DevOps流程
1. yum
1.1 yum 源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
或者
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all && yum makecache
1.2 epel 源
yum install -y epel-release
wget -O /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all && yum makecache
2. Docker安装
2.1 yum安装Docker
yum install -y yum-utils device-mapper-persistent-data lvm2
国外:yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
国内:yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
国内: yum-config-manager --add-repo \
https://mirrors.ustc.edu.cn/docker-ce/linux/centos/docker-ce.repo
yum list docker-ce --showduplicates | sort -r
yum install -y docker-ce
yum install -y docker-ce-18.03.1.ce
yum install -y docker-ce-20.10.9.ce
yum install -y docker-ce-20.10.14-3.el7.x86_64.rpm
systemctl enable docker && systemctl start docker
docker version
2.2 脚本安装Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
2.3离线安装
1、下载压缩包
docker-20.10.9版本下载
docker下载网站
2、解压授权
tar xvf docker-20.10.9.tgz
chmod 775 docker/*
cp docker/* /usr/bin
2.4创建docker.service服务
vi /etc/systemd/system/docker.service,输入一下内容
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# ExecStart的启动可选参数,可通过dockerd --help查看
# ExecStart=/usr/bin/dockerd -H unix://var/run/docker.sock --data-root=/home/root/data/docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
chmod u+x /etc/systemd/system/docker.service
systemctl daemon-reload
systemctl start docker
2.5 设置国内的镜像源
创建或修改/etc/docker/daemon.json文件,修改为如下形式
vim /etc/docker/daemon.json
{
"registry-mirrors": ["http://hub-mirror.c.163.com"]
}
systemctl daemon-reload
systemctl restart docker
其他镜像源
科大镜像:https://docker.mirrors.ustc.edu.cn/
网易:https://hub-mirror.c.163.com/
阿里云:https://<你的ID>.mirror.aliyuncs.com
七牛云加速器:https://reg-mirror.qiniu.com
2.6 镜像加速
https://cr.console.aliyun.com/?spm=5176.2020520001.aliyun_topbar.199.69864bd3PZQMfj#/imageList
每个人都有自己的专属加速器,将下面代码运行下就可以了
点击镜像加速器,选择匹配的系统
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-‘EOF’
{
“registry-mirrors”: [“https://xxxxx.mirror.aliyuncs.com”]
}
EOF
systemctl daemon-reload
systemctl restart docker
更新docker加速器
或者用这条命令
curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://95822026.m.daocloud.io
#事后重启docker
systemctl restart docker
3.Docker-compose安装
sudo curl -L https://get.daocloud.io/docker/compose/releases/download/1.25.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
docker-compose --version
curl -L https://get.daocloud.io/docker/compose/releases/download/1.29.2/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
4. Gitlab
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config
systemctl stop firewalld && systemctl disable firewalld
4.1 docker安装gitlab
docker pull gitlab/gitlab-ce
mkdir -p /home/gitlab/config 创建config目录
mkdir -p /home/gitlab/logs 创建logs目录
mkdir -p /home/gitlab/data 创建data目录
docker run -d --hostname 192.168.66.10 -p 443:443 -p 80:80 -p 222:22 --name gitlab --restart always -v /home/gitlab/config:/etc/gitlab -v /home/gitlab/logs:/var/log/gitlab -v /home/gitlab/data:/var/opt/gitlab gitlab/gitlab-ce
vim /home/gitlab/config/gitlab.rb
# 配置http协议所使用的访问地址,不加端口号默认为80
external_url 'http://192.168.66.10'
# 配置ssh协议所使用的访问地址和端口
gitlab_rails['gitlab_ssh_host'] = '192.168.66.10'
gitlab_rails['gitlab_shell_ssh_port'] = 222 # 此端口是run时22端口映射的222端口
:wq #保存配置文件并退出
docker restart gitlab
4.2 docker-compose安装gitlab
docker search gitlab
docker pull gitlab/gitlab-ce:latest
对于 Linux 用户,将路径设置为/srv/gitlab:
export GITLAB_HOME=/usr/local/gitlab
cd /usr/local/gitlab
vim docker-compose.yml
version: '3.1'
services:
gitlab:
image: 'gitlab/gitlab-ce:latest'
container_name: gitlab
restart: always
hostname: '192.168.66.10'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://192.168.66.10:8929'
gitlab_rails['gitlab_shell_ssh_port'] = 2224
ports:
- '8929:8929'
- '2224:22'
volumes:
- '$GITLAB_HOME/config:/etc/gitlab'
- '$GITLAB_HOME/logs:/var/log/gitlab'
- '$GITLAB_HOME/data:/var/opt/gitlab'
shm_size: '256m'
docker-compose up -d
4.3 修改密码
默认密码通过下查看
docker exec -it gitlab /bin/bash
cat /etc/gitlab/initial_root_password
修改密码如下:
docker exec -it gitlab /bin/bash
gitlab-rails console -e production
user = User.where(id:1).first
user.password='sgh123456'
user.password_confirmation = 'sgh123456'
user.save!
exit
5yclqxj2
5 JDK
tar -zxvf jdk-8u181-linux-x64.tar.gz -C /usr/local/
vim /etc/profile
export JAVA_HOME=/usr/local/jdk1.8.0_181
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/tools.jar:$JRE_HOME/lib/rt.jar
export PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin:$MYSQL_HOME/bin
source /etc/profile
6 Maven
tar -zxvf apache-maven-3.6.3-bin.tar.gz
export MAVEN_HOME=/usr/local/maven
export PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin:$MAVEN_HOME/bin
source /etc/profile
<mirror>
<id>nexus-aliyun</id>
<mirrorOf>*</mirrorOf>
<name>Nexus aliyun</name>
<url>http://maven.aliyun.com/nexus/content/groups/public</url>
</mirror>
<profile>
<id>jdk8</id>
<activation>
<activeByDefault>true</activeByDefault>
<jdk>1.8</jdk>
</activation>
<properties>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<maven.compiler.compilerVersion>1.8</maven.compiler.compilerVersion>
</properties>
</profile>
<activeProfiles>
<activeProfile>jdk8</activeProfile>
</activeProfiles>
7Jenkins
7.1 安装
https://www.jenkins.io/
docker pull jenkins/jenkins:2.319.1-lts
[root@node2 local]# mkdir docker
[root@node2 local]# cd docker/
[root@node2 docker]# mkdir docker_jenkins
[root@node2 docker]# cd docker_jenkins/
vim docker-compose.yml
version: "3.1"
services:
jenkins:
image: jenkins/jenkins:2.319.1-lts
container_name: jenkins
restart: always
ports:
- 8080:8080
- 50000:50000
volumes:
- ./data:/var/jenkins_home
docker-compose up -d
chown -R 1000:1000 ./data
初始化账户密码
在上面目录中寻找/secrets/initialAdminPassword文件,查看其中密码即可
.------------------------------------------------
version: '3'
services:
jenkins:
image: 'jenkinsci/blueocean'
container_name: jenkins
restart: always
ports:
- '8099:8080'
- '50000:50000'
volumes:
- '/var/jenkins_home:/var/jenkins_home'
jenkinsci/blueocean与jenkins/jenkins区别
jenkinsci/blueocean image(来自 the Docker Hub repository)。 该镜像包含当前的长期支持 (LTS) 的Jenkins版本 (可以投入使用) ,捆绑了所有Blue Ocean插件和功能。这意味着你不需要单独安装Blue Ocean插件。(推荐)
jenkins/jenkins 只包含基础的镜像,需要自己手动去安装插件,可理解为基础版本。
.-------------------------------------------
7.2 Jenkins集成git
可以拉去代码
7.3 Jenkins集成jdk、maven
cd /usr/local/docker/docker_jenkins/data/
mv /usr/local/maven/ ./
mv /usr/local/jdk1.8.0_181/ ./
jdk配置
maven配置
7.4 ssh配置
8、CI
8.1 创建简单springboot项目
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.6.3</version>
<relativePath/>
</parent>
<groupId>org.xiaosi.jenkins</groupId>
<artifactId>jenkins</artifactId>
<version>1.0</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<maven.compiler.source>8</maven.compiler.source>
<maven.compiler.target>8</maven.compiler.target>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
@RestController
public class JenkinsController {
@GetMapping
public String index(){
return "index";
}
}
8.2 gitlab创建项目并推送代码
git init --initial-branch=main
git remote add origin http://192.168.66.10:8929/gitlab-instance-96e7daa0/jenkins.git
git add .
git commit -m “Initial commit”
git push -u origin main
代码就推到gitlab处
8.3jenkins构建工程
到此构建只能拉取代码
此时构建可以打jar包
此时可以把拉去代码,打包,推送到12服务器/usr/local/app目录下
8.4 集成docker
修改jenkins配置 记得cd绝对路径
创建docker目录并创建Dockerfile和docker-compose.yml
Dockerfile
FROM openjdk:8-jdk-alpine
VOLUME /tmp
ADD *.jar /app.jar
ENTRYPOINT [“java”,“-Djava.security.egd=file:/dev/./urandom”,“-jar”,“-Duser.timezone=GMT+8”,“/app.jar”]
docker-compose.yml
version: ‘3.1’
services:
jenkins:
build:
context: ./
dockerfile: Dockerfile
image: jenkins:v1.0
container_name: jenkins
ports:
- 8080:8080
执行构建
1)ERROR: Failed to Setup IP tables: Unable to enable SKIP DNAT rule
原因是关闭防火墙之后docker需要重启,执行以下命令重启docker即可:
service docker restart
2)docker images,出现如下:
86206e43cf29 56 seconds ago 122MB
96d13df72653 About a minute ago 122MB
解决办法
docker image prune -f 即可
9 CD
9.1 jenkins设置
记得清空工作空间
10 SonarQube安装
sonarqube下载官网:http://www.sonarqube.org/downloads/
中文插件下载地址:https://github.com/xuhuisheng/sonar-l10n-zh/releases/tag/sonar-l10n-zh-plugin-1.27
汉化:将下载的jar包放到sonarqube-7.7\extensions\plugins目录上。
通过Docker安装
10.1 新版SonarQube将不在依赖MySQL, 依赖PostgreSQL
docker pull postgres
10.2 adminer
docker pull adminer
10.3 SonarQube
docker pull sonarqube:8.9.6-community
10.4 docker-compose安装
mkdir -p /usr/local/docker/docker-sonarqube
vim postgres_sonarqube.yml
version: '3.1'
services:
postgres:
image: postgres
restart: always
container_name: sonarqube_postgres
ports:
- 5432:5432
volumes:
- ./sonarqube/postgresql/:/var/lib/postgresql
- ./sonarqube/datasql/:/var/lib/postgresql/data:rw
environment:
TZ: Asia/Shanghai
POSTGRES_USER: sonar
POSTGRES_PASSWORD: sonar
POSTGRES_DB: sonar
networks:
- sonar-network
adminer:
image: adminer
restart: always
ports:
- 8088:8080
sonar:
image: sonarqube:8.9.6-community
restart: always
container_name: sonarqube
depends_on:
- postgres
volumes:
- ./sonarqube/extensions:/opt/sonarqube/extensions
- ./sonarqube/logs:/opt/sonarqube/logs
- ./sonarqube/data:/opt/sonarqube/data
- ./sonarqube/conf:/opt/sonarqube/conf
ports:
- 9000:9000
environment:
- SONAR_JDBC_USERNAME=sonar
- SONAR_JDBC_PASSWORD=sonar
- SONAR_JDBC_URL=jdbc:postgresql://postgres:5432/sonar
- SONARQUBE_JDBC_USERNAME=sonar
- SONARQUBE_JDBC_PASSWORD=sonar
- SONARQUBE_JDBC_URL=jdbc:postgresql://postgres:5432/sonar
networks:
- sonar-network
networks:
sonar-network:
driver: bridge
注意:docker-compose -f postgres_sonarqube.yml up -d
会报错
执行:
echo “vm.max_map_count=262144” >> /etc/sysctl.conf
sysctl -p
10.5 adminer
http://192.168.66.12:8088/
10.6 SonarQube
http://192.168.66.12:9000/
管理员账号密码都是:admin
安装中文语言包插件等
汉化后
不过提示失败,这里采用单独下载插件jar包的方式来安装各种插件
上传至该目录:~/sonarqube/extensions/downloads,然后重启:docker-compose restart
实现的结果是会在~/sonarqube/extensions目录下新创建一个plugins目录,然后把同级别的downloads目录下的插件jar包给移动到plugins目录下
10.7 一键启动Sonarqube
#此脚本---用来一键启动Sonarqube环境
#----------------------------------------------------------
#判断是否存在Sonarqube环境是否启动
docker ps | grep sonarqube postgres &> /dev/null
#如果没有启动,使用docker-compose启动相关的sonarqube容器
if [ $? -ne 0 ]
then
echo "sonarqube is not up,we will start up it!!!"
wget https://github.com/jamesz2011/sonarqube/raw/master/postgres_sonarqube.yml
#docker-compose -f postgres_sonarqube.yml up -d
docker-compose -f postgres_sonarqube.yml up
else
echo "Sonarqube is up!!!"
fi
echo "---------------------------------------------------------"
echo "请等待10分钟,sonarqube环境有点费时间!!!"
echo "----------------------------------------------------------"
11 SonarQube使用
11.1 SonarQube对Maven支持
修改setting.xml
<profile>
<id>sonar</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<sonar.login>admin</sonar.login>
<sonar.password>hadoop</sonar.password>
<sonar.host.url>http://192.168.66.12:9000</sonar.host.url>
</properties>
</profile>
<activeProfiles>
<activeProfile>sonar</activeProfile>
</activeProfiles>
mvn clean install -DskipTests sonar:sonar
或者修改 pom.xml 文件
<build>
<plugins>
<plugin>
<groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId>
<version>3.6.0.1398</version>
</plugin>
</plugins>
</build>
11.2 SonarScanner
下载地址
https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/
这里下载4.6
unzip sonar-scanner-cli-4.6.1.2450-linux.zip -C /usr/local/docker/docker_jenkins/data
mv sonar-scanner-4.6.1.2450-linux/ sonar-scanner
修改配置
vim conf/sonar-scanner.properties
sonar.host.url=http://192.168.66.12:9000
sonar.sourceEncoding=UTF-8
/usr/local/docker/docker_jenkins/data/sonar-scanner/bin/sonar-scanner -Dsonar.sources=./ -Dsonar.projectname=xiaosi -Dsonar.login=0c3b8327e16ef1ead5e33d9507d90657369d413f -Dsonar.projectKey=xiaosi -Dsonar.java.binaries=./target/
token获取如下:
12 Jenkins整合SonarQube
12.1安装SonarQube Scanner插件
12.2系统配置SonarQube Server
12.3 全局工具配置
12.4 任务配置
再次构建后
成功!
13Harbor
13.1安装
下载:https://github.com/goharbor/harbor/releases/tag/v2.4.1
tar -zxvf harbor-offline-installer-v2.4.1.tgz -C /usr/local
cp harbor.yml.tmpl harbor.yml
vim harbor.yml
./install.sh
账号 admin
密码 Harbor12345
13.2 证书生成
编译SSL证书!因为docker 上传 需要用 HTTPS 以下改变其IP 生成对应的/app/harbor/certs 的密钥文件
vim create.sh
#!/bin/bash
mkdir -p /app/harbor/certs
cd /app/harbor/certs
IP='XXX.XXX.XXX.XXX'
openssl genrsa -out ca.key 4096
openssl req -x509 -new -nodes -sha512 -days 3650 -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=www.harbor.mobi" -key ca.key -out ca.crt
openssl genrsa -out ${IP}.key 4096
openssl req -sha512 -new -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=${IP}" -key ${IP}.key -out ${IP}.csr
cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = IP:${IP}
EOF
openssl x509 -req -sha512 -days 3650 -extfile v3.ext -CA ca.crt -CAkey ca.key -CAcreateserial -in ${IP}.csr -out ${IP}.crt
openssl x509 -inform PEM -in ${IP}.crt -out ${IP}.cert
cp ${IP}.crt /etc/pki/ca-trust/source/anchors/${IP}.crt
update-ca-trust
HARBOR配置 下面IP password 替换为自身的
hostname: ${IP}
http:
port: 80
https:
port: 443
certificate: /root/harbor/harbor/certs/${IP}.crt
private_key: /root/harbor/harbor/certs/${IP}.key
harbor_admin_password: ${password}
database:
password: ${password}
max_idle_conns: 100
max_open_conns: 900
data_volume: /data
trivy:
ignore_unfixed: false
skip_update: false
insecure: false
jobservice:
max_job_workers: 10
notification:
webhook_job_max_retry: 10
chart:
absolute_url: disabled
log:
level: info
local:
rotate_count: 50
rotate_size: 200M
location: /var/log/harbor
_version: 2.3.0
proxy:
http_proxy:
https_proxy:
no_proxy:
components:
- core
- jobservice
- trivy
安装 (Harbor默认安装时是 不开启chartmuseum所以安装的时候加上–with-chartmuseum 支持chart仓库)
./install.sh --with-chartmuseum
问题一
[root@node3 certs]# docker login https://192.168.66.11 --username admin
Password:
Error response from daemon: Get "https://192.168.66.11/v2/": x509: certificate signed by unknown authority
解决方案 :
把生成的Crt文件放入 /etc/ssl/certs/
执行更新语句
update-ca-trust
重启docker生效 systemctl restart docker
问题二 报错 GO版本低
x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0
解决方案
原因: 由于go1.15以上不支持X509的证书 , 这里可以用SAN证书替换(这里不再扩展 -reqexts SAN ),本案例直接绕过校验
方法: 设置环境变量
echo “export GODEBUG=x509ignoreCN=0” >> /etc/profile; . /etc/profile
docker login https://192.168.66.11 --username admin --password=Harbor12345
docker tag jenkins:v2.0 192.168.66.11/jenkins/jenkins:v2.0
docker push 192.168.66.11/jenkins/jenkins:v2.0
其实还可以这样处理,增加如下:
echo '{ "insecure-registries":["192.168.66.11:80"] }' > /etc/docker/daemon.json
systemctl daemon-reload
systemctl restart docker
13.3 Jenkins容器内部使用Docker
修改 cd /var/run
chown -R root:root docker.sock
chmod o+rw docker.sock
修改jenkins docker-compose.yml
- /var/run/docker.sock:/var/run/docker.sock
- /usr/bin/docker:/usr/bin/docker
- /etc/docker/daemon.json:/etc/docker/daemon.json
- /etc/ssl/certs/192.168.66.11.crt:/etc/ssl/certs/192.168.66.11.crt
把生成的192.168.66.11.crt文件放入 /etc/ssl/certs/
update-ca-trust
systemctl restart docker
docker-compose up -d
docker exec -it jenkins bash
docker version
遇到问题一
jenkins容器内生成了192.168.66.11.crt目录,非文件,进入jenkins容器删除该目录,报错。
docker exec -it jenkins /bin/bash
rm -rf 192.168.66.11.crt
rm: cannot remove '192.168.66.11.crt': Permission denied
docker exec -it jenkins /bin/bash -c 'rm -rf /etc/ssl/certs/192.168.66.11.crt'
docker exec -it jenkins /bin/bash -c 'chown -R jenkins:jenkins /etc/ssl/certs/192.168.66.11.crt'
chown: changing ownership of '/etc/ssl/certs/192.168.66.11.crt': Operation not permitted
解决办法
find / -name “192.168.66.11.crt”
删除docker卷
cd /var/lib/docker/overlay2/e1c8eb4732db25bb4b44f063f68d78fb2d2599fe44b220867408d23e7e0f732e/diff/etc/ssl/certs/
rm -rf 192.168.66.11.crt/
问题二 docker login https://192.168.66.11 --username admin --password=Harbor12345
Error response from daemon: Get “https://192.168.66.11/v2/”: x509: certificate signed by unknown authority
解决办法
把生成的192.168.66.11.crt文件放入 /etc/ssl/certs/
update-ca-trust
systemctl restart docker
13.4 Jenkins定义镜像并推送Harbor
去掉target/.jar docker/
增加shell
mv target/*.jar docker/
docker build -t jenkins:
t
a
g
d
o
c
k
e
r
/
d
o
c
k
e
r
l
o
g
i
n
h
t
t
p
s
:
/
/
192.168.66.11
−
−
u
s
e
r
n
a
m
e
a
d
m
i
n
−
−
p
a
s
s
w
o
r
d
=
H
a
r
b
o
r
12345
d
o
c
k
e
r
t
a
g
j
e
n
k
i
n
s
:
tag docker/ docker login https://192.168.66.11 --username admin --password=Harbor12345 docker tag jenkins:
tagdocker/dockerloginhttps://192.168.66.11−−usernameadmin−−password=Harbor12345dockertagjenkins:tag 192.168.66.11/jenkins/jenkins:
t
a
g
d
o
c
k
e
r
p
u
s
h
192.168.66.11
/
j
e
n
k
i
n
s
/
j
e
n
k
i
n
s
:
tag docker push 192.168.66.11/jenkins/jenkins:
tagdockerpush192.168.66.11/jenkins/jenkins:tag
13.5 服务器脚本
vim deploy.sh
#!/bin/bash
harbor_addr=$1
harbor_repo=$2
project=$3
version=$4
port=$5
imageName=$harbor_addr/$harbor_repo/$project:$version
echo $imageName
containerId=`docker ps -a | grep ${project}|awk '{print $1}'`
echo $containerId
if [ "$containerId" != "" ] ; then
docker stop $containerId
docker rm $containerId
fi
tag=`docker images | grep ${project} | awk '{print $2}'`
echo $tag
if [[ "$tag" =~ "$version" ]] ; then
docker rmi $imageName
fi
docker login https://$harbor_addr --username admin --password=Harbor12345
docker pull $imageName
docker run -d -p $port:$port --name $project $imageName
13.6
去掉
cd /usr/local/app/docker
mv ../target/*.jar ./
docker-compose down
docker-compose up -d --build
docker image prune -f
增加
问题:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post
解决办法
chown -R root:root docker.sock
chmod o+wr docker.sock
14 流水线
14.1 使用SCM
14.2 拉取代码
添加参数化构建
checkout([$class: ‘GitSCM’, branches: [[name: ‘*/main’]], extensions: [], userRemoteConfigs: [[credentialsId: ‘203177e1-235c-4cfa-a9aa-c5f7b7c59dc0’, url: ‘http://192.168.66.10:8929/gitlab-instance-96e7daa0/jenkins.git’]]])
版本换成tag,然后黏贴到Jenkinsfile
执行构建
14.3 MVN构建
java -Dserver.port=7788 -jar jenkins-1.0.jar
14.4 代码检测
同上
14.5 制作镜像
同上
14.6 推送镜像
14.7 通知服务部署项目
14.8 增加邮箱通知
微信就收到短信