【Jenkins】持续集成和部署

以你之姓@ 2023-09-29 21:28 154阅读 0赞

1.生成安全证书,放到/usr/local/jenkins/data里面

  1. mkdir -p /opt/cert/docker
  2. cd /opt/cert/docker
  4. #逐行执行下面的脚本($HOST替换成你的域名)
  5. openssl genrsa -aes256 -out ca-key.pem 4096
  6. openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem
  7. openssl genrsa -out server-key.pem 4096
  8. openssl req -subj "/CN=$HOST" -sha256 -new -key server-key.pem -out server.csr
  9. # 配置白名单,推荐配置0.0.0.0,允许所有IP连接但只有证书才可以连接成功
  10. echo subjectAltName = DNS:$HOST,IP:0.0.0.0 > extfile.cnf
  11. openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem -extfile extfile.cnf
  12. openssl genrsa -out key.pem 4096
  13. openssl req -subj '/CN=client' -new -key key.pem -out client.csr
  14. echo extendedKeyUsage = clientAuth > extfile.cnf
  15. openssl x509 -req -days 365 -sha256 -in client.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out cert.pem -extfile extfile.cnf
  16. rm -v client.csr server.csr
  17. chmod -v 0400 ca-key.pem key.pem server-key.pem
  18. chmod -v 0444 ca.pem server-cert.pem cert.pem

2.安装docker

  1. apt update
  2. apt install docker.io

3.修改配置

  1. vi /usr/lib/systemd/system/docker.service
  2. # 注释掉其中的ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
  3. # 添加如下
  4. ExecStart=/usr/bin/dockerd \
  5. --tlsverify --tlscacert=/opt/cert/docker/ca.pem  \
  6. --tlscert=/opt/cert/docker/server-cert.pem \
  7. --tlskey=/opt/cert/docker/server-key.pem \
  8. -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock
  10. # 重启docker
  11. systemctl daemon-reload && systemctl restart docker
  13. # 测试2375端口,直接访问报错
  14. curl https://域名:2375/info
  15. # 指定证书访问成功
  16. curl --insecure https://域名:2375/info --cert /opt/cert/docker/cert.pem --key /opt/cert/docker/key.pem --cacert /opt/cert/docker/ca.pem

4.安装gogs

  1. docker pull gogs/gogs
  2. docker run -d -p 10022:22 -p 3000:3000 --name=gogs --restart=always gogs/gogs

3000端口访问:

24f07b47642c521833a7033935f1350d.png

localhost换成公网ip:

014f933f217831c082e18890558b63c9.png

接着登录注册、上传仓库:

3f9035352e5442cc2b374cfa656cb895.png

5.安装jenkins

  1. mkdir -p /usr/local/jenkins/data
  2. chmod -R a+w /usr/local/jenkins/data/
  3. docker pull jenkins/jenkins
  4. docker run --privileged=true -u=root -itd --name jenkins -v /usr/local/jenkins/data:/var/jenkins_home/ -p 8080:8080 -p 50000:50000 --restart=always jenkins/jenkins

9c6c7187cbf52a55a07e040ec2368435.png

  1. docker logs jenkins
  2. # 输入密码

6.安装java和maven

8b26e1a4d3df24452fedb261d8e6a2bd.png

  1. # ca.pem cert.pem key.pem也移到这里来

afcb9895b941f5b4b9a72f425668ddd0.png

4c520bdbfef2e4008d0b09ee8a2aecb5.png

e82ae1156bae27369a195b0fcaea17f2.png

7.配置jenkins(这块非常难)

先添加插件publish over ssh,不会可以百度,很简单。

1.项目根目录添加jenkins.sh

  1. #!/bin/bash
  2.     if docker ps | grep gateway; then
  3.         docker stop gateway
  4.         docker rm gateway
  5.         docker rmi flow/gateway:latest
  6.     fi
  7.     if docker ps | grep auth; then
  8.         docker stop auth
  9.         docker rm auth
  10.         docker rmi flow/auth:latest
  11.     fi
  12.     if docker ps | grep video; then
  13.         docker stop video
  14.         docker rm video
  15.         docker rmi flow/video:latest
  16.     fi
  17.     if docker ps | grep userinfo; then
  18.         docker stop userinfo
  19.         docker rm userinfo
  20.         docker rmi flow/userinfo:latest
  21.     fi
  22.     if docker ps | grep comment; then
  23.         docker stop comment
  24.         docker rm comment
  25.         docker rmi flow/comment:latest
  26.     fi

60f038380f53ac3207a0ecafff83c9c4.png

2.安装插件Publish Over SSH并全局配置

7ff1baa0c859d59bb9f5ce831eadb7bf.png

3bac09b95023ea9a22434f1600f2b5e9.png

3.第一步当然是拷贝jenkins.sh到根目录下,并执行,目的是清除镜像和容器

98622f3c4878957118115bbd91bab38e.png

4.执行打包镜像的命令

e8e40e324637a3a4d1eda09e6cb6912a.png

4.2023.4.3修改如下

  1. mvn clean install
  2. echo "开始构建Las Vegas的微服务群"
  3. cd gateway
  4. mvn docker:build
  5. cd ../auth
  6. mvn docker:build
  7. cd ../video
  8. mvn docker:build
  9. cd ../userInfo
  10. mvn docker:build
  11. cd ../comment
  12. mvn docker:build
  13. echo "Las Vegas的微服务群构建完毕!"
  14. cd ..
  15. echo "开始更改文件"
  16. cd gateway
  17. sed -i 's/alexmisko.com/cl.alexmisko.com/g' pom.xml
  18. sed -i 's#jenkins_home#jenkins_home/cert#g' pom.xml
  19. cd src/main/resources
  20. sed -i '0,/66\.187\.4\.234/s//38.34.245.48/' application.yml
  21. cd ../../../../auth
  22. sed -i 's/alexmisko.com/cl.alexmisko.com/g' pom.xml
  23. sed -i 's#jenkins_home#jenkins_home/cert#g' pom.xml
  24. cd src/main/resources
  25. sed -i '0,/66\.187\.4\.234/s//38.34.245.48/' application.yml
  26. cd ../../../../video
  27. sed -i 's/alexmisko.com/cl.alexmisko.com/g' pom.xml
  28. sed -i 's#jenkins_home#jenkins_home/cert#g' pom.xml
  29. cd src/main/resources
  30. sed -i '0,/66\.187\.4\.234/s//38.34.245.48/' application.yml
  31. cd ../../../../userInfo
  32. sed -i 's/alexmisko.com/cl.alexmisko.com/g' pom.xml
  33. sed -i 's#jenkins_home#jenkins_home/cert#g' pom.xml
  34. cd src/main/resources
  35. sed -i '0,/66\.187\.4\.234/s//38.34.245.48/' application.yml
  36. cd ../../../../comment
  37. sed -i 's/alexmisko.com/cl.alexmisko.com/g' pom.xml
  38. sed -i 's#jenkins_home#jenkins_home/cert#g' pom.xml
  39. cd src/main/resources
  40. sed -i '0,/66\.187\.4\.234/s//38.34.245.48/' application.yml
  41. echo "更改文件完毕"
  42. cd ../../../../
  43. mvn clean install
  44. echo "开始构建HK的微服务群"
  45. cd gateway
  46. mvn docker:build
  47. cd ../auth
  48. mvn docker:build
  49. cd ../video
  50. mvn docker:build
  51. cd ../userInfo
  52. mvn docker:build
  53. cd ../comment
  54. mvn docker:build
  55. echo "HK的微服务群构建完毕!"

5.运行镜像为容器

0874043cf2a5d6feb976c05a9bd63080.png

5.2023.4.3增加香港机器

8f08c663615bc9dcaed010d475e7165d.png

6.贴个图

2438344794c91971eaa3aa050a83ca4a.png

结语:

人生就是一场Mortal Combat,不服?Fight!

c9ae1c63d154b2c82b5cbf16b9d89884.png

发表评论

表情:
评论列表 (有 0 条评论,154人围观)

还没有评论,来说两句吧...

相关阅读