1. 安装docker、docker-compose
# 安装Docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache fast
yum -y install docker-ce
systemctl enable docker --now
安装Docker Compose
下载地址:GitHub - docker/compose: Define and run multi-container applications with Docker
# 安装Docker Compose
wget https://github.com/docker/compose/releases/download/v2.26.0/docker-compose-linux-x86_64
mv docker-compose-linux-x86_64
chmod +x /usr/local/bin/docker-compose
2. GitLab部署
2.1. gitlab部署
GitLab的部署方式有很多,这里使用docker来部署GitLab,docker-compose.yml文件位置如下:
version: '3.6'
services:
gitlab:
image: gitlab/gitlab-ce:latest
container_name: gitlab
restart: always
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://10.10.10.11:80'
gitlab_rails['gitlab_shell_ssh_prot'] = 22
ports:
- '80:80'
- '443:443'
- '2224:22'
volumes:
- './config:/etc/gitlab'
- './logs:/var/log/gitlab'
- './data:/var/opt/gitlab'启动gitlab
docker-compose -f /home/gitlab/docker-compose.yml up -d
# 查看日志输出完毕即可通过浏览器访问
docker logs -f gitlab
# 查看密码
docker exec -it gitlab bash
cat /etc/gitlab/initial_root_password
2.2. 修改密码
修改密码:点击头像选择Preferences->Password->Save changes
2.3. 修改语言
修改语言:点击头像选择Preferences->Localization->Language选项中选择Chinese->Save changes
2.4. 关闭注册功能
关闭注册功能:点击Menu->Admin->Settings->找到Sign-up restrictions点击Expand->取消勾选Sign-up enabled->Save changes
3. Harbor部署
3.1. harbor部署
官网:Harbor
下载地址:GitHub - goharbor/harbor: An open source trusted cloud native registry project that stores, signs, and scans content.
# 下载Harbor安装程序
wget https://github.com/goharbor/harbor/releases/download/v2.10.2/harbor-offline-installer-v2.10.2.tgz
tar -zxvf harbor-offline-installer-v2.10.2.tgz
mv harbor /usr/local
# 修改配置文件
cd /usr/local/harbor/
cp harbor.yml.tmpl harbor.yml
vim harbor.yml
# 开始安装
./prepare
./install.sh
# Harbor安装完成之后通过docker-compose来管理
docker-compose ps
4. Jenkins部署
4.1. jenkins部署
Jenkins的dokcer-compose文件如下:
version: "3.6"
services:
jenkins:
image: jenkins/jenkins:2.414.3-lts
container_name: jenkins
restart: always
privileged: true
user: root
environment:
TZ: 'Asia/Shanghai'
ports:
- 8080:8080
- 50000:50000
volumes:
- ./data:/var/jenkins_home
- /var/run/docker.sock:/var/run/docker.sock
- /usr/bin/docker:/usr/bin/docker
- /etc/docker/daemon.json:/etc/docker/daemon.json启动jenkins
docker-compose -f /home/jenkins/docker-compose.yml up -d
# 查看密码
docker logs -f jenkins
4.2. 修改国内插件下载地址:
# 修改插件下载地址
cd /home/jenkins/data/updates
sed -i 's/https:\/\/updates.jenkins.io\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json #适用于新版本。
sudo sed -i 's/https:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
docker-compose -f /home/jenkins/docker-compose.yml restart4.3. 插件安装
插件安装:点击Manage Jenkins->Plugins->Available plugins
# 安装如下插件:
Git Parameter
Publish Over SSH
SonarQube Scanner
Pipeline
Pipeline Stage View
Chinese4.4. 配置全局环境JDK和Maven
JDK下载地址:Java Archive Downloads - Java SE 8u211 and later
Maven下载地址:Maven – Welcome to Apache Maven
将下载的安装包上传到服务器。
tar -zxvf jdk-8u381-linux-x64.tar.gz -C
tar -zxvf apache-maven-3.9.6-bin.tar.gz
mv jdk1.8.0_381/ /home/jenkins/data/jdk
mv apache-maven-3.9.6 /home/jenkins/data/maven
# 配置maven私服地址
cd /usr/local/maven
vim conf/settings.xml
# 在mirrors节点下面添加子节点
--------------------------------------
<mirror>
<id>nexus-aliyun</id>
<mirrorOf>*</mirrorOf>
<name>Nexus aliyun</name>
<url>http://maven.aliyun.com/nexus/content/groups/public</url>
</mirror>
# 配置jdk8编译插件
<profile>
<id>jdk8</id>
<activation>
<activeByDefault>true</activeByDefault>
<jdk>1.8</jdk>
</activation>
<properties>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<maven.compiler.compilerVersion>1.8</maven.compiler.compilerVersion>
</properties>
</profile> <activeProfiles>
<activeProfile>jdk8</activeProfile>
<activeProfile>anotherAlwaysActiveProfile</activeProfile>
</activeProfiles>
配置完成之后进入jenkinsWEB界面点击Manage Jenkins->Tools->JDK installations和Maven installations,分别加入JDK路径和Maven路径
4.5. Jenkins容器内部使用docker
将宿主机/var/run/docker.sock文件映射给jenkins容器并赋予权限,重启jinkins容器
chown root:root /var/run/docker.sock
chmod o+rw /var/run/docker.sock
docker-compose -f /home/jenkins/docker-compose.yml up -d
5. SonarQube部署
官网:Download | SonarQube | Sonar
version: "3.6"
services:
sonarqube:
image: sonarqube:lts-community
depends_on:
- db
ports:
- "9000:9000"
environment:
SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
SONAR_JDBC_USERNAME: sonar
SONAR_JDBC_PASSWORD: sonar
volumes:
- sonarqube_data:/opt/sonarqube/data
- sonarqube_extensions:/opt/sonarqube/extensions
- sonarqube_logs:/opt/sonarqube/logs
networks:
- sonarqube_net
db:
image: postgres:12
ports:
- "5432:5432"
environment:
POSTGRES_USER: sonar
POSTGRES_PASSWORD: sonar
volumes:
- postgresql:/var/lib/postgresql
- postgresql_data:/var/lib/postgresql/data
networks:
- sonarqube_net
networks:
sonarqube_net:
driver: bridge
volumes:
sonarqube_data:
sonarqube_extensions:
sonarqube_logs:
postgresql:
postgresql_data:5.1. 插件安装:
Administration->Marketplace搜索框输入Chinese->点击install
5.2. sonar-scaner安装
下载地址:https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.1.2450-linux.zip
unzip sonar-scanner-cli-4.6.1.2450-linux.zip
mv sonar-scanner-4.6.1.2450-linux/ /home/jenkins/data/sonar-scanner
vim /home/jenkins/data/sonar-scanner/conf/sonar-scanner.properties
报错:
ERROR: [1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch.
bootstrap check failure [1] of [1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
# 修改虚拟内存大小
vim /etc/sysctl.conf
# 在文件末尾添加
vm.max_map_count=262144
# 保存并退出后,执行
sysctl -p默认的账号和密码都是admin
5.3. SonarQube与Jenkins整合
点击Manage Jenkins->System->SonarQube servers->Add SonarQube server加入SonarQube信息
点击Manage Jenkins->Tools->SonarQube Scanner installations->Add SonarQube Scanner
6. 创建自由风格的任务
流程:拉取代码-->maven打包-->SonarQube代码检测-->制作镜像推送到Harbor-->部署
点击New Item->选择Freestyle project
6.1. 拉取代码
添加tag标签:勾选This project is parameterized->点击Add Parameter->勾选->Git Parameter
配置Git:在Source Code Management位置->点击Git->输入Git的URL和账号密码
根据tag拉取代码:在Build Steps下->点击Add build step->勾选Execute shell并拉到顶部位置->输入git checkout $tag
测试:
在jenkins目录下可以看到拉取的代码:
6.2. Maven打包
配置构建参数:在Build Steps下->点击Add build step->勾选Invoke top-level Maven targets->输入打包命令clean package -DskipTests
再次测试:
可以看到已经打包成功
6.3. SonarQube代码检测
打包后使用SonarQube扫码代码:找到Build Steps点击Add Build Steps->Execute SonarQube Scanner
sonar.projectname=${JOB_NAME}
sonar.projectKey=${JOB_NAME}
sonar.source=./
sonar.java.binaries=./target/再次Build,能够看到输出日志结果是SUCCESS,登录SonarQube能看到检测结果
6.4. 制作镜像推送到Harbor
制作镜像并推送到Harbor:找到Build Steps点击Add Build Steps->勾选Execute shell输入shell命令
cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/
docker login -uadmin -p 123456Aa 192.168.32.146:1080
docker tag ${JOB_NAME}:$tag 192.168.32.146:1080/library/${JOB_NAME}:$tag
docker push 192.168.32.146:1080/library/${JOB_NAME}:$tag若docker login -uadmin -p 123456Aa 192.168.32.146:1080报如下错误
# WARNING! Using --password via the CLI is insecure. Use --password-stdin.
# Error response from daemon: Get "https://192.168.32.146:1080/v2/": http: server gave HTTP response to HTTPS client
在/etc/docker/daemon.json文件中加入一行
"insecure-registries": ["192.168.32.146:1080"], # Harbor地址再次Build,等待日志输出SUCCESS后查看部署机器和Harbor仓库:
6.5. 部署
在部署的机器上编写发布脚本:
Harbor_add=$1
Harbor_repo=$2
project=$3
version=$4
ImageName=$Harbor_add/$Harbor_repo/$project:$version
ContainerId=`docker ps -a | grep ${project} | awk '{print $1}'`
if [ "$ContainerId" != "" ]; then
docker stop $ContainerId && docker rm $ContainerId
fi
tag=`docker images | grep ${project} | awk '{print $2}'`
if [[ "$tag" =~ "$version" ]]; then
docker rmi -f $ImageName
fi
docker login -uadmin -p Harbor12345 $Harbor_add
docker pull $ImageName
docker run -d -p 8084:8080 --name $project $ImageName在Jenkins上添加部署机:
部署:在Post-build Actions下->点击Add post-build action->选择Send build artifacts over SSH
deploy.sh 192.168.32.146:1080 library ${JOB_NAME} $tag
docker image prune -f最后测试:
7. Pipeline任务
准备Jenkinsfile文件,在代码中新增一个Jenkinsfile文件,根据之前的步骤逐步生成流水线脚本。
7.1. 生成拉取代码脚本
点击任务pipeline_test-->Configure-->Pipeline Syntax-->在Sample Step中选择checkou:Check out from version control填入Git信息后点击Generate Pipeline Script
7.2. 生成Maven构建项目脚本
在Sample Step中选择sh:Shell Script填入Maven命令后点击Generate Pipeline Script
/var/jenkins_home/maven/bin/mvn clean package -DskipTests
7.3. 生成SonarQube检测代码质量脚本
同上:
/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME} -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/ -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f
7.4. 生成制作镜像脚本
cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/
7.5. 推送镜像到Harbor
docker login -uadmin -p 123456Aa 192.168.32.146:1080
docker tag ${JOB_NAME}:$tag 192.168.32.146:1080/library/${JOB_NAME}:$tag
docker push 192.168.32.146:1080/library/${JOB_NAME}:$tag
7.6. 生成部署脚本
在Sample Step中选择sshPublisher:Send build artifacts over SSH填入部署命令后点击Generate Pipeline Script
deploy.sh $HarborAddress $Repo $JOB_NAME $tag 
7.7. Jenkinsfile文件
pipeline {
agent any
environment{
Harbor_user = 'admin'
Harbor_passwd = '123456Aa'
HarborAddress = '192.168.32.146:1080'
Repo = 'library'
}
stages {
stage('拉取git仓库代码') {
steps {
checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])
}
}
stage('Maven构建项目') {
steps {
sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'
}
}
stage('SonarQube检测代码质量') {
steps {
sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME} -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/ -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'
}
}
stage('制作镜像') {
steps {
sh '''cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/'''
}
}
stage('推送镜像到Harbor') {
steps {
sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}
docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tag
docker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''
}
}
stage('部署') {
steps {
sshPublisher(publishers: [sshPublisherDesc(configName: 'test_host', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: "deploy.sh $HarborAddress $Repo $JOB_NAME $tag ", execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: '')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
}
}
}
}
部署脚本由于引用了Jenkinsfile变量和全局变量,需把变量处单引号改为双引号。
7.8. 准备执行任务
在Pipeline下选择Pipeline script from SCM填入Git信息保存并启动任务
7.9. 部署成功后通知到企业微信机器人
安装Qy Wechat Notification插件,这个插件可以通过企业微信群机器人发送构建信息,然后来到Manage Jenkins-->System下找到企业微信通知配置,填入信息
并在Jenkinsfile中加入如下内容
post{
success{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署成功!'
}
failure{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署失败!'
}
}
# mentionedId: '需要通知UserID', mentionedMobile: '需要通知的通知手机号码', 可以为空效果
最终完整Jenkinsfile
pipeline {
agent any
environment{
Harbor_user = 'admin'
Harbor_passwd = '123456Aa'
HarborAddress = '192.168.32.146:1080'
Repo = 'library'
}
stages {
stage('拉取git仓库代码') {
steps {
checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])
}
}
stage('Maven构建项目') {
steps {
sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'
}
}
stage('SonarQube检测代码质量') {
steps {
sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME} -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/ -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'
}
}
stage('制作镜像') {
steps {
sh '''cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/'''
}
}
stage('推送镜像到Harbor') {
steps {
sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}
docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tag
docker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''
}
}
stage('部署') {
steps {
sshPublisher(publishers: [sshPublisherDesc(configName: 'test_host', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: "deploy.sh $HarborAddress $Repo $JOB_NAME $tag ", execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: '')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
}
}
}
post{
success{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署成功!'
}
failure{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人KEY', moreInfo:'部署失败!'
}
}
}8. 部署到K8S
在Jenkins下添加K8S机器,Post-build Actions下->点击Add post-build action->选择Send build artifacts over SSH,工作目录为/usr/local/pipeline
在Gitlab仓库中新增pipeline_test.yaml文件
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: test
labels:
app: pipelinetest
name: pipelinetest
spec:
replicas: 2
selector:
matchLabels:
app: pipelinetest
template:
metadata:
labels:
app: pipelinetest
spec:
containers:
- name: pipelinetest
image: 192.168.32.146:1080/library/pipeline_test:v2.0.0
imagePullPolicy: Always
ports:
- containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
namespace: test
labels:
app: pipelinetest
name: pipelinetest
spec:
selector:
app: pipelinetest
ports:
- port: 8084
protocol: TCP
targetPort: 8080
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: test
name: pipelinetest
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: pipeline.test.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: pipelinetest
port:
number: 8084修改Jenkinsfile脚本,将pipeline_test.yaml传到K8Smaster节点,会传到/usr/local/pipeline下
pipeline {
agent any
environment{
Harbor_user = 'admin'
Harbor_passwd = '123456Aa'
HarborAddress = '192.168.32.146:1080'
Repo = 'library'
}
stages {
stage('拉取git仓库代码') {
steps {
checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])
}
}
stage('Maven构建项目') {
steps {
sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'
}
}
stage('SonarQube检测代码质量') {
steps {
sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME} -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/ -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'
}
}
stage('制作镜像') {
steps {
sh '''cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/'''
}
}
stage('推送镜像到Harbor') {
steps {
sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}
docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tag
docker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''
}
}
stage('将yaml文件传到K8Smaster') {
steps {
sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline_test.yaml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
}
}
}
post{
success{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署成功!'
}
failure{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署失败!'
}
}
}在Gitlab新打一个标签,重新构建检查pipeline_test.yaml文件是否成功
Jenkins免密登录K8Smaster
# 进入Jenkins容器内
docker exec -it jenkins bash
# SSH免密登录
ssh-keygen
ssh-copy-id root@192.168.33.209新增部署命令ssh root@192.168.33.209 kubectl apply -f /usr/local/pipeline/pipeline_test.yaml,加入到Jenkinsfile脚本中
完整Jenkinsfile
pipeline {
agent any
environment{
Harbor_user = 'admin'
Harbor_passwd = '123456Aa'
HarborAddress = '192.168.32.146:1080'
Repo = 'library'
}
stages {
stage('拉取git仓库代码') {
steps {
checkout scmGit(branches: [[name: '${tag}']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])
}
}
stage('Maven构建项目') {
steps {
sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'
}
}
stage('SonarQube检测代码质量') {
steps {
sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME} -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/ -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'
}
}
stage('制作镜像') {
steps {
sh '''cp target/*.jar docker/
docker build -t ${JOB_NAME}:$tag docker/'''
}
}
stage('推送镜像到Harbor') {
steps {
sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}
docker tag ${JOB_NAME}:$tag ${HarborAddress}/${Repo}/${JOB_NAME}:$tag
docker push ${HarborAddress}/${Repo}/${JOB_NAME}:$tag'''
}
}
stage('将yaml文件传到K8Smaster') {
steps {
sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline_test.yaml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
}
}
stage('部署') {
steps {
sh 'ssh root@192.168.33.209 kubectl apply -f /usr/local/pipeline/pipeline_test.yaml'
}
}
}
post{
success{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署成功!'
}
failure{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署失败!'
}
}
}
完成!
9. 自动化CI
GitLab发现源代码有变化时,就会触发Jenkins执行构建,需要安装GitLab插件,点击Jenkins --> My Views --> [项目名称] --> Configure
在Jenkins全局配置中去掉gitlab认证
回到gitlab在项目中点击Settings --> Webhooks在URL处粘贴上Build when a change is pushed to GitLab. GitLab webhook URL
# 若gitlab和jenkins在同一主机上会报错:Url is blocked: Requests to the local network are not allowed
# 进入gitlab点击Menu --> Admin --> Settings --> Network -->Outbound requests勾选上Allow requests to the local network from web hooks and services
最后去掉根据tag标签拉取代码,并且更改Jenkinsfile文件中的代码拉取tag为*/master,docker镜像版本修改为latest,pipeline_test.yaml文件中的镜像版本改为latest
由于这个流程如果yaml文件没有变动就不会部署成功,需要在部署命令后增加ssh root@192.168.33.209 kubectl rollout restart deployment pipelinetest -n test
pipeline {
agent any
environment{
Harbor_user = 'admin'
Harbor_passwd = '123456Aa'
HarborAddress = '192.168.32.146:1080'
Repo = 'library'
}
stages {
stage('拉取git仓库代码') {
steps {
checkout scmGit(branches: [[name: '*/master']], extensions: [], userRemoteConfigs: [[credentialsId: 'cb59a2fa-6308-4d49-9a16-3b049aecd2c1', url: 'http://192.168.32.146:1180/root/freestyle_test.git']])
}
}
stage('Maven构建项目') {
steps {
sh '/var/jenkins_home/maven/bin/mvn clean package -DskipTests'
}
}
stage('SonarQube检测代码质量') {
steps {
sh '/var/jenkins_home/sonar-scanner/bin/sonar-scanner -Dsonar.projectname=${JOB_NAME} -Dsonar.projectKey=${JOB_NAME} -Dsonar.source=./ -Dsonar.java.binaries=./target/ -Dsonar.login=da3b131bd550db98f33e5d8359d2e03be1ea1a8f'
}
}
stage('制作镜像') {
steps {
sh '''cp target/*.jar docker/
docker build -t ${JOB_NAME}:latest docker/'''
}
}
stage('推送镜像到Harbor') {
steps {
sh '''docker login -u${Harbor_user} -p ${Harbor_passwd} ${HarborAddress}
docker tag ${JOB_NAME}:latest ${HarborAddress}/${Repo}/${JOB_NAME}:latest
docker push ${HarborAddress}/${Repo}/${JOB_NAME}:latest'''
}
}
stage('将yaml文件传到K8Smaster') {
steps {
sshPublisher(publishers: [sshPublisherDesc(configName: 'k8s', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: 'pipeline_test.yaml')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
}
}
stage('部署') {
steps {
sh 'ssh root@192.168.33.209 kubectl apply -f /usr/local/pipeline/pipeline_test.yaml'
sh 'ssh root@192.168.33.209 kubectl rollout restart deployment pipelinetest -n test'
}
}
}
post{
success{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署成功!'
}
failure{
qyWechatNotification failNotify: true, mentionedId: '', mentionedMobile: '', webhookUrl: 'https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=自己的机器人key', moreInfo:'部署失败!'
}
}
}
