin/java
[root@tango-01 ~]# ls -lrt bin/java
lrwxrwxrwx 1 root root 22 Dec 12 09:08 bin/java -> etc/alternatives/java
[root@tango-01 ~]# ls -lrt etc/alternatives/java
lrwxrwxrwx 1 root root 73 Dec 11 09:08 etc/alternatives/java -> usr/lib/jvm/java-1.8.0-openjdk-1.8.0.272.b10-1.el7_9.x86_64/jre/bin/java复制
2.2 部署Git仓库
1)在192.168.112.10部署git
[root@tango-01 ~]# yum install git -y复制
2)创建git用户并设置密码
[root@tango-01 ~]# useradd git
[root@tango-01 ~]# passwd git复制
3)创建仓库
[root@tango-01 ~]# su - git
[git@tango-01 ~]$ mkdir solo.git
[git@tango-01 ~]$ cd solo.git/
[git@tango-01 solo.git]$ git --bare init
Initialized empty Git repository in home/git/solo.git/复制
4)访问创建的这个仓库
[git@tango-01 solo.git]$ git clone git@192.168.112.10:/home/git/solo.git/
Cloning into 'solo'...
The authenticity of host '192.168.112.10 (192.168.112.10)' can't be established.
ECDSA key fingerprint is SHA256:S/KFFiArKeYGlBNdYgK3ycuF7Zq7IfvSWFP7Bmi3uII.
ECDSA key fingerprint is MD5:ea:41:4d:94:55:cc:c5:a8:09:2a:74:30:d2:b1:43:22.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.112.10' (ECDSA) to the list of known hosts.
git@192.168.112.10's password:
warning: You appear to have cloned an empty repository.复制
2.3 安装Maven
1)yum方式安装maven
[root@tango-01 ~]# yum install -y maven复制
2)查看maven版本
[root@tango-01 ~]# mvn -v
Apache Maven 3.0.5 (Red Hat 3.0.5-17)
Maven home: usr/share/maven
Java version: 1.8.0_272, vendor: Red Hat, Inc.
Java home: usr/lib/jvm/java-1.8.0-openjdk-1.8.0.272.b10-1.el7_9.x86_64/jre
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "3.10.0-1127.19.1.el7.x86_64", arch: "amd64", family: "unix"复制
3、安装jenkins并配置
3.1 安装Jenkins
Jenkins的安装方式有很多种,有war包形式、rpm包形式,也可以yum源在线安装,本文使用yum方式安装,过程如下:
[root@tango-01 ~]# sudo wget -O etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
[root@tango-01 ~]# sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
[root@tango-01 ~]# yum install jenkins复制
启动服务Jenkins
[root@tango-01 ~]# systemctl start jenkins
[root@tango-01 ~]#
[root@tango-01 ~]# systemctl status jenkins
● jenkins.service - LSB: Jenkins Automation Server
Loaded: loaded (/etc/rc.d/init.d/jenkins; bad; vendor preset: disabled)
Active: active (running) since Tue 2020-12-08 22:44:14 CST; 16s ago
Docs: man:systemd-sysv-generator(8)
Process: 3466 ExecStart=/etc/rc.d/init.d/jenkins start (code=exited, status=0/SUCCESS)
Tasks: 26
Memory: 259.6M
CGroup: system.slice/jenkins.service
└─3485 etc/alternatives/java -Dcom.sun.akuma.Daemon=daemonized -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar usr/lib/jenkins/jenkins.war --...
Dec 08 22:44:11 tango-01 systemd[1]: Starting LSB: Jenkins Automation Server...
Dec 08 22:44:12 tango-01 runuser[3471]: pam_unix(runuser:session): session opened for user jenkins by (uid=0)
Dec 08 22:44:14 tango-01 jenkins[3466]: Starting Jenkins [ OK ]
Dec 08 22:44:14 tango-01 systemd[1]: Started LSB: Jenkins Automation Server.复制
默认端口是8080,也可以修改/etc/sysconfig/jenkins中的JENKINS_PORT参数进行修改。访问地址http://192.168.112.10:8080/
1)输入解锁密码
2)选择插件安装
3)保持默认,继续
4)安装默认插件,预计需要10分钟
5)创建管理员用户
6)配置Jenkins访问的URL,保存并完成
3.2 安装插件
Docker plugin:提供docker 构建和发布
SSH plugin:提供通过SSH在远程主机执行命令,用于部署服务
maven plugin:支持maven
Git Parameter:动态获取Git仓库Branch、Tag
3.3 添加SSH远程主机
1)主页面->凭据->右击全局凭据->添加凭据,添加访问Docker主机的凭据
2)在“系统管理-系统设置-SSH remote hosts”里配置SSH远程主机,点击保存
3.4 Docker配置
在“系统管理-系统设置-云”新增Docker配置,指定URL地址
3.5 配置全局工具配置maven、Java和git
在“系统管理-全局工具配置”中配置maven、Java和git
4、安装Docker及配置镜像仓库
4.1 安装Docker
在服务器192.168.112.10和192.168.112.101安装Docker,安装步骤参考“Docker基本概念及部署使用”,使用yum命令即可:
[root@tango-01 ]# yum install docker-ce -y复制
安装完成后启动并查看Docker运行状态
[root@tango-centos01 ~]# systemctl status docker
â— docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2020-12-13 10:34:31 CST; 5h 17min ago
Docs: https://docs.docker.com
Main PID: 1226 (dockerd)
Memory: 149.4M
CGroup: system.slice/docker.service
└─1226 usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --cluster-store=consul://192.168.112.101:8500 --cluster-advertise=ens33:2376 --...复制
4.2 部署私有容器镜像仓库
1)在192.168.112.10使用registry镜像搭建私有镜像仓库,参考“Docker镜像和仓库管理”,运行以下命令:
[root@tango-01 lib]# docker run -d -v usr/local/docker/registry:/var/lib/registry -p 5000:5000 --name myregistry registry
[root@tango-01 registry]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c2b1042df3f6 registry "/entrypoint.sh etc…" 2 months ago Up 21 seconds 0.0.0.0:5000->5000/tcp myregistry复制
2)修改配置文件,使之支持http
[root@tango-01 registry]# vi etc/docker/daemon.json
{
"registry-mirrors":["https://docker.mirrors.ustc.edu.cn"],
"insecure-registries": ["192.168.112.10:5000"]
}复制
重启docker让修改生效
[root@tango-01 registry]# systemctl restart docker
[root@tango-01 registry]# systemctl status docker复制
4.3 构建Tomcat基础镜像
1)在192.168.112.10构建Tomcat基础镜像,Tomcat基础镜像Dockerfile
[root@tango-01 tomcat]# vi Dockerfile
FROM centos:7
MAINTAINER www.aliangedu.com
ENV VERSION=8.5.61
ENV JAVA_HOME usr/local/jdk
RUN yum install wget -y
RUN wget http://mirrors.ustc.edu.cn/apache/tomcat/tomcat-8/v${VERSION}/bin/apache-tomcat-${VERSION}.tar.gz && \
tar zxf apache-tomcat-${VERSION}.tar.gz && \
mv apache-tomcat-${VERSION} usr/local/tomcat && \
rm -rf apache-tomcat-${VERSION}.tar.gz usr/local/tomcat/webapps/* && \
mkdir usr/local/tomcat/webapps/ROOT
EXPOSE 8080
CMD ["catalina.sh", "run"]复制
2)构建镜像并上传到Docker私有仓库
[root@tango-01 tomcat]# docker build -t 192.168.112.10:5000/tomcat-85 -f Dockerfile .
[root@tango-01 tomcat]# docker push 192.168.112.10:5000/tomcat-85
The push refers to repository [192.168.112.10:5000/tomcat-85]
c30ddcf49360: Pushed
812579aaee1a: Pushed
174f56854903: Pushed
latest: digest: sha256:2d8c683f2283aed56c0f039cb9e925d8076b7e24285b7697959057b8b0c1d617 size: 952复制
5、上传Java项目代码到git仓库
1)从Github拉取开源JAVA博客系统solo:
[root@tango-01 ]# git clone https://github.com/88250/solo
Cloning into 'solo'...
remote: Enumerating objects: 351, done.
remote: Counting objects: 100% (351/351), done.
remote: Compressing objects: 100% (194/194), done.
remote: Total 64574 (delta 183), reused 286 (delta 151), pack-reused 64223
Receiving objects: 100% (64574/64574), 103.05 MiB | 62.00 KiB/s, done.
Resolving deltas: 100% (38666/38666), done.
[root@tango-01 ]# cd solo
[root@tango-01 solo]# ls
CHANGE_LOGS_2010-2019.html Dockerfile LICENSE package-lock.json README_en_US.md scripts webpack.config.js
CHANGE_LOGS.md gulpfile.js package.json pom.xml README.md src复制
2)移除旧的推送地址,添加新的:
[root@tango-01 solo]# git remote remove origin
[root@tango-01 solo]# git remote add origin git@192.168.112.10:/home/git/solo.git复制
3)提交代码到Git仓库并创建tag:
[root@tango-01 solo]# touch src/main/resources/a.html
[root@tango-01 solo]# git add .
[root@tango-01 solo]# git config --global user.email "xxxx"
[root@tango-01 solo]# git config --global user.name "xxxx"
[root@tango-01 solo]#
[root@tango-01 solo]# git commit -m "a"
[master 9ac0c02] a
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 src/main/resources/a.html
[root@tango-01 solo]# git tag 1.0.1复制
4)推送到Git服务器:
[root@tango-01 solo]# git push origin 1.0.1
The authenticity of host '192.168.112.10 (192.168.112.10)' can't be established.
ECDSA key fingerprint is SHA256:S/KFFiArKeYGlBNdYgK3ycuF7Zq7IfvSWFP7Bmi3uII.
ECDSA key fingerprint is MD5:ea:41:4d:94:55:cc:c5:a8:09:2a:74:30:d2:b1:43:22.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.112.10' (ECDSA) to the list of known hosts.
git@192.168.112.10's password:
Counting objects: 64574, done.
Compressing objects: 100% (19058/19058), done.
Writing objects: 100% (64574/64574), 103.04 MiB | 12.77 MiB/s, done.
Total 64574 (delta 38666), reused 64574 (delta 38666)
To git@192.168.112.10:/home/git/solo.git
* [new tag] 1.0.0 -> 1.0.1复制
6、Jenkins创建项目并发布测试
6.1 新建项目
1)在新建任务->输入任务名称,构建一个Maven项目
2)配置Git参数化构建(需要安装Git Parameter参数插件)
3)配置源码管理
此时发现会出现报错信息,因为仓库为私有仓库,需要配置Credentials,点开add, Add Credentials的 Kind选择SSH Username with private key,Username选择git,Private Key为生成的git的本地私钥,查看私钥cat home/git/.ssh/id_rsa 复制粘贴到Key区域,完成添加。此时可以发现报错已经消失。
#生成git用户的私钥和公钥
[git@tango-01 ~]$ ssh-keygen
#拷贝公钥到仓库宿主机文件下
[git@tango-01 .ssh]$ cp id_rsa.pub authorized_keys
[git@tango-01 .ssh]$ ll
total 16
-rw-r--r-- 1 git git 394 Dec 12 23:33 authorized_keys
-rw------- 1 git git 1679 Dec 12 23:29 id_rsa
-rw-r--r-- 1 git git 394 Dec 12 23:29 id_rsa.pub
-rw-r--r-- 1 git git 176 Dec 9 22:42 known_hosts复制
4)配置触发器
5)配置Build
简单的maven项目,构建使用pom.xml,执行package -DskipTests
6)配置Post Steps
在Jenkins本机服务器(192.168.112.10)构建镜像并推送到镜像仓库(192.168.112.10),并SSH远程连接到Docker主机(192.168.112.10)使用推送的镜像创建容器。
上图中,在Jenkins主机执行的Shell命令如下:
REPOSITORY=192.168.112.10:5000/solo:${Tag}
# 构建镜像
cat > Dockerfile << EOF
FROM 192.168.112.10:5000/tomcat-85:latest
RUN rm -rf /usr/local/tomcat/webapps/ROOT
COPY target/*.jar /usr/local/tomcat/webapps/ROOT.war
CMD ["/usr/local/tomcat/bin/catalina.sh", "run"]
EOF
docker build -t $REPOSITORY .
# 上传镜像
docker push $REPOSITORY复制
上图中,SSH远程Docker主机执行的Shell命令如下:
REPOSITORY=192.168.112.10:5000/solo:${Tag}
# 部署
docker rm -f blog-solo |true
docker image rm $REPOSITORY |true
docker container run -d --name blog-solo -v /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.272.b10-1.el7_9.x86_64/jre:/usr/local/jdk -p 18080:8080 $REPOSITORY复制
6.2 构建任务
1)选择Build with Parameters,然后选择Tag开始构建
2)查看控制台输出
7、测试
1)在192.168.192.101上查看镜像和容器状态
[root@tango-centos01 bin]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.112.10:5000/solo 1.0.1 ad4138dd169a 3 minutes ago 311MB
[root@tango-centos01 lib]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7f85877dd6cc 192.168.112.10:5000/solo:1.0.1 "/usr/local/tomcat/b…" 10 seconds ago Up 10 seconds 0.0.0.0:18080->8080/tcp blog-solo复制
2)访问地址192.168.112.101:18080
至此,基于Jenkins+Docker的自动化部署整个操作流程完成
参考资料
https://blog.csdn.net/xiaoxiangzi520/article/details/88842200
https://blog.51cto.com/lizhenliang/2159817
https://www.cnblogs.com/wfd360/p/11314697.html
https://www.jenkins.io/zh/doc/
https://www.cnblogs.com/jing-zhe/p/12178208.html
