環(huán)境:
| 軟件 | 版本 |
|---|---|
| Java Version | 1.8.0_45 |
| Tomcat Version | Tomcat/8.5.4 |
| Ansible Version | 2.4 |
| GitLab Version | 11.1.2 |
| Jenkins Version | 2.121.2 |
| 操作系統 | CentOS 7.3 |
安裝Ansible
[root@deploy ~]# yum -y install ansible
[root@deploy ~]# ansible --version
ansible 2.4.2.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Nov 6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]
#優(yōu)化ansible配置文件
[root@deploy ~]# vim /etc/ansible/ansible.cfg
1.長連接設置
將
#ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s
修改為
ssh_args = -C -o ControlMaster=auto -o ControlPersist=5d
2.開啟pipelining
將
#pipelining = False
修改為
pipelining = True
3.開啟緩存
在 #gathering = implicit 下面追加
gathering = smart
fact_caching_timeout = 86400
fact_caching = jsonfile
fact_caching_connection = /tmp/ansible_fact_cache
安裝GitLab
#配置yum源
[root@deploy ~]# cat > /etc/yum.repos.d/gitlab-ce.repo << EOF
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el\$releasever/
gpgcheck=0
enabled=1
EOF
#更新yum緩存
[root@deploy ~]# yum clean all
[root@deploy ~]# yum makecache
#安裝GitLab依賴包
[root@deploy ~]# yum install -y curl policycoreutils-python openssh-server iptables-services
#安裝GitLab,安裝過程中會出現下圖的圖案
[root@deploy ~]# sudo yum -y install gitlab-ce
配置GitLab
#編輯配置文件
[root@deploy ~]# vim /etc/gitlab/gitlab.rb
#修改訪問地址
external_url 'http://10.241.0.1'
#開啟備份
gitlab_rails['manage_backup_path'] = true
gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
gitlab_rails['backup_keep_time'] = 604800
#初始化配置,并啟動服務
[root@deploy ~]# gitlab-ctl reconfigure
#查看狀態(tài)
[root@deploy ~]# gitlab-ctl status
run: alertmanager: (pid 22380) 17s; run: log: (pid 22496) 15s
run: gitaly: (pid 22287) 18s; run: log: (pid 22397) 17s
run: gitlab-monitor: (pid 22310) 17s; run: log: (pid 22342) 17s
run: gitlab-workhorse: (pid 22266) 18s; run: log: (pid 22350) 17s
run: logrotate: (pid 21787) 75s; run: log: (pid 22352) 17s
run: nginx: (pid 21754) 77s; run: log: (pid 22351) 17s
run: node-exporter: (pid 22018) 63s; run: log: (pid 22398) 16s
run: postgres-exporter: (pid 22406) 16s; run: log: (pid 22498) 15s
run: postgresql: (pid 21475) 127s; run: log: (pid 22313) 17s
run: prometheus: (pid 22353) 17s; run: log: (pid 22373) 17s
run: redis: (pid 21415) 133s; run: log: (pid 22312) 17s
run: redis-exporter: (pid 22054) 51s; run: log: (pid 22343) 17s
run: sidekiq: (pid 21718) 84s; run: log: (pid 22315) 17s
run: unicorn: (pid 22511) 12s; run: log: (pid 22314) 17s
#查看gitlab版本號
[root@deploy ~]# cat /opt/gitlab/embedded/service/gitlab-rails/VERSION
11.1.2
#開啟防火墻
[root@deploy ~]# systemctl stop firewalld
[root@deploy ~]# systemctl disable firewalld
[root@deploy ~]# systemctl start iptables
[root@deploy ~]# iptables -I INPUT -p tcp --dport 80 -j ACCEPT
[root@deploy ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
#訪問gitlab, 第一次登陸會要求設置密碼
瀏覽器打開 http://10.241.0.1
漢化Gitlab,可省略
#安裝git
[root@deploy ~]# yum install -y git
#下載相同版本的漢化補丁,和gitlab版本保持一致
[root@deploy ~]# git clone https://gitlab.com/xhang/gitlab.git gitlab-cn -b v11.1.2-zh
#查看該漢化補丁的版本
[root@deploy ~]# cat gitlab/VERSION
11.1.2
停止gitlab服務
[root@deploy ~]# gitlab-ctl stop
#切換到gitlab漢化包所在的目錄(即步驟二獲取的漢化版gitlab)
[root@deploy ~]# cd gitlab-cn
#比較漢化標簽和原標簽显歧,導出 patch 用的 diff 文件到/root下
[root@deploy gitlab-cn]# git diff v11.1.2 v11.1.2-zh > ../11.1.2-zh.diff
#將10.7.0-zh.diff作為補丁更新到gitlab中
[root@deploy gitlab-cn]# cd ..
[root@deploy ~]# yum install patch -y
[root@deploy ~]# patch -d /opt/gitlab/embedded/service/gitlab-rails -p1 < 11.1.2-zh.diff
#出現以下提供一直按回車即可
can't find file to patch at input line 5
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/app/assets/javascripts/awards_handler.js b/app/assets/javascripts/awards_handler.js
|index 70f20c5..b8089dd 100644
|--- a/app/assets/javascripts/awards_handler.js
|+++ b/app/assets/javascripts/awards_handler.js
--------------------------
File to patch:
#啟動gitlab
[root@deploy ~]# gitlab-ctl start
#再次訪問已經可以看到漢化完成
安裝jenkins
#可以從我的服務器上下載 也可以從官網下載
[root@deploy ~]# wget http://download.baiyongjie.com/deploy/jdk-8u45-linux-x64.tar.gz
[root@deploy ~]# wget http://download.baiyongjie.com/deploy/jenkins_2.121.2.war
[root@deploy ~]# wget http://download.baiyongjie.com/deploy/apache-tomcat-8.5.4.tar.gz
#安裝jdk
[root@deploy ~]# tar zxvf jdk-8u45-linux-x64.tar.gz
[root@deploy ~]# mv jdk1.8.0_45 /usr/local/
[root@deploy ~]# mv jdk-8u45-linux-x64.tar.gz /usr/local/src/
#添加到系統的環(huán)境變量
[root@deploy ~]# cat >>/etc/profile << EOF
export JAVA_HOME=/usr/local/jdk1.8.0_45
export JRE_HOME=\${JAVA_HOME}/jre
export CLASSPATH=.:\${JAVA_HOME}/lib:\${JRE_HOME}/lib
export PATH=\${JAVA_HOME}/bin:\$PATH
EOF
#使profile文件生效,并查看java版本
[root@deploy ~]# source /etc/profile
[root@deploy ~]# java -version
java version "1.8.0_45"
Java(TM) SE Runtime Environment (build 1.8.0_45-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.45-b02, mixed mode)
#安裝tomcat
[root@deploy ~]# tar zxvf apache-tomcat-8.5.4.tar.gz
[root@deploy ~]# mv apache-tomcat-8.5.4 /usr/local/jenkins
[root@deploy ~]# rm -rf /usr/local/jenkins/webapps/*
[root@deploy ~]# mv apache-tomcat-8.5.4.tar.gz /usr/local/src/
#修改tomcat字符集,及端口
[root@deploy ~]# vim /usr/local/jenkins/conf/server.xml
<Connector port="8080" URIEncoding="UTF-8" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
#啟動jenkins
[root@deploy ~]# mv jenkins_2.121.2.war /usr/local/jenkins/webapps/jenkins.war
[root@deploy ~]# /usr/local/jenkins/bin/startup.sh
#查看tomcat日志
[root@deploy ~]# tail -f /usr/local/jenkins/logs/catalina.out
31-Jul-2018 19:17:39.687 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive /usr/local/jenkins/webapps/jenkins.war has finished in 18,725 ms
31-Jul-2018 19:17:39.692 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler [http-nio-8090]
31-Jul-2018 19:17:39.697 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler [ajp-nio-8009]
31-Jul-2018 19:17:39.698 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 18776 ms
#配置防火墻
[root@deploy ~]# iptables -I INPUT -p tcp --dport 8090 -j ACCEPT
[root@deploy ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
#訪問Jenkins
http://10.241.0.1
#第一次打開jenkins需要初始化密碼
[root@deploy ~]# cat /root/.jenkins/secrets/initialAdminPassword
23952aded0864751a5abf5676a6a81d3
#解決jenkins插件問題,訪問
http://10.241.0.1/jenkins/pluginManager/advanced
#修改最下面的升級站點地址
http://updates.jenkins-ci.org/update-center.json
#清華大學鏡像源 https://mirrors.tuna.tsinghua.edu.cn/jenkins/
#上海大學鏡像源 https://mirrors.shu.edu.cn/jenkins/
#如配置地址后仍然無法在線使用,那可以采用下載插件,手動安裝
http://mirror.xmission.com/jenkins/plugins/
#重啟jenkins命令
kill -9 `ps -ef|grep '/usr/local/jenkins' | grep -v grep | awk '{print $2}' `
/usr/local/jenkins/bin/startup.sh
Jenkins 整合 Gitlab
配置Gitlab
上傳服務器秘鑰到gitlab
# 生成秘鑰
[root@deploy ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:NRuBl+TBQow5l3nb+E/MCg95tpZRF/+amoRTaBIhTXw root@deploy
The key's randomart image is:
+---[RSA 2048]----+
| .O+*+. |
| +.XoEo . |
| o.==+ o|
| oo=. . o|
| S +o.+ ..|
| o+o= + .|
| o*.B o |
| o*.+ |
| .o. |
+----[SHA256]-----+
[root@deploy ~]# cat .ssh/id_rsa.pub
ssh-rsa AAAB3NzaC1yc2EAAAADAQABAAABAQC1kOUt1qRxd/rJJkOIYOeM9u0twE9pZq4txKwEtAy3lT2LCcxgWbcjC0VBI84FO9XE8BKA/oEA1wCErVevnDoYfLT99x8t6SLc8bKZ9SOSAAt1LO5HkzaaBDnuoXyVRduWJHlN9zS7lGYxbEY1AHYWwA3hDl3Y/SPUC6ulwCU7QnbOn8GE7qGXW8BDdeTyIEXqn3pFYFTa7TiqnjR9w3iqzso32Yo/sDeEsdsm6uw8uEVUexBqeUdjB6OP35JLpnwaGhoXeiIW87fCtk37PFzb5quZB2yoBKTJHFU8lC+Ihh/Z/iGOyU0mmjvq8ot8P5RfDPFtpFc4Oipm3c3etNd root@deploy
將公鑰上傳到gitlab
初始化項目
[root@deploy ~]# mkdir -p /data/Ansible/
[root@deploy ~]# cd /data/Ansible/
[root@deploy Ansible]# git config --global user.name "baiyongjie"
[root@deploy Ansible]# git config --global user.email "misterbyj@163.com"
[root@deploy Ansible]# git clone ssh://git@101.89.82.106:59888/root/Ansible.git code
Cloning into 'code'...
The authenticity of host '[101.89.82.106]:59888 ([101.89.82.106]:59888)' can't be established.
ECDSA key fingerprint is SHA256:KgiTZyrCxFQwHivVyAYc1XrpvfWVliLaC+S0cg2fwYE.
ECDSA key fingerprint is MD5:b8:f9:75:c9:53:c1:48:6e:90:65:c5:5b:e7:5c:bd:ba.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[101.89.82.106]:59888' (ECDSA) to the list of known hosts.
warning: You appear to have cloned an empty repository.
[root@deploy Ansible]# cd code/
[root@deploy code]# echo "##### jenkins test" > README.md
[root@deploy code]# git add .
[root@deploy code]# git commit -m 'add readme'
[master (root-commit) 3b6717d] add readme
1 file changed, 1 insertion(+)
create mode 100644 README.md
[root@deploy code]# git push -u origin master
Counting objects: 3, done.
Writing objects: 100% (3/3), 227 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To ssh://git@101.89.82.106:59888/root/Ansible.git
* [new branch] master -> master
Branch master set up to track remote branch master from origin.
配置Gitlab,為整合Jenkins做準備
配置Jenkins
選擇系統管理->管理插件->可選擇插件->搜索 gitlab
然后繼續(xù)安裝Gitlab Authentication和Gitlab Hook
配置jenkins連接gitlab,選擇左側的系統管理,然后選擇中間的系統設置
配置GitLab,Connection Name隨便填团甲,Git Host URL填GitLab的訪問地址漂坏,然后點Add—jenkins渐扮,如圖:
image
Credentials選擇剛創(chuàng)建的GitLab Api Token,然后點下Test Connection,看下是否成功,如成功點擊最下面的保存
源碼管理選擇git,選擇Add-Jenkins,配置Gitlab的賬號密碼
image
配置自動觸發(fā),點擊構建觸發(fā)器,先勾選Build when a change is pushed to GitLab,點擊高級涨岁,然后再點擊一下Generate就會生成一個Secret Token,如下
點擊左下角的保存按鈕吉嚣。記錄兩個東西梢薪,一個是Build when a change is pushed to GitLab那一行中,GitLab CI Service URL:后面的 URL尝哆;
還有一個就是剛剛生成的Secret Token秉撇,這倆在后面配置GitLab工程時需要用到
配置Gitlab工程
在gitlab進入那個叫Ansible的項目,點擊設置,點擊導入所有倉庫,在URL里填寫剛剛記下來的URL秋泄,在安全令牌里填寫剛剛記下來的Secret Token琐馆,如圖:
然后點擊下面綠色的增加Web鉤子,如多出一個如下圖的web鉤子
如果提示 Urlis blocked: Requests to localhost are not allowed,這需要開啟允許鉤子訪問本地網絡
對剛剛生成的web鉤子點擊test,選擇push events恒序,然后就會出現200的成功字樣瘦麸,如圖:
如果你再點擊一下test上面的edit,就會看到鉤子最近調用情況歧胁,再點擊view details的話滋饲,就會看到具體的調用細節(jié),如圖:
測試自動構建
在服務器上push代碼,
[root@deploy code]# echo "測試jenkins是否會自動構建" > auto-jenkins
[root@deploy code]# git add .
[root@deploy code]# git commit -m 'test autojenkins'
[master 2290848] test autojenkins
1 file changed, 1 insertion(+)
create mode 100644 auto-jenkins
[root@deploy code]# git push origin master
Counting objects: 4, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 320 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To ssh://git@101.89.82.106:59888/root/Ansible.git
3b6717d..2290848 master -> master
到Jenkins查看構建記錄,發(fā)現push動作已經出發(fā)了Jenkins的自動構建
查看構建的控制臺輸出日志,重點看commit message和Finished
結束語.
至此,Jenkins結合Gitlab就已經做完了,
每次開發(fā)push代碼后觸發(fā)jenkins的自動構建,
可以在下面的構建步驟里增加一些shell,ansible-playbook等來幫助我們完成自動部署等操作.
Jenkins 整合 Ansible
安裝jenkins和ansible
要jenkins支持ansible的前提條件是在jenkins所在的主機上安裝ansible
jenkins和ansible安裝可以參考 https://baiyongjie.com/?p=188
測試ansible
[root@deploy ansible]# cd /etc/ansible/
[root@deploy ansible]# > hosts
[root@deploy ansible]# vim hosts
[client]
10.241.0.2
# 生成秘鑰
[root@deploy ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:NRuBl+TBQow5l3nb+E/MCg95tpZRF/+amoRTaBIhTXw root@deploy
The key's randomart image is:
+---[RSA 2048]----+
| .O+*+. |
| +.XoEo . |
| o.==+ o|
| oo=. . o|
| S +o.+ ..|
| o+o= + .|
| o*.B o |
| o*.+ |
| .o. |
+----[SHA256]-----+
#將秘鑰拷貝到客戶機
[root@deploy ansible]# ssh-copy-id 10.241.0.2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.241.0.2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.241.0.2'"
and check to make sure that only the key(s) you wanted were added.
#測試ansible能否正常運行
[root@deploy ansible]# ansible client -m ping
10.241.0.2 | SUCCESS => {
"changed": false,
"ping": "pong"
}
#新建一個測試的ansible-playbook
[root@deploy ~]# mkdir -p /data/Ansible-playbook
[root@deploy ~]# vim /data/Ansible-playbook/jenkins-mkdir.yml
---
- hosts: client
gather_facts: no
tasks:
- name: mkdir jenkins-test-dir
file: path=/data/jenkins-test-dir state=directory
配置jenkins
登陸jenkins 選擇系統管理->管理插件 安裝以下兩個插件: Ansible喊巍、AnsiColor
然后構建的步驟新加一個Ansible-playbook,配置腳本路徑,然后保存
image
到client主機查看 jenkins-test-dir 目錄是否創(chuàng)建成功
#查看client的ip地址
[root@deploy ~]# cat /etc/ansible/hosts
[client]
10.241.0.2
#登陸到遠程主機
[root@deploy ~]# ssh 10.241.0.2
Last login: Fri Aug 3 22:02:58 2018 from gateway
#查看目錄是否存在
[root@client ~]# tree /data/
/data/
└── jenkins-test-dir
#查看目錄的詳細信息
[root@client ~]# stat /data/jenkins-test-dir/
File: ‘/data/jenkins-test-dir/’
Size: 6 Blocks: 0 IO Block: 4096 directory
Device: 802h/2050d Inode: 68197841 Links: 2
Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2018-08-03 22:19:48.393000000 +0800
Modify: 2018-08-03 22:12:27.046000000 +0800
Change: 2018-08-03 22:12:27.046000000 +0800
#從上面的信息可以看到目錄的創(chuàng)建時間為22:12:27, 與jenkins構建時間一致
