在如今的互联网时代,随着软件开发复杂度的不断提高,软件开发和发布管理也越来越重要。目前已经形成一套标准的流程,最重要的组成部分就是持续集成(Continuous
Integration,CI)及持续部署、交付(CD)。在此,我们来以一个案例初步了解 CI 流程。那么什么是 CI 呢?简单来讲,CI
就是将传统的代码合并、构建、部署、测试都集成在一起,不断地执行这个过程,并对结果进行反馈。

CI 流程设计图:





工作流程:

1. 开发人员提交代码到Git版本仓库;
2. Jenkins人工/定时触发项目构建;
3. Jenkins拉取代码、代码编码、打包镜像、推送到镜像仓库;
4. Jenkins在Docker主机创建容器并发布

主机环境规划:

docker-jenkins:    10.0.0.98

docker-git-harbor:10.0.0.99

1. 部署Git代码版本仓库

 安装:
[[email protected] ~]# yum install git -y
配置git用户:
[[email protected] ~]# useradd git [[email protected] ~]# passwd git
创建库:
[[email protected] ~]$ mkdir tomcat-java-demo.git [[email protected]
~]$ cd tomcat-java-demo.git/ [[email protected] tomcat-java-demo.git]$ git
--bare init Initialized empty Git repository in /home/git/tomcat-java-demo.git/
[[email protected] tomcat-java-demo.git]$ ls branches config description
HEAD hooks info objects refs [[email protected] tomcat-java-demo.git]$
另一台docker-jenkins访问该仓库:
[[email protected] ~]# git clone
[email protected]:/home/git/tomcat-java-demo.git Cloning into 'solo'... The
authenticity of host '10.0.0.99 (10.0.0.99)' can't be established. ECDSA key
fingerprint is SHA256:XNWQhGsAsqd84k/6OYV3xl1+mPGjtASsxeV1YVLZVas. ECDSA key
fingerprint is MD5:b4:bd:16:2b:de:e7:7c:fd:c5:dd:91:75:20:ff:3e:0a. Are you
sure you want to continue connecting (yes/no)? yes Warning: Permanently added
'10.0.0.99' (ECDSA) to the list of known hosts. [email protected]'s password:
warning: You appear to have cloned an empty repository. [[email protected]
~]# ls anaconda-ks.cfg tomcat-java-demo.git [[email protected] ~]# ls
tomcat-java-demo.git [[email protected] ~]#
 模拟生产项目,拉取github上的一个demo,并上传至本地git库
[[email protected] ~]# mv tomcat-java-demo tomcat-java-demo.bak
[[email protected] ~]# git clone
https://github.com/dingkai163/tomcat-java-demo.git [[email protected]
tomcat-java-demo]# cat .git/config [core] repositoryformatversion = 0 filemode
= true bare = false logallrefupdates = true [remote "origin"] url =
[email protected]:/home/git/tomcat-java-demo.git# 修改为本地的git库地址 fetch =
+refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge =
refs/heads/master [[email protected] tomcat-java-demo]# git add .
[[email protected] tomcat-java-demo]# git status # On branch master nothing
to commit, working directory clean [[email protected] tomcat-java-demo]# git
commit -m "all" # On branch master nothing to commit, working directory clean
[[email protected] tomcat-java-demo]# git push origin master [email protected]'s
password: Counting objects: 229, done. Compressing objects: 100% (185/185),
done. Writing objects: 100% (229/229), 4.52 MiB | 0 bytes/s, done. Total 229
(delta 25), reused 229 (delta 25) To
[email protected]:/home/git/tomcat-java-demo.git * [new branch] master -> master
[[email protected] tomcat-java-demo]#
2. jenkins环境部署 

部署jdk环境及maven
[[email protected] ~]# mkdir tools [[email protected] ~]# cd tools
[[email protected] tools]# rz -y [[email protected] tools]# tar zxvf
jdk-8u45-linux-x64.tar.gz [[email protected] tools]# mv jdk1.8.0_45
/usr/local/jdk [[email protected] tools]# vim /etc/profile
JAVA_HOME=/usr/local/jdk PATH=$PATH:$JAVA_HOME/bin
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar export JAVA_HOME
PATH CLASSPATH [[email protected] tools]# source /etc/profile
[[email protected] tools]# java -version java version "1.8.0_45" Java(TM) SE
Runtime Environment (build 1.8.0_45-b14) Java HotSpot(TM) 64-Bit Server VM
(build 25.45-b02, mixed mode) [[email protected] tools]# tar zxf
apache-maven-3.5.0-bin.tar.gz [[email protected] tools]# mv
apache-maven-3.5.0 /usr/local/maven
在10.0.0.98主机安装Jenkins,下载Tomcat二进制包将war包到webapps下即可:
[[email protected] tools]# wget
http://mirrors.jenkins.io/war-stable/latest/jenkins.war [[email protected]
tools]# wget
http://mirrors.shu.edu.cn/apache/tomcat/tomcat-8/v8.5.38/bin/apache-tomcat-8.5.38.tar.gz
[[email protected] tools]# tar zxf apache-tomcat-8.5.38.tar.gz
[[email protected] tools]# ls apache-tomcat-8.5.38
apache-tomcat-8.5.38.tar.gz jdk-8u45-linux-x64.tar.gz jenkins.war
[[email protected] tools]# mv apache-tomcat-8.5.38 /usr/local/tomcat-jenkins
[[email protected] tools]# ls /usr/local/tomcat-jenkins/webapps/ docs
examples host-manager manager ROOT [[email protected] tools]# rm -rf
/usr/local/tomcat-jenkins/webapps/* [[email protected] tools]# mv jenkins.war
/usr/local/tomcat-jenkins/webapps/ROOT.war [[email protected] tools]# ll
/usr/local/tomcat-jenkins/webapps/ total 75520 -rw-r--r--. 1 root root 77330344
Mar 15 00:55 ROOT.war [[email protected] tools]# cd
/usr/local/tomcat-jenkins/bin/ [[email protected] bin]# ./startup.sh Using
CATALINA_BASE: /usr/local/tomcat-jenkins Using CATALINA_HOME:
/usr/local/tomcat-jenkins Using CATALINA_TMPDIR: /usr/local/tomcat-jenkins/temp
Using JRE_HOME: /usr/local/jdk1.8 Using CLASSPATH:
/usr/local/tomcat-jenkins/bin/bootstrap.jar:/usr/local/tomcat-jenkins/bin/tomcat-juli.jar
Tomcat started. [[email protected] bin]#
启动后,浏览器访问http://10.0.0.98:8080/,按提示输入密码,登录即可。



3. 部署私有镜像仓库

企业级harbor镜像仓库部署:

https://www.cnblogs.com/kaye/p/10524391.html

构建Tomcat基础镜像,并推送到harbor镜像库:
[[email protected] ~]# cd tomcat [[email protected] tomcat]# cat
Dockerfile-tomcat FROM centos:7 MAINTAINER www.cnblogs.com/kaye/ ENV
VERSION=8.5.38 RUN yum install java-1.8.0-openjdk wget curl unzip iproute
net-tools -y && \ yum clean all && \ rm -rf /var/cache/yum/* RUN wget
http://mirrors.shu.edu.cn/apache/tomcat/tomcat-8/v${VERSION}/bin/apachetomcat-${VERSION}.tar.gz
&& \ tar zxf apache-tomcat-${VERSION}.tar.gz && \ mv apache-tomcat-${VERSION}
/usr/local/tomcat && \ rm -rf apache-tomcat-${VERSION}.tar.gz
/usr/local/tomcat/webapps/* && \ mkdir /usr/local/tomcat/webapps/test && \ echo
"ok" > /usr/local/tomcat/webapps/test/status.html && \ sed -i '1a
JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom"'
/usr/local/tomcat/bin/catalina.sh && \ ln -sf /usr/share/zoneinfo/Asia/Shanghai
/etc/localtime ENV PATH $PATH:/usr/local/tomcat/bin EXPOSE 8080 CMD
["catalina.sh", "run"] [[email protected] tomcat]# docker build -t
tomcat:v1 -f Dockerfile-tomcat . [[email protected] tomcat]# docker tag
tomcat:v1 reg.dingkai.com/library/tomcat:v1 [[email protected] tomcat]#
docker login reg.dingkai.com [[email protected] tomcat]# docker push
reg.dingkai.com/library/tomcat:v1
4. Jenkins安装必要插件

由于jenkins是离线安装,所有在此需要配置一下插件下载地址:系统管理-->插件管理-->Advanced





修改下方地址,将https修改为http 再点Submit



Submit后点击Available,Check now此时我们可以看到很多可获得插件



首先搜索并安装Pipeline插件
pipeline 是一套运行于jenkins上的工作流框架,将原本独立运行于单个或者多个节点的任务连接起来,实现单个任务难以完成的复杂流程编排与
可视化。



 

再安装SCM to job 插件,同上步骤(搜索,安装)。



 5. 项目创建

创建jobs

 

选择流水线类型



 

到这里我们就开始配置Pipeline script,点击Pipeline语法,来自动生成我们需要的配置。



如下图,我们Git方式,配置Git仓库地址,再添加认证相关。




这里我们使用的是秘钥认证方式,需要将jenkins上生成的公钥发送到git服务器上,然后将jenkins上的生成的私钥内容粘贴到下图Key中,这样jenkins就可以免交互的拉取git仓库中的代码了。
[[email protected] bin]# ssh-keygen Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase
(empty for no passphrase): Enter same passphrase again: Your identification has
been saved in /root/.ssh/id_rsa. Your public key has been saved in
/root/.ssh/id_rsa.pub. The key fingerprint is:
SHA256:1vD8XM3lDYFmrxgAbwPTLwb0fl+oEx8cFgtykpg4ODI [email protected] The
key's randomart image is: +---[RSA 2048]----+ | . o==o.o ... | |E o o +=++ .+o
. | | o . . .*o o+.. .| | oo*oo o.=o| | .S.*o+.o =| | . ..B.+ | | o = | | . | |
| +----[SHA256]-----+ [[email protected] bin]# cd [[email protected] ~]#
[[email protected] ~]# [[email protected] ~]# ls .ssh/ id_rsa id_rsa.pub
known_hosts [[email protected] ~]# ssh-copy-id [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed:
"/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with
the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are
prompted now it is to install the new keys [email protected]'s password: Number of
key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
[[email protected] ~]#


 

 

配置完成后,我们就可以生成Pipeline脚本了。点击下方Generate Pipeline Script,然后复制方框内的内容。



编写我们所需要的Pipeline脚本如下,将其粘贴到script的拉取代码模块中,并修改分支master为${branch},其他模块内容自行编写。
node { // 拉取代码 stage('Git Checkout') { checkout([$class: 'GitSCM', branches:
[[name: '${branch}']], doGenerateSubmoduleConfigurations: false, extensions:
[], submoduleCfg: [], userRemoteConfigs: [[credentialsId:
'c42214eb-db1e-49fb-83c9-f78d1f4310a2', url:
'[email protected]:/home/git/tomcat-java-demo.git']]]) } // 代码编译 stage('Maven Build'
) { sh''' export JAVA_HOME=/usr/local/jdk /usr/local/maven/bin/mvn clean
package -Dmaven.test.skip=true''' } // 项目打包到镜像并推送到镜像仓库 stage('Build and Push
Image') { sh ''' REPOSITORY=reg.dingkai.com/library/tomcat-java-demo:${branch}
cat > Dockerfile << EOFFROM reg.dingkai.com/library/tomcat:v1 MAINTAINER kai RUN
rm -rf /usr/local/tomcat/webapps/* ADD target/*.war
/usr/local/tomcat/webapps/ROOT.war EOF docker build -t $REPOSITORY . docker
login reg.dingkai.com -u admin -p 123456 docker push $REPOSITORY ''' } //
部署到Docker主机 stage('Deploy to Docker') { sh '''
REPOSITORY=reg.dingkai.com/library/tomcat-java-demo:${branch} docker rm -f
tomcat-java-demo |true docker pull $REPOSITORY docker container run -d --name
tomcat-java-demo -p 88:8080 $REPOSITORY ''' } }


在Pipeline脚本里面我们指定了一个branch参数,所以我们需要传递一个参数变量,这里我们选择参数化构建,默认值为master分支。



然后保存配置。

6. 开始构建任务

回到主界面,我们开始构建任务



可以通过Console Output输出查看jenkins构建流程



成功构建会提示: SUCCESS



我们也可以查看构建成功后的图形构建过程



通过浏览器来访问tomcat-java-demo项目:http://10.0.0.98:88/



可以看到可以正常访问,至此基于 Jenkins+Docker+Git 的CI流程已经成功部署了。