jenkins+docker+gitlab自动化部署
流程:
开发人员提交代码到Gitlab版本仓库;
Jenkins触发项目构建;
Jenkins拉取代码、代码编码、打包镜像、推送到镜像仓库;
Jenkins在Docker主机创建容器并发布
| 角色 | IP |
|---|---|
| Jenkins/Docker | 192.168.125.224 |
| Docker | 192.168.125.227 |
| Gitlab/registry仓库 | 192.168.125.222 |
安装Docker
安装依赖包
# yum install -y yum-utils device-mapper-persistent-data lvm2
添加Docker软件包源:
# yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
安装Docker CE,安装最新版
# yum install docker-ce -y
配置加速器
# curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s https://i9iblr0h.mirror.aliyuncs.com
启动并开机启动
# systemctl start docker
# systemctl enable docker
安装指定版本docker
查询可用版本
[ ~]# yum list docker-ce --showduplicates | sort -r
安装指定版本
[ ~]# sudo yum install docker-ce-17.12.0.ce-1.el7.centos
部署私有镜像仓库
搭建私有镜像仓库,官方提供registry镜像,搭建私有仓库非常简单。
在192.168.125.222部署:
# docker run -it -d -v /opt/registry:/var/lib/registry -p 5000:5000 --restart=always --name registry registry
接下来测试registry可用性。
由于Docker CLI默认以HTTPS访问,而部署的registry并未提供HTTPS,因此,需要在pull镜像的Docker主机(192.168.125.224 192.168.125.227)添加HTTP可信任:
# vi /etc/docker/daemon.json
{"insecure-registries":["192.168.0.219:5000"]}
# systemctl restart docker
注意:因为Docker从1.3.X之后,与docker registry交互默认使用的是https,然而此处搭建的私有仓库只提供http服务,所以当与私有仓库交互时就会报上面的错误。
为了解决这个问题需要在启动docker server时增加启动参数为默认使用http访问。修改docker启动配置文件:
vim /usr/lib/systemd/system/docker.service
找到 ExecStart
ExecStart=/usr/bin/dockerd --insecure-registry 192.168.125.222:5000
重启
# systemctl daemon-reload && systemctl restart docker
构建Tomcat基础镜像并上传到仓库
[ ~]# vi Dockerfile
FROM centos:7
#作者
MAINTAINER www
#拷贝tomcat jdk 到镜像并解压
ADD apache-tomcat-9.0.19.tar.gz /usr/local/tomcat
ADD jdk-8u211-linux-x64.tar.gz /usr/local/jdk
#定义交互时登录路径
ENV MYPATH /usr/local
WORKDIR $MYPATH
#配置jdk 和tomcat环境变量
ENV JAVA_HOME /usr/local/jdk/jdk1.8.0_211
ENV CATALINA_HOME /usr/local/tomcat/apache-tomcat-9.0.19
ENV CATALINA_BASE /usr/local/tomcat/apache-tomcat-9.0.19
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
#设置暴露的端口
EXPOSE 8080
#运行tomcat
CMD /usr/local/tomcat/apache-tomcat-9.0.19/bin/startup.sh && tail -f /usr/local/tomcat/apache-tomcat-9.0.19/logs/catalina.out
创建tomcat镜像
# docker build -t 192.168.125.222:5000/tomcat -f Dockerfile .
推送镜像到仓库
[ harbor]# docker push 192.168.125.222:5000/tomcat
Jenkins配置全局工具配置及安装见https://www.cnblogs.com/wengshaohang/p/12272952.html
主页面 -> 系统管理 -> 全局工具配置
Jenkins安装必要插件
插件说明:
- SSH:用于SSH远程Docker主机执行Shell命令
- Git Parameter:动态获取Git仓库Branch、Tag
上传JAVA项目代码到Gitlab仓库见https://www.cnblogs.com/wengshaohang/p/12269127.html
MINGW64 ~/Desktop/repo/test-tag (master)
$ ll
total 4
-rw-r--r-- 1 hang 197121 1298 7月 17 2018 pom.xml
drwxr-xr-x 1 hang 197121 0 2月 13 13:46 src/
MINGW64 ~/Desktop/repo/test-tag (master)
$ git add .
MINGW64 ~/Desktop/repo/test-tag (master)
$ git commit -m"four"
[master 795f216] four
1 file changed, 20 deletions(-)
delete mode 100644 index.html
MINGW64 ~/Desktop/repo/test-tag (master)
$ git tag -a 4.0 -m ‘version 4.0‘
MINGW64 ~/Desktop/repo/test-tag (master)
$ git push origin 4.0
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Delta compression using up to 4 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 331 bytes | 7.00 KiB/s, done.
Total 3 (delta 1), reused 0 (delta 0)
To https://gitlab.example.com/root/test-tag.git
* [new tag] 4.0 -> 4.0
Jenkins创建项目并发布测试
先创建一个用于连接Docker主机的凭据。
主页面 -> 凭据 -> 系统 -> 右击全局凭据 -> 添加凭据:输入连接Docker主机的用户名和密码
添加SSH远程主机
主页面 -> 系统管理 -> 系统设置 -> SSH remote hosts:
主页面 -> 新建任务 -> 输入任务名称,构建一个Maven项目:
注意:如果没有显示“构建一个Maven项目”选项,需要在管理插件里安装“Maven Integration plugin”插件。
配置Git参数化构建:
动态获取Git仓库tag,与用户交互选择Tag发布:
修改*/master为$Tag,Tag是上面动态获取的变量名,表示根据用户选择打代码版本。
指定项目Git仓库地址
设置maven构建命令选项
利用pom.xml文件构建项目
在Jenkins本机镜像构建与推送到镜像仓库,并SSH远程连接到Docker主机使用推送的镜像创建容器:
添加执行Shell
REPOSITORY=192.168.125.222:5000/solo:${Tag}
# 构建镜像
cat > Dockerfile << EOF
FROM 192.168.125.222:5000/tomcat:latest
RUN rm -rf /usr/local/tomcat/apache-tomcat-9.0.19/webapps/ROOT
COPY target/*.war /usr/local/tomcat/apache-tomcat-9.0.19/webapps/ROOT.war
CMD /usr/local/tomcat/apache-tomcat-9.0.19/bin/startup.sh && tail -f /usr/local/tomcat/apache-tomcat-9.0.19/logs/catalina.out
EOF
docker build -t $REPOSITORY -f Dockerfile .
# 上传镜像
docker push $REPOSITORY
SSH远程Docker主机执行的Shell命令如下
REPOSITORY=192.168.125.222:5000/solo:${Tag}
# 部署
docker rm -f blog-solo |true
docker image rm $REPOSITORY |true
docker container run -d --name blog-solo -v /usr/local/jdk1.8:/usr/local/jdk/jdk1.8.0_211 -p 88:8080 $REPOSITORY
注:容器名称blog-solo,暴露宿主机端口88,即使用宿主机IP:88访问blog-solo项目。
开始构建:
构建成功
控制台输出
Started by user admin
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/docker-maven-job
using credential 8018da86-0aa8-4ec1-a90b-ea9091668f83
> git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url https://gitlab.example.com/root/test-tag.git # timeout=10
Fetching upstream changes from https://gitlab.example.com/root/test-tag.git
> git --version # timeout=10
using GIT_ASKPASS to set credentials
> git fetch --tags --progress https://gitlab.example.com/root/test-tag.git +refs/heads/*:refs/remotes/origin/* # timeout=10
> git rev-parse origin/4.0^{commit} # timeout=10
> git rev-parse 4.0^{commit} # timeout=10
Checking out Revision 795f216e4c3f264720959c59a0bb850e9b46b956 (4.0)
> git config core.sparsecheckout # timeout=10
> git checkout -f 795f216e4c3f264720959c59a0bb850e9b46b956 # timeout=10
Commit message: "four"
> git rev-list --no-walk 795f216e4c3f264720959c59a0bb850e9b46b956 # timeout=10
Parsing POMs
Established TCP socket on 42758
[docker-maven-job] $ /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.242.b08-0.el7_7.x86_64/jre/bin/java -cp /var/lib/jenkins/plugins/maven-plugin/WEB-INF/lib/maven35-agent-1.13.jar:/opt/apache-maven-3.6.3/boot/plexus-classworlds-2.6.0.jar:/opt/apache-maven-3.6.3/conf/logging jenkins.maven3.agent.Maven35Main /opt/apache-maven-3.6.3 /var/cache/jenkins/war/WEB-INF/lib/remoting-3.36.1.jar /var/lib/jenkins/plugins/maven-plugin/WEB-INF/lib/maven35-interceptor-1.13.jar /var/lib/jenkins/plugins/maven-plugin/WEB-INF/lib/maven3-interceptor-commons-1.13.jar 42758
<===[JENKINS REMOTING CAPACITY]===>channel started
Executing Maven: -B -f /var/lib/jenkins/workspace/docker-maven-job/pom.xml clean package -Dmaven.test.skip=true
[INFO] Scanning for projects...
[INFO]
[INFO] -------------------< com.jenkins.demo:Java-war-dev >--------------------
[INFO] Building Java-war-dev Maven Webapp 1.0.15-SNAPSHOT
[INFO] --------------------------------[ war ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ Java-war-dev ---
[INFO] Deleting /var/lib/jenkins/workspace/docker-maven-job/target
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ Java-war-dev ---
[WARNING] Using platform encoding (UTF-8 actually) to copy filtered resources, i.e. build is platform dependent!
[INFO] skip non existing resourceDirectory /var/lib/jenkins/workspace/docker-maven-job/src/main/resources
[INFO]
[INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ Java-war-dev ---
[INFO] No sources to compile
[INFO]
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ Java-war-dev ---
[INFO] Not copying test resources
[INFO]
[INFO] --- maven-compiler-plugin:3.1:testCompile (default-testCompile) @ Java-war-dev ---
[INFO] Not compiling test sources
[INFO]
[INFO] --- maven-surefire-plugin:2.12.4:test (default-test) @ Java-war-dev ---
[INFO] Tests are skipped.
[INFO]
[INFO] --- maven-war-plugin:2.2:war (default-war) @ Java-war-dev ---
[INFO] Packaging webapp
[INFO] Assembling webapp [Java-war-dev] in [/var/lib/jenkins/workspace/docker-maven-job/target/Java-war-dev]
[INFO] Processing war project
[INFO] Copying webapp resources [/var/lib/jenkins/workspace/docker-maven-job/src/main/webapp]
[INFO] Webapp assembled in [33 msecs]
[INFO] Building war: /var/lib/jenkins/workspace/docker-maven-job/target/Java-war-dev.war
[INFO] WEB-INF/web.xml already added, skipping
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 4.536 s
[INFO] Finished at: 2020-02-13T15:52:32+08:00
[INFO] ------------------------------------------------------------------------
Waiting for Jenkins to finish collecting data
[JENKINS] Archiving /var/lib/jenkins/workspace/docker-maven-job/pom.xml to com.jenkins.demo/Java-war-dev/1.0.15-SNAPSHOT/Java-war-dev-1.0.15-SNAPSHOT.pom
[JENKINS] Archiving /var/lib/jenkins/workspace/docker-maven-job/target/Java-war-dev.war to com.jenkins.demo/Java-war-dev/1.0.15-SNAPSHOT/Java-war-dev-1.0.15-SNAPSHOT.war
[docker-maven-job] $ /bin/sh -xe /tmp/jenkins1278371825821922360.sh
channel stopped
+ REPOSITORY=192.168.125.222:5000/solo:4.0
+ cat
+ docker build -t 192.168.125.222:5000/solo:4.0 -f Dockerfile .
Sending build context to Docker daemon 142.3kB
Step 1/4 : FROM 192.168.125.222:5000/tomcat:latest
---> 9906b0cda9b6
Step 2/4 : RUN rm -rf /usr/local/tomcat/apache-tomcat-9.0.19/webapps/ROOT
---> Using cache
---> 759949116c4e
Step 3/4 : COPY target/*.war /usr/local/tomcat/apache-tomcat-9.0.19/webapps/ROOT.war
---> cf9194d6d3a3
Step 4/4 : CMD /usr/local/tomcat/apache-tomcat-9.0.19/bin/startup.sh && tail -f /usr/local/tomcat/apache-tomcat-9.0.19/logs/catalina.out
---> Running in 92cacc7e052f
Removing intermediate container 92cacc7e052f
---> edeb721fcf21
Successfully built edeb721fcf21
Successfully tagged 192.168.125.222:5000/solo:4.0
+ docker push 192.168.125.222:5000/solo:4.0
The push refers to repository [192.168.125.222:5000/solo]
28a096baffd0: Preparing
b03a3592622a: Preparing
04f4673a62fb: Preparing
9b939eed2759: Preparing
77b174a6a187: Preparing
9b939eed2759: Layer already exists
04f4673a62fb: Layer already exists
b03a3592622a: Layer already exists
77b174a6a187: Layer already exists
28a096baffd0: Pushed
4.0: digest: sha256:afc06a5e61b0c44b5169654d5cdc66bb2b35de3e8b29ee10610d2cd62069020c size: 1369
[SSH] script:
Tag="4.0"
REPOSITORY=192.168.125.222:5000/solo:${Tag}
# 部署
docker rm -f blog-solo |true
docker image rm $REPOSITORY |true
docker container run -d --name blog-solo -v /usr/local/jdk1.8:/usr/local/jdk/jdk1.8.0_211 -p 88:8080 $REPOSITORY
[SSH] executing...
Unable to find image ‘192.168.125.222:5000/solo:4.0‘ locally
4.0: Pulling from solo
ab5ef0e58194: Already exists
3b337890937f: Already exists
3f7f10ca4129: Already exists
6ccbe376db89: Pulling fs layer
70f6c40dd4de: Pulling fs layer
70f6c40dd4de: Verifying Checksum
70f6c40dd4de: Download complete
6ccbe376db89: Verifying Checksum
6ccbe376db89: Download complete
6ccbe376db89: Pull complete
70f6c40dd4de: Pull complete
Digest: sha256:afc06a5e61b0c44b5169654d5cdc66bb2b35de3e8b29ee10610d2cd62069020c
Status: Downloaded newer image for 192.168.125.222:5000/solo:4.0
c2292a2cffd17643c90ef8f581d806f69f5a38b64d349ec0cec5a56e9f0fd707
[SSH] completed
[SSH] exit-status: 0
Finished: SUCCESS访问192.168.125.227:88即可看到页面