基于Jenkins和Maven实现Docker镜像的CI/CD
什么是CI?CI全拼是Continuous Integration,译作持续集成,在业务语境中主要针对代码编写人员及测试人员,他们需要不定时地频繁提交代码、测试代码,以便快速发现软件工程中的代码质量问题并进行修复。这部分工作和平台运维没有任何关系,但和软件产品运维有较大关系。
什么是CD?CD全拼是Continuous Deployment或Continuous Delivery,根据协同分工的组织划分不同,CD有不同含义。在规模适当、权责明晰的产品型组织团队中,CD指代Continuous Deployment,意在将软件工程项目灵活部署到任意环境,主要供内部测试团队或尝鲜用户使用。而在规模较小而指责不清晰的管理型组织团队中,CD指代Continuous Delivery,意指将成熟的、定型的软件产品交付给终端使用者,涵盖了软件工程的部署和维保培训。在河南省的IT环境中,CD偏向于指代Continuous Delivery,有时也兼指Continuous Deployment和Continuous Delivery,比如我曾服务过的郑州市某ZY公司,总计职员27人,每个技术人员对应了5个管理人员,号称“人人皆可管理技术”。
该项目的工作流程描述:代码由《开发电脑》提交至《git》;触发《Jenkins》的自动代码编译并构建镜像,而后将镜像推送到《docker》仓库;《测试环境或生产环境》从《docker》仓库中拉取镜像进行《部署》。
项目实施环境:
Host OS:CentOS 7 1804 64Bit
Package:git、JDK、Maven、Tomcat、Jenkins
Role:Git/Registry、 Docker、Jenkins
IP Range:192.168.207.177~192.168.207.180
(一)部署git服务
[ Downloads]$ su root
Password:
[ Downloads]# yum install -y git
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
- base: mirrors.aliyun.com
- extras: mirrors.aliyun.com
- updates: mirrors.aliyun.com
Package git-1.8.3.1-23.el7_8.x86_64 already installed and latest version
Nothing to do
[ Downloads]# useradd git
[ Downloads]# echo git | passwd --stdin git
Changing password for user git.
passwd: all authentication tokens updated successfully.
[ Downloads]# su - git
[ ~]$ mkdir PomanTeng.git
[ ~]$ ls -F
PomanTeng.git/
[ ~]$ cd PomanTeng.git/
[ PomanTeng.git]$ git --bare init
Initialized empty Git repository in /home/git/PomanTeng.git/
(二)部署Docker服务
[ Downloads]$ su root
Password:
[ Downloads]# yum install -y yum-utils device-mapper-persistent-data lvm2
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
- base: mirrors.aliyun.com
- extras: mirrors.aliyun.com
- updates: mirrors.aliyun.com
Package yum-utils-1.1.31-54.el7_8.noarch already installed and latest version
Package device-mapper-persistent-data-0.8.5-2.el7.x86_64 already installed and latest version
Package 7:lvm2-2.02.186-7.el7_8.2.x86_64 already installed and latest version
Nothing to do
[ Downloads]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Loaded plugins: fastestmirror, langpacks
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
[ Downloads]# yum install -y docker-ce
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
.........................................................................................................
Installed:
docker-ce.x86_64 3:19.03.12-3.el7
Dependency Installed:
container-selinux.noarch 2:2.119.2-1.911c772.el7_8 containerd.io.x86_64 0:1.2.13-3.2.el7 docker-ce-cli.x86_64 1:19.03.12-3.el7
Complete!
[ Downloads]#
[ Downloads]# curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://bc437cce.m.daocloud.io
docker version >= 1.12
{"registry-mirrors": ["http://bc437cce.m.daocloud.io"]}
Success.
You need to restart docker to take effect: sudo systemctl restart docker
[ Downloads]# systemctl restart docker
[ Downloads]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[ Downloads]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2020-08-12 13:56:30 EDT; 1min 23s ago
Docs: https://docs.docker.com
Main PID: 62339 (dockerd)
CGroup: /system.slice/docker.service
└─62339 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
Aug 12 13:56:29 localhost.localdomain dockerd[62339]: time="2020-08-12T13:56:29.641098974-04:00" level=info msg="scheme \"un...=grpc
Aug 12 13:56:29 localhost.localdomain dockerd[62339]: time="2020-08-12T13:56:29.641109314-04:00" level=info msg="ccResolverW...=grpc
Aug 12 13:56:29 localhost.localdomain dockerd[62339]: time="2020-08-12T13:56:29.641143808-04:00" level=info msg="ClientConn ...=grpc
Aug 12 13:56:29 localhost.localdomain dockerd[62339]: time="2020-08-12T13:56:29.707335405-04:00" level=info msg="Loading con...art."
Aug 12 13:56:29 localhost.localdomain dockerd[62339]: time="2020-08-12T13:56:29.980985856-04:00" level=info msg="Default bri...ress"
Aug 12 13:56:30 localhost.localdomain dockerd[62339]: time="2020-08-12T13:56:30.270804237-04:00" level=info msg="Loading con...one."
Aug 12 13:56:30 localhost.localdomain dockerd[62339]: time="2020-08-12T13:56:30.412313489-04:00" level=info msg="Docker daem...03.12
Aug 12 13:56:30 localhost.localdomain dockerd[62339]: time="2020-08-12T13:56:30.412490651-04:00" level=info msg="Daemon has ...tion"
Aug 12 13:56:30 localhost.localdomain dockerd[62339]: time="2020-08-12T13:56:30.430395667-04:00" level=info msg="API listen ...sock"
Aug 12 13:56:30 localhost.localdomain systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
[ Downloads]#
(三)部署Maven服务
[ Downloads]# tar -xzvf apache-maven-3.5.4-bin.tar.gz -C /usr/local/
apache-maven-3.5.4/README.txt
...............................................................................................................................
apache-maven-3.5.4/lib/jansi-1.17.1.jar
[ Downloads]# mv /usr/local/apache-maven-3.5.4/ /usr/local/maven354
[ Downloads]# tree -L 1 /usr/local/maven354/
/usr/local/maven354/
├── bin
├── boot
├── conf
├── lib
├── LICENSE
├── NOTICE
└── README.txt
4 directories, 3 files
[ Downloads]#
(四)部署Jenkins服务
[ Downloads]$ su root
Password:
[ Downloads]#
[ Downloads]# tar -xzvf jdk-8u192-linux-x64.tar.gz -C /usr/local/
jdk1.8.0_192/
......................................................................................................................
jdk1.8.0_192/jre/Welcome.html
jdk1.8.0_192/jre/README
jdk1.8.0_192/README.html
[ Downloads]# mv /usr/local/jdk1.8.0_192/ /usr/local/jdk180192
[ Downloads]# tree -L 1 /usr/local/jdk180192/
/usr/local/jdk180192/
├── bin
├── COPYRIGHT
├── include
├── javafx-src.zip
├── jre
├── lib
├── LICENSE
├── man
├── README.html
├── release
├── src.zip
├── THIRDPARTYLICENSEREADME-JAVAFX.txt
└── THIRDPARTYLICENSEREADME.txt
5 directories, 8 files
[ Downloads]#
(五)部署Tomcat服务
[ Downloads]# tar -xzvf apache-tomcat-8.5.37.tar.gz -C /usr/local/
apache-tomcat-8.5.37/conf/
................................................................................................................................
apache-tomcat-8.5.37/bin/catalina.sh
apache-tomcat-8.5.37/bin/configtest.sh
apache-tomcat-8.5.37/bin/daemon.sh
apache-tomcat-8.5.37/bin/digest.sh
apache-tomcat-8.5.37/bin/setclasspath.sh
apache-tomcat-8.5.37/bin/shutdown.sh
apache-tomcat-8.5.37/bin/startup.sh
apache-tomcat-8.5.37/bin/tool-wrapper.sh
apache-tomcat-8.5.37/bin/version.sh
[ Downloads]# mv /usr/local/apache-tomcat-8.5.37/ /usr/local/tomcat8.5.37
[ Downloads]# tree -L 1 /usr/local/tomcat8.5.37/
/usr/local/tomcat8.5.37/
├── bin
├── BUILDING.txt
├── conf
├── CONTRIBUTING.md
├── lib
├── LICENSE
├── logs
├── NOTICE
├── README.md
├── RELEASE-NOTES
├── RUNNING.txt
├── temp
├── webapps
└── work
7 directories, 7 files
[ Downloads]#
(六)部署Jenkins的Web服务
[ Downloads]# unzip jenkins.war -d /usr/local/tomcat8.5.37/webapps/ROOT
Archive: jenkins.war
.........................................................................................................................................
inflating: /usr/local/tomcat8.5.37/webapps/ROOT/WEB-INF/lib/jenkins-core-2.235.4.jar
[ Downloads]#
(七)安装和配置Jenkins管理项目
[ Downloads]# tail -f /usr/local/tomcat8.5.37/logs/catalina.out
Please use the following password to proceed to installation:
d21d68906c4945d7aea9eb1ad5c86359
This may also be found at: /root/.jenkins/secrets/initialAdminPassword
不得不说郑州这帮龟孙儿混蛋公司在过河拆桥这方面的确是把好手,这家龟孙儿混蛋公司干得更是绝户儿,河都没过完就拆桥了:嫌老子要得工资高(税前15000¥/月而已,和河南高度自我膨胀的高消费相比,这点儿钱简直还不如毛毛雨!),急着承接客户的项目才把老子请过去,等到项目建设施工结束了,就开始找理由把老子踢开,也不用老子给这个项目做交割培训,到目前还拖欠了老子23000¥应得工资不给,认为后期的项目维保随便找个阿猫阿狗来做就可以了,花4000¥/月招了个今年刚毕业的毛头小子来作维保,结果给客户换RAID阵列硬盘时把硬盘格式化了2块(也不知道是这家龟孙儿混蛋公司里的哪个高人指点的、都做了啥骚操作),得知这事儿的原委,只想说一句:活了个该!让你没过完河就拆桥,拖欠老子工资不给,还在所谓的公司领导层会议上不停地给老子身上泼脏水!
关于这个项目施工的完整文档我倒是可以凭借现场记录复写出一份施工及维保文档,不过现在我为什么要这么做呢?工资工资拖欠不给,连照面儿都不带打的!交情交情没有,做不到好聚好散,往我身上泼脏水的时候就没想到还会有求到我门前的时候?我把我当初是怎么被你找了个蹩脚的理由给赶走的给你的客户也说了个明明白白,我现在给你的客户出具这个项目的施工及维保文档也是有条件的:工资连本带息地支付给我、应缴纳的五险一金给我补齐、当初在谁面前给我身上泼脏水的把他们找回来再当面儿给我道歉、你自己去给你的客户说清楚我是怎么被你赶出这个项目的、这份文档的润笔费是50000¥且只接受现金付款。