在如今的互联网时代,随着软件开发复杂度的不断提高,软件开发和发布管理也越来越重要。目前已经形成一套标准的流程,最重要的组成部分就是持续集成(Continuous Integration,CI)及持续部署、交付(CD)。在此,我们来以一个案例初步了解 CI 流程。那么什么是 CI 呢?简单来讲,CI 就是将传统的代码合并、构建、部署、测试都集成在一起,不断地执行这个过程,并对结果进行反馈。
CI 流程设计图:
工作流程:
1. 开发人员提交代码到Git版本仓库;
2. Jenkins人工/定时触发项目构建;
3. Jenkins拉取代码、代码编码、打包镜像、推送到镜像仓库;
4. Jenkins在Docker主机创建容器并发布
主机环境规划:
docker-jenkins: 10.0.0.98
docker-git-harbor:10.0.0.99
1. 部署Git代码版本仓库
安装:
|
1
|
[root@docker-git-harbor ~]
# yum install git -y
|
配置git用户:
|
1
2
|
[root@docker-git-harbor ~]
# useradd git
[root@docker-git-harbor ~]
# passwd git
|
创建库:
|
1
2
3
4
5
6
7
|
[git@docker-git-harbor ~]$
mkdir
tomcat-java-demo.git
[git@docker-git-harbor ~]$
cd
tomcat-java-demo.git/
[git@docker-git-harbor tomcat-java-demo.git]$ git --bare init
Initialized empty Git repository
in
/home/git/tomcat-java-demo
.git/
[git@docker-git-harbor tomcat-java-demo.git]$
ls
branches config description HEAD hooks info objects refs
[git@docker-git-harbor tomcat-java-demo.git]$
|
另一台docker-jenkins访问该仓库:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@docker-jenkins ~]
# git clone [email protected]:/home/git/tomcat-java-demo.git
Cloning into
'solo'
...
The authenticity of host
'10.0.0.99 (10.0.0.99)'
can't be established.
ECDSA key fingerprint is SHA256:XNWQhGsAsqd84k
/6OYV3xl1
+mPGjtASsxeV1YVLZVas.
ECDSA key fingerprint is MD5:b4:bd:16:2b:de:e7:7c:fd:c5:
dd
:91:75:20:ff:3e:0a.
Are you sure you want to
continue
connecting (
yes
/no
)?
yes
Warning: Permanently added
'10.0.0.99'
(ECDSA) to the list of known hosts.
[email protected]'s password:
warning: You appear to have cloned an empty repository.
[root@docker-jenkins ~]
# ls
anaconda-ks.cfg tomcat-java-demo.git
[root@docker-jenkins ~]
# ls tomcat-java-demo.git
[root@docker-jenkins ~]
#
|
模拟生产项目,拉取github上的一个demo,并上传至本地git库
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
[root@docker-jenkins ~]
# mv tomcat-java-demo tomcat-java-demo.bak
[root@docker-jenkins ~]
# git clone https://github.com/dingkai163/tomcat-java-demo.git
[root@docker-jenkins tomcat-java-demo]
# cat .git/config
[core]
repositoryformatversion = 0
filemode =
true
bare =
false
logallrefupdates =
true
[remote
"origin"
]
fetch = +refs
/heads/
*:refs
/remotes/origin/
*
[branch
"master"
]
remote = origin
merge = refs
/heads/master
[root@docker-jenkins tomcat-java-demo]
# git add .
[root@docker-jenkins tomcat-java-demo]
# git status
# On branch master
nothing to commit, working directory clean
[root@docker-jenkins tomcat-java-demo]
# git commit -m "all"
# On branch master
nothing to commit, working directory clean
[root@docker-jenkins tomcat-java-demo]
# git push origin master
[email protected]'s password:
Counting objects: 229,
done
.
Compressing objects: 100% (185
/185
),
done
.
Writing objects: 100% (229
/229
), 4.52 MiB | 0 bytes
/s
,
done
.
Total 229 (delta 25), reused 229 (delta 25)
* [new branch] master -> master
[root@docker-jenkins tomcat-java-demo]
#
|
2. jenkins环境部署
部署jdk环境及maven
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
[root@docker-jenkins ~]
# mkdir tools
[root@docker-jenkins ~]
# cd tools
[root@docker-jenkins tools]
# rz -y
[root@docker-jenkins tools]
# tar zxvf jdk-8u45-linux-x64.tar.gz
[root@docker-jenkins tools]
# mv jdk1.8.0_45 /usr/local/jdk
[root@docker-jenkins tools]
# vim /etc/profile
JAVA_HOME=
/usr/local/jdk
PATH=$PATH:$JAVA_HOME
/bin
CLASSPATH=.:$JAVA_HOME
/lib/dt
.jar:$JAVA_HOME
/lib/tools
.jar
export
JAVA_HOME PATH CLASSPATH
[root@docker-jenkins tools]
# source /etc/profile
[root@docker-jenkins tools]
# java -version
java version
"1.8.0_45"
Java(TM) SE Runtime Environment (build 1.8.0_45-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.45-b02, mixed mode)
[root@docker-jenkins tools]
# tar zxf apache-maven-3.5.0-bin.tar.gz
[root@docker-jenkins tools]
# mv apache-maven-3.5.0 /usr/local/maven
|
在10.0.0.98主机安装Jenkins,下载Tomcat二进制包将war包到webapps下即可:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
[root@docker-jenkins tools]
# wget http://mirrors.jenkins.io/war-stable/latest/jenkins.war
[root@docker-jenkins tools]
# wget http://mirrors.shu.edu.cn/apache/tomcat/tomcat-8/v8.5.38/bin/apache-tomcat-8.5.38.tar.gz
[root@docker-jenkins tools]
# tar zxf apache-tomcat-8.5.38.tar.gz
[root@docker-jenkins tools]
# ls
apache-tomcat-8.5.38 apache-tomcat-8.5.38.
tar
.gz jdk-8u45-linux-x64.
tar
.gz jenkins.war
[root@docker-jenkins tools]
# mv apache-tomcat-8.5.38 /usr/local/tomcat-jenkins
[root@docker-jenkins tools]
# ls /usr/local/tomcat-jenkins/webapps/
docs examples host-manager manager ROOT
[root@docker-jenkins tools]
# rm -rf /usr/local/tomcat-jenkins/webapps/*
[root@docker-jenkins tools]
# mv jenkins.war /usr/local/tomcat-jenkins/webapps/ROOT.war
[root@docker-jenkins tools]
# ll /usr/local/tomcat-jenkins/webapps/
total 75520
-rw-r--r--. 1 root root 77330344 Mar 15 00:55 ROOT.war
[root@docker-jenkins tools]
# cd /usr/local/tomcat-jenkins/bin/
[root@docker-jenkins bin]
# ./startup.sh
Using CATALINA_BASE:
/usr/local/tomcat-jenkins
Using CATALINA_HOME:
/usr/local/tomcat-jenkins
Using CATALINA_TMPDIR:
/usr/local/tomcat-jenkins/temp
Using JRE_HOME:
/usr/local/jdk1
.8
Using CLASSPATH:
/usr/local/tomcat-jenkins/bin/bootstrap
.jar:
/usr/local/tomcat-jenkins/bin/tomcat-juli
.jar
Tomcat started.
[root@docker-jenkins bin]
#
|
启动后,浏览器访问http://10.0.0.98:8080/,按提示输入密码,登录即可。
3. 部署私有镜像仓库
企业级harbor镜像仓库部署:
https://www.cnblogs.com/kaye/p/10524391.html
构建Tomcat基础镜像,并推送到harbor镜像库:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
[root@docker-git-harbor ~]
# cd tomcat
[root@docker-git-harbor tomcat]
# cat Dockerfile-tomcat
FROM centos:7
MAINTAINER www.cnblogs.com
/kaye/
ENV VERSION=8.5.38
RUN yum
install
java-1.8.0-openjdk wget curl unzip iproute net-tools -y && \
yum clean all && \
rm
-rf
/var/cache/yum/
*
RUN wget http:
//mirrors
.shu.edu.cn
/apache/tomcat/tomcat-8/v
${VERSION}
/bin/apachetomcat-
${VERSION}.
tar
.gz && \
tar
zxf apache-tomcat-${VERSION}.
tar
.gz && \
mv
apache-tomcat-${VERSION}
/usr/local/tomcat
&& \
rm
-rf apache-tomcat-${VERSION}.
tar
.gz
/usr/local/tomcat/webapps/
* && \
mkdir
/usr/local/tomcat/webapps/test
&& \
echo
"ok"
>
/usr/local/tomcat/webapps/test/status
.html && \
sed
-i
'1a JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom"'
/usr/local/tomcat/bin/catalina
.sh && \
ln
-sf
/usr/share/zoneinfo/Asia/Shanghai
/etc/localtime
ENV PATH $PATH:
/usr/local/tomcat/bin
EXPOSE 8080
CMD [
"catalina.sh"
,
"run"
]
[root@docker-git-harbor tomcat]
# docker build -t tomcat:v1 -f Dockerfile-tomcat .
[root@docker-git-harbor tomcat]
# docker tag tomcat:v1 reg.dingkai.com/library/tomcat:v1
[root@docker-git-harbor tomcat]
# docker login reg.dingkai.com
[root@docker-git-harbor tomcat]
# docker push reg.dingkai.com/library/tomcat:v1
|
4. Jenkins安装必要插件
由于jenkins是离线安装,所有在此需要配置一下插件下载地址:系统管理-->插件管理-->Advanced
修改下方地址,将https修改为http 再点Submit
Submit后点击Available,Check now此时我们可以看到很多可获得插件
首先搜索并安装Pipeline插件
pipeline 是一套运行于jenkins上的工作流框架,将原本独立运行于单个或者多个节点的任务连接起来,实现单个任务难以完成的复杂流程编排与
可视化。
再安装SCM to job 插件,同上步骤(搜索,安装)。
5. 项目创建
创建jobs
选择流水线类型
到这里我们就开始配置Pipeline script,点击Pipeline语法,来自动生成我们需要的配置。
如下图,我们Git方式,配置Git仓库地址,再添加认证相关。
这里我们使用的是秘钥认证方式,需要将jenkins上生成的公钥发送到git服务器上,然后将jenkins上的生成的私钥内容粘贴到下图Key中,这样jenkins就可以免交互的拉取git仓库中的代码了。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
[root@docker-jenkins bin]
# ssh-keygen
Generating public
/private
rsa key pair.
Enter
file
in
which
to save the key (
/root/
.
ssh
/id_rsa
):
Enter passphrase (empty
for
no passphrase):
Enter same passphrase again:
Your identification has been saved
in
/root/
.
ssh
/id_rsa
.
Your public key has been saved
in
/root/
.
ssh
/id_rsa
.pub.
The key fingerprint is:
SHA256:1vD8XM3lDYFmrxgAbwPTLwb0fl+oEx8cFgtykpg4ODI root@docker-jenkins
The key's randomart image is:
+---[RSA 2048]----+
| . o==o.o ... |
|E o o +=++ .+o . |
| o . . .*o o+.. .|
| oo*oo o.=o|
| .S.*o+.o =|
| . ..B.+ |
| o = |
| . |
| |
+----[SHA256]-----+
[root@docker-jenkins bin]
# cd
[root@docker-jenkins ~]
#
[root@docker-jenkins ~]
#
[root@docker-jenkins ~]
# ls .ssh/
id_rsa id_rsa.pub known_hosts
[root@docker-jenkins ~]
# ssh-copy-id [email protected]
/usr/bin/ssh-copy-id
: INFO: Source of key(s) to be installed:
"/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id
: INFO: attempting to log
in
with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id
: INFO: 1 key(s) remain to be installed --
if
you are prompted now it is to
install
the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with:
"ssh '[email protected]'"
and check to
make
sure that only the key(s) you wanted were added.
[root@docker-jenkins ~]
#
|
配置完成后,我们就可以生成Pipeline脚本了。点击下方Generate Pipeline Script,然后复制方框内的内容。
编写我们所需要的Pipeline脚本如下,将其粘贴到script的拉取代码模块中,并修改分支master为${branch},其他模块内容自行编写。
node {
// 拉取代码
stage('Git Checkout') {
checkout([$class: 'GitSCM', branches: [[name: '${branch}']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: 'c42214eb-db1e-49fb-83c9-f78d1f4310a2', url: '[email protected]:/home/git/tomcat-java-demo.git']]])
}
// 代码编译
stage('Maven Build') {
sh '''
export JAVA_HOME=/usr/local/jdk
/usr/local/maven/bin/mvn clean package -Dmaven.test.skip=true
'''
}
// 项目打包到镜像并推送到镜像仓库
stage('Build and Push Image') {
sh '''
REPOSITORY=reg.dingkai.com/library/tomcat-java-demo:${branch}
cat > Dockerfile << EOF
FROM reg.dingkai.com/library/tomcat:v1
MAINTAINER kai
RUN rm -rf /usr/local/tomcat/webapps/*
ADD target/*.war /usr/local/tomcat/webapps/ROOT.war
EOF
docker build -t $REPOSITORY .
docker login reg.dingkai.com -u admin -p 123456
docker push $REPOSITORY
'''
}
// 部署到Docker主机
stage('Deploy to Docker') {
sh '''
REPOSITORY=reg.dingkai.com/library/tomcat-java-demo:${branch}
docker rm -f tomcat-java-demo |true
docker pull $REPOSITORY
docker container run -d --name tomcat-java-demo -p 88:8080 $REPOSITORY
'''
}
}
在Pipeline脚本里面我们指定了一个branch参数,所以我们需要传递一个参数变量,这里我们选择参数化构建,默认值为master分支。
然后保存配置。
6. 开始构建任务
回到主界面,我们开始构建任务
可以通过Console Output输出查看jenkins构建流程
成功构建会提示: SUCCESS
我们也可以查看构建成功后的图形构建过程
通过浏览器来访问tomcat-java-demo项目:http://10.0.0.98:88/
可以看到可以正常访问,至此基于 Jenkins+Docker+Git 的CI流程已经成功部署了。