胶州企业网站设计,百度网盟推广是什么,宣传册设计与制作图片,为什么建设网站要年年交钱文章目录 基于docker容器DevOps应用方案环境基础配置1.所有主机永久关闭防火墙和selinux2.配置yum源3.docker的安装教程 配置主机名与IP地址解析部署gitlab.server主机1.安装gitlab2.配置gitlab3.破解管理员密码4.验证web页面 部署jenkins.server主机1.部署tomcat2.安装jenkins… 文章目录 基于docker容器DevOps应用方案环境基础配置1.所有主机永久关闭防火墙和selinux2.配置yum源3.docker的安装教程 配置主机名与IP地址解析部署gitlab.server主机1.安装gitlab2.配置gitlab3.破解管理员密码4.验证web页面 部署jenkins.server主机1.部署tomcat2.安装jenkins3.验证web页面4.安装git、maven、docker5.安装docker6.配置免密登录 部署harbor.server主机1.安装和配置harbor2.访问web页面 部署docker主机1.安装docker服务2.制作一个基础的tomcat镜像并上传到私有镜像仓库 部署webs主机企业业务代码项目发布流程1.将代码上传到gitlab主机2.在Jenkins创建项目并写流水线脚本运行项目3.在webs服务器上测试 基于docker容器DevOps应用方案
环境
主机名IP地址功能安装的软件系统版本gitlab.server192.168.179.13本地代码仓库gitlab-cecentos8jenkins.server192.168.179.14编译代码、打包镜像、项目发布jenkins、docker、git、mavencentos8harbor.server192.168.179.15本地容器镜像仓库存储镜像harbor、docker-compose、dockercentos8docker192.168.179.16制作镜像、上传镜像dockercentos8webs192.168.179.10测试环境 项目发布在此主机dockercentos8 基础配置
1.所有主机永久关闭防火墙和selinux
//永久关闭防火墙
systemctl disable --now firewalld.service //永久关闭selinux
setenforce 0
sed -i s/^SELINUXenforcing/SELINUXdisabled/g /etc/selinux/config2.配置yum源
所有主机配置对应系统的yum源gitlab主机需要安装epel源
//删除自带的默认yum源
rm -rf /etc/yum.repos.d/*//配置国内yum源阿里云源
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.reposed -i -e /mirrors.cloud.aliyuncs.com/d -e /mirrors.aliyuncs.com/d /etc/yum.repos.d/CentOS-Base.repo//安装epel源
yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpmsed -i s|^#baseurlhttps://download.example/pub|baseurlhttps://mirrors.aliyun.com| /etc/yum.repos.d/epel*sed -i s|^metalink|#metalink| /etc/yum.repos.d/epel*3.docker的安装教程
不是每一台都要安装docker
//centos系统安装docker过程不是每一台都要装
yum install -y yum-utils device-mapper-persistent-data lvm2yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.reposed -i sdownload.docker.commirrors.aliyun.com/docker-ce /etc/yum.repos.d/docker-ce.repoyum makecacheyum -y install docker-cesystemctl enable --now docker.service配置主机名与IP地址解析
所有主机都写在/etc/hosts 文件里面添加如下内容
//编辑 /etc/hosts 文件
[rootgitlab ~]# vi /etc/hosts
[rootgitlab ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
#添加如下内容
192.168.179.13 gitlab.server
192.168.179.14 jenkins.server
192.168.179.15 harbor.server
192.168.179.16 docker
192.168.179.10 webs
[rootgitlab ~]# 部署gitlab.server主机
1.安装gitlab
安装和使用的详细过程请阅读GitLab版本控制
//安装依赖包
[rootgitlab ~]# yum -y install git wget curl vim openssh-server openssh-clients postfix cronie perl//启动postfix并设置开机自启
[rootgitlab ~]# systemctl enable --now postfix//下载并安装policycoreutils-python
[rootgitlab ~]# wget http://mirror.centos.org/centos/7/os/x86_64/Packages/policycoreutils-python-2.5-34.el7.x86_64.rpm[rootgitlab ~]# rpm -ivh --nodeps policycoreutils-python-2.5-34.el7.x86_64.rpm --force //下载gitlab软件包
[rootgitlab ~]# wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-16.4.1-ce.0.el7.x86_64.rpm[rootgitlab ~]# rpm -ivh gitlab-ce-16.4.1-ce.0.el7.x86_64.rpm
省略
It looks like GitLab has not been configured yet; skipping the upgrade script.*. *.*** ******** *****.****** *************** ********,,,,,,,,,***********,,,,,,,,,,,,,,,,,,,,*********,,,,,,,,,,,.,,,,,,,,,,,*******,,,,,,,,,,,,,,,,,,,,,*****,,,,,,,,,.,,,,,,,****,,,,,,.,,,***,,,,,*,._______ __ __ __/ ____(_) /_/ / ____ _/ /_/ / __/ / __/ / / __ / __ \/ /_/ / / /_/ /___/ /_/ / /_/ /\____/_/\__/_____/\__,_/_.___/Thank you for installing GitLab!
看见这个狐狸标志就代表安装成功2.配置gitlab
//修改 /etc/gitlab/gitlab.rb 的第32行、1011行、1115行
[rootgitlab ~]# vim /etc/gitlab/gitlab.rb
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
external_url http://192.168.179.13 //改成自己主机的域名或ip## Roles for multi-instance GitLab
省略
# gitlab_workhorse[listen_addr] /var/opt/gitlab/gitlab-workhorse/sockets/socketgitlab_workhorse[auth_backend] http://localhost:8080 //取消注释##! Enable Redis keywatcher, if this setting is not present it defaults to true
省略
# puma[listen] 127.0.0.1puma[port] 8080 //取消注释
# puma[socket] /var/opt/gitlab/gitlab-rails/sockets/gitlab.socket
省略//重载配置文件
[rootgitlab ~]# gitlab-ctl reconfigure
耐心等待过程省略...//重启gitlab
[rootgitlab ~]# gitlab-ctl restart
ok: run: alertmanager: (pid 21903) 0s
ok: run: gitaly: (pid 21913) 0s
ok: run: gitlab-exporter: (pid 21930) 1s
ok: run: gitlab-kas: (pid 21943) 0s
ok: run: gitlab-workhorse: (pid 21953) 0s
ok: run: logrotate: (pid 21971) 1s
ok: run: nginx: (pid 21977) 0s
ok: run: node-exporter: (pid 21985) 1s
ok: run: postgres-exporter: (pid 21991) 0s
ok: run: postgresql: (pid 22001) 0s
ok: run: prometheus: (pid 22010) 1s
ok: run: puma: (pid 22027) 0s
ok: run: redis: (pid 22032) 1s
ok: run: redis-exporter: (pid 22039) 0s
ok: run: sidekiq: (pid 22048) 1s
[rootgitlab-server ~]# //查看各端口号
[rootgitlab ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 1024 127.0.0.1:8154 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:8155 0.0.0.0:*
LISTEN 0 128 127.0.0.1:8092 0.0.0.0:*
LISTEN 0 511 0.0.0.0:8060 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:9121 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:9090 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:9187 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:9093 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:9100 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:9229 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:8080 0.0.0.0:*
LISTEN 0 511 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 127.0.0.1:9168 0.0.0.0:*
LISTEN 0 128 127.0.0.1:8082 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:9236 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:8150 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:8151 0.0.0.0:*
LISTEN 0 1024 127.0.0.1:8153 0.0.0.0:*
LISTEN 0 100 127.0.0.1:25 0.0.0.0:*
LISTEN 0 1024 *:9094 *:*
LISTEN 0 128 [::1]:9168 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[rootgitlab ~]# 3.破解管理员密码
//存放初始密码的文件
[rootgitlab ~]# cd /etc/gitlab/
[rootgitlab gitlab]# ls
gitlab.rb gitlab-secrets.json initial_root_password trusted-certs
[rootgitlab gitlab]# cat initial_root_password
# WARNING: This value is valid only in the following conditions
# 1. If provided manually (either via GITLAB_ROOT_PASSWORD environment variable or via gitlab_rails[initial_root_password] setting in gitlab.rb, it was provided before database was seeded for the first time (usually, the first reconfigure run).
# 2. Password hasnt been changed manually, either via UI or via command line.
#
# If the password shown here doesnt work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.Password: eTV80Gpy/Pmq2jJCpsKS80EUotfxpRGxok79lju2Wks //这是初始密码# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.
[rootgitlab gitlab]# //破解密码过程
[rootgitlab ~]# gitlab-rails console -e production
--------------------------------------------------------------------------------Ruby: ruby 3.0.6p216 (2023-03-30 revision 23a532679b) [x86_64-linux]GitLab: 16.4.1 (e6801ed8d44) FOSSGitLab Shell: 14.28.0PostgreSQL: 13.11
------------------------------------------------------------[ booted in 18.81s ]
Loading production environment (Rails 7.0.6)
irb(main):001:0 user User.where(id: 1).first //定义一个超级管理员id为1#User id:1 root
irb(main):002:0 user.password lcwanf001 //设置密码lcwanf001
irb(main):003:0 user.password_confirmation lcwanf001 //确定密码lcwanf001
irb(main):004:0 user.save! //保存用户true
irb(main):005:0 exit //退出
[rootgitlab ~]# 4.验证web页面 安装完毕 部署jenkins.server主机
安装与使用的详细过程请阅读Jenkins部署与应用
1.部署tomcat
Jenkins是一个Java程序所以要依赖tomcat
//安装Java环境
[rootjenkins ~]# yum -y install java-1.8.0-openjdk java-1.8.0-openjdk-devel wget
[rootjenkins ~]# java -version
openjdk version 1.8.0_312
OpenJDK Runtime Environment (build 1.8.0_312-b07)
OpenJDK 64-Bit Server VM (build 25.312-b07, mixed mode)
[rootjenkins ~]# //下载tomcat软件包
[rootjenkins ~]# wget https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.79/bin/apache-tomcat-9.0.79.tar.gz
[rootjenkins ~]# ls
anaconda-ks.cfg apache-tomcat-9.0.79.tar.gz//解压部署解压到哪个目录该目录就是安装目录
[rootjenkins ~]# tar -xf apache-tomcat-9.0.79.tar.gz -C /usr/local/
[rootjenkins ~]# cd /usr/local/
[rootjenkins local]# ls
apache-tomcat-9.0.79 etc include lib64 sbin src
bin games lib libexec share//软链接
[rootjenkins local]# ln -s apache-tomcat-9.0.79/ tomcat
[rootjenkins local]# ls
apache-tomcat-9.0.79 etc include lib64 sbin src
bin games lib libexec share tomcat
[rootjenkins local]# //启动tomcat服务
[rootjenkins local]# /usr/local/tomcat/bin/startup.sh
Using CATALINA_BASE: /usr/local/tomcat
Using CATALINA_HOME: /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME: /usr
Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
Using CATALINA_OPTS:
Tomcat started.
[rootjenkins local]# //8005和8080端口已经起来了
[rootjenkins local]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 1 [::ffff:127.0.0.1]:8005 *:*
LISTEN 0 100 *:8080 *:*
[rootjenkins local]# 2.安装jenkins
//安装Jenkins所需要的Java17
[rootjenkins ~]# yum -y install java-17-openjdk java-17-openjdk-devel//由于安装tomcat时安装的Java1.8但是Jenkins需要Java17所以切换一下Java版本
[rootjenkins ~]# alternatives --config javaThere are 2 programs which provide java.Selection Command
-----------------------------------------------
* 1 java-1.8.0-openjdk.x86_64 (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64/jre/bin/java)2 java-17-openjdk.x86_64 (/usr/lib/jvm/java-17-openjdk-17.0.1.0.12-2.el8_5.x86_64/bin/java)Enter to keep the current selection[], or type selection number: 2 //选择2
[rootjenkins ~]# //下载Jenkins的.war包
[rootjenkins ~]# wget https://get.jenkins.io/war-stable/2.414.2/jenkins.war
[rootjenkins ~]# ls
anaconda-ks.cfg apache-tomcat-9.0.79.tar.gz jenkins.war
[rootjenkins ~]# java -jar jenkins.war//把Jenkins包cp到 /usr/local/tomcat/webapps/去
[rootjenkins ~]# cp jenkins.war /usr/local/tomcat/webapps///重启tomca服务就会自动解压Jenkins.war
[rootjenkins ~]#/usr/local/tomcat/bin/shutdown.sh
[rootjenkins ~]#/usr/local/tomcat/bin/startup.sh[rootjenkins ~]# cd /usr/local/tomcat/webapps/
[rootjenkins webapps]# ls
docs examples host-manager jenkins jenkins.war manager ROOT3.验证web页面
查看临时密码登录进去后面会重新设置一个管理员密码的
[rootjenkins ~]# cat /root/.jenkins/secrets/initialAdminPassword
fc67568de10348528e5735461cde70d9建议直接安装全部插件 额外安装ssh、maven integration插件 4.安装git、maven、docker
//安装git
[rootjenkins ~]# yum -y install git//安装maven
[rootjenkins ~]# yum -y install maven//验证
[rootjenkins ~]# git version
git version 2.27.0[rootjenkins ~]# mvn -v
Apache Maven 3.5.4 (Red Hat 3.5.4-5)
Maven home: /usr/share/maven
Java version: 1.8.0_312, vendor: Red Hat, Inc., runtime: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64/jre
Default locale: en_US, platform encoding: UTF-8
OS name: linux, version: 4.18.0-499.el8.x86_64, arch: amd64, family: unix
[rootjenkins ~]# 5.安装docker
[rootjenkins ~]# yum install -y yum-utils device-mapper-persistent-data lvm2[rootjenkins ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo[rootjenkins ~]# sed -i sdownload.docker.commirrors.aliyun.com/docker-ce /etc/yum.repos.d/docker-ce.repo[rootjenkins ~]# yum makecache[rootjenkins ~]# yum -y install docker-ce[rootjenkins ~]# systemctl enable --now docker.service6.配置免密登录
配置Jenkins主机可以从harbor主机拉取镜像以及免密登录
//配置可以拉取harbor的镜像
[rootjenkins ~]# vi /etc/docker/daemon.json
[rootjenkins ~]# cat /etc/docker/daemon.json
{insecure-registries: [harbor.server]
}
[rootjenkins ~]#//配置免密登录先生成密钥
[rootjenkins ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory /root/.ssh.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:LF23ZkhvyKBHo41Qccp7WvSZWOt1BF5eQ5rwk80kbNw rootjenkins
The keys randomart image is:
---[RSA 3072]----
| o.. ...|
| o o .oBOE.|
| . o *oo |
| . X O o. |
| * S O B . |
| * . . |
| . . |
| |
| |
----[SHA256]-----//发送密钥给gitlab、harbor、webs
[rootjenkins ~]# ssh-copy-id root192.168.179.13
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: /root/.ssh/id_rsa.pub
The authenticity of host 192.168.179.13 (192.168.179.13) cant be established.
ECDSA key fingerprint is SHA256:mapKiuHuHGpxH7GUsX8rZOmLghVOlIiwcnXiHncXt3Q.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root192.168.179.13s password: Number of key(s) added: 1Now try logging into the machine, with: ssh root192.168.179.13
and check to make sure that only the key(s) you wanted were added.[rootjenkins ~]# [rootjenkins ~]# ssh-copy-id root192.168.179.15
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: /root/.ssh/id_rsa.pub
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root192.168.179.15s password: Number of key(s) added: 1Now try logging into the machine, with: ssh root192.168.179.15
and check to make sure that only the key(s) you wanted were added.[rootjenkins ~]# [rootjenkins ~]# ssh-copy-id root192.168.179.10
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: /root/.ssh/id_rsa.pub
The authenticity of host 192.168.179.10 (192.168.179.10) cant be established.
ECDSA key fingerprint is SHA256:i67M51gIqhkRKG7bHQ2Y6WSNMd0x1KKy8GbHz/iBM.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root192.168.179.10s password: Number of key(s) added: 1Now try logging into the machine, with: ssh root192.168.179.10
and check to make sure that only the key(s) you wanted were added.添加jenkins.server访问webs凭据
[rootjenkins ~]# cat /root/.ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAnc8Xhh90xejGr77j0AGlhbtG33qSO8ShbUBjLlALs6AWEv4wTuym
ANvp/ZPR3FOAkShR/ZgI/KqzewNjX9K4cOFzXf4yj2eKyGatOiQBEHHve5ulv4rYU2U
7eZYEp7ZiERTkja/NC7y7tkRkwlZ2IrhPf5OsuZyp0Sr331qELn85XMlcUxbqPPprtIpGC
Bru9qOigLFyJMxvmrnBYlYrjzCdyCXUtFr5DEe5seeJpz3IQtMV2VvUsKmsb4gl8IWtvX
jmwAmt5XN2J36D0b5dYpggzrQumQOpTdl8aZe99R/0TZNHj1faDhzx0MIuxZwaq7QEr6gk
lQXW5SnZt/VvJq3pRY5fZwOFyO44Tko8BJidPbQ6N5pokumy0tN3IMjudzrta9blOw08P
izSOCs1ONT6nmuhK0t83Vm7cxmONkorawxWFciFsoets9aJoEVXIaRXvfRHxdeHdZxkQ
nAFCzPC2K28Zn0OjeslKnhcmHfRv9tLGEwxT/NhAAAFiKN309ujd9PbAAAAB3NzaC1yc2
EAAAGBAJ3PF4YfdMXoxq49ABpYW7Rt96kjvEoW1AYy5QC7OgFhLME7spgDb6f2T0d/h
TgJEoUfv2YCP/iqs3sDY1/SuHDhc13Mo9nishmrTokARBx73ubpbK2FNlO3mWBKe2YhE
U5I2vzQu8u7ZEZMJWdiK4T3TrLmcqdEq999ahC5/OVzJXFMW6jz6a7SKRgga7vajooCxc
iTMb5q5wWJfmK48wncgl1LRaQxHubHniac9yELTFdlb1LCprGIJfCFrb145sAJreVzdi
dg9GXWKYIM60LpkDqU3ZfGmXvfUf9E2TR49X2g4c8dDCLsWcGqu0BKoJJUF1uUp2bf1
byat6UWOX2cDhcjuOE5KPASYnT20OjeafqJLpstLTdyDI7nc67WvW5TsNPD4s0jgrNTjU
p5roStLfN1Zu3MZjjZKK2sMVhXIhbKHrbPWifvqBFVyGkV730R8XXh3WcZEJwBQszwtitv
GZ9Do3rJSp4XJh30fr/bSxhMMU/zYQAAAAMBAAEAAAGAaLieobCKKzM3djS0tLoC/2WxuG
d8VxE7Fmbd6kPQIBkhzOTFZfqAhp1o/49yfKDkxXiJllVB/qCPR/6Dq3G6jXJk47oof0nz
CYn4KjSV3zBAAq7o0k8iok22NCa0SqOWEUderxklumMpjdOUbu9KYF6z7uDdeOngVzHDDj
5WEyW3swqYrp0Z9owvoRUJOCO3ZBBerAwU9Pp9LS4LeJ57kVRcr/TtkSm1j0Khpb9C
h6rmFAJDw4O9qUBtlbWRzOm7K2BYme66fVtqX3pU5VLfHzqyqVVzmv9iAR861q6RTIJm
5C9bF2I8EErlIXrXz9btxuL8cynFYZDkUX0V5FGl8XtEgf3MNRzRSREGILWxmARZmbl6w
uqLnsWjGXDjP49aVyt228RtgZChR1tkWALwWIWa9833kSWAMzVODVdaiYTuUsxS17kYV
TteTHCvA3Hon4h8VIEjIckctHeo0w7wGjOqz/NmmFLewnBtawxJeN1T/JphtmvIJABAAAA
wCpCqO6tWX/7/slokGymeEJ47buSCkNsM01S5ZQxGFB5SrhbWTycqwjhY0TNygfFyk1A
OZU4MvPArve4XzsKH6mKQO2nutsRCy0tjOTj4OYaS1HLM2KfLyDq1C8DZ27FgMDLcUBgr
3jZEYwpD5FAAoZlOv3SZPV4BH6sKgMXCigJ2wF2jc71ECFIxae2fl6fgM7iKjDsRBlO
acctgke9sfYXjXI3KQmSGyyeJeqKC807o7qEF8EONP0sH87wAAAMEAzKkcaaEU2/Un6Z
xBWoQQXoBUEfvj1EZIceD1djM7tHVeT1RUaN51dAFBbViBzQbGAPbe5unMoUVy8hXfCof
N2pyAVA0LXFivjCAXt5LmgsTMCq7CpHU/24IHdegHoRPA2Mh8AnjkoWEb1NyQrxBd6OBE
osRlHD9Q1WAfThjb9qbwg4XpuzGGsuT934AC2R6nAjYYWZgIK6dwEcF0FBmF2BdcTBe
g82cVkEprKhj7aAYGNu2Y3oIorJQxBAAAAwQDFZUN4iv36gQwW9XcLhwGSf5TC1qW5ZChj
47zMBTf7zccR1/yDn3wj43SsVrOdiNChreagtmYmwepwxbW/SEvMHJv9zUMCP3cpeUi0w
UyUPLT2MTWe3bMNUDbvtAhSlE74CVKsOY4Y8qIldyEkOLhI8jLk8jjBgoe5vd/tOHf/N9z
zauBfr3REkjJ7dFum0VgjQE2lU/T7znoWAXY4GuwAGbFFkyIWQQMYJV8ZvY8pnYE2x4yV8
ZGF6lsLZetnyEAAAATcm9vdEBqZW5raW5zLXNlcnZlcg
-----END OPENSSH PRIVATE KEY-----
[rootjenkins ~]# 配置Jenkins使用ssh连接webs主机 部署harbor.server主机
1.安装和配置harbor
//先安装docker前面有教程//安装docker-compose
[rootharbor ~]# curl -SL https://github.com/docker/compose/releases/download/v2.23.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose[rootharbor ~]# chmod x /usr/local/bin/docker-compose
[rootharbor ~]# ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose//安装harbor
[rootharbor ~]# wget https://github.com/goharbor/harbor/releases/download/v2.9.1/harbor-offline-installer-v2.9.1.tgz[rootharbor ~]# tar -xf harbor-offline-installer-v2.9.1.tgz -C /usr/local/
[rootharbor ~]# cd /usr/local/harbor/
[rootharbor harbor]# ls
common.sh harbor.yml.tmpl LICENSE
harbor.v2.9.1.tar.gz install.sh prepare
[rootharbor harbor]# //配置harbor
[rootharbor harbor]# cp harbor.yml.tmpl harbor.yml
[rootharbor harbor]# yum -y install vim
[rootharbor harbor]# vim harbor.yml
#修改这几行
hostname: harbor-server
# https related config 注释https
#https:# https port for harbor, default is 443# port: 443# The path of cert and key files for nginx# certificate: /your/certificate/path# private_key: /your/private/key/path
harbor_admin_password: 123456
insecure: true
-------
[rootharbor harbor]# ./prepare
[rootharbor harbor]# ./install.sh 2.访问web页面 安装完毕 部署docker主机
1.安装docker服务
//安装docker前面有教程
...//配置连接harbor-server所有镜像仓库
[rootdocker ~]# vim /etc/docker/daemon.json
[rootdocker ~]# cat /etc/docker/daemon.json
{insecure-registries: [harbor.server]
}
[rootdocker ~]#
[rootdocker ~]# systemctl daemon-reload
[rootdocker ~]# systemctl restart docker.service 2.制作一个基础的tomcat镜像并上传到私有镜像仓库
//制作tomcat镜像并上传到harbor-server主机
[rootdocker ~]# vim dockerfile
[rootdocker ~]# cat dockerfile
FROM centos:8RUN rm -rf /etc/yum.repos.d/* \curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo \sed -i -e /mirrors.cloud.aliyuncs.com/d -e /mirrors.aliyuncs.com/d /etc/yum.repos.d/CentOS-Base.repo \yum clean all \yum makecache \yum -y install java-1.8.0-openjdk java-1.8.0-openjdk-devel \yum -y install wget \wget https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.79/bin/apache-tomcat-9.0.79.tar.gz \tar -xf apache-tomcat-9.0.79.tar.gz \mv apache-tomcat-9.0.79 /usr/local/tomcat \/usr/local/tomcat/bin/startup.shCMD [/usr/local/tomcat/bin/catalina.sh,run]
[rootdocker ~]# docker build -t harbor.server/library/tomcat:v1.0 .[rootdocker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
harbor.server/library/tomcat v0.1 7d4846b6b9ea 19 seconds ago 539MB
[rootdocker ~]# //上传镜像到私有仓库harbor-server主机
//先登录
[rootdocker ~]# docker login harbor.server
Username: admin
Password: //上传到私有镜像仓库
[rootdocker ~]# docker push harbor.server/library/tomcat:v1.0部署webs主机
//安装docker前面有教程//配置连接私有镜像仓库
[rootwebs ~]# vim /etc/docker/daemon.json
[rootwebs ~]# cat /etc/docker/daemon.json
{insecure-registries: [harbor.server]
}
[rootwebs ~]# //重启docker服务
[rootwebs ~]# systemctl daemon-reload
[rootwebs ~]# systemctl restart docker.service 企业业务代码项目发布流程
1.将代码上传到gitlab主机
这通常是代码开发人员的事情
如何在gitlab创建项目请阅读GitLab版本控制
//从公共代码仓库拉取需要的代码
[rootgitlab ~]# git clone https://gitee.com/forgotten/tomcat-java-demo.git//上传代码到本地代码仓库的操作
[rootgitlab ~]# git config --global user.name root
[rootgitlab ~]# git config --global user.email 12345678qq.com
[rootgitlab ~]# git clone http://192.168.179.13/root/wanf.git
[rootgitlab ~]# mv tomcat-java-demo/* wanf/
mv: overwrite wanf/README.md? y
[rootgitlab ~]# cd wanf/
[rootgitlab wanf]# ls
db deploy.yaml Dockerfile jenkinsfile LICENSE pom.xml README.md src[rootgitlab wanf]#
[rootgitlab wanf]# git add *
[rootgitlab wanf]# git commit -m test
[rootgitlab wanf]# git push --set-upstream origin
Username for http://192.168.179.13: root
Password for http://root192.168.179.13:
Enumerating objects: 849, done.
Counting objects: 100% (849/849), done.
Compressing objects: 100% (754/754), done.
Writing objects: 100% (847/847), 649.86 KiB | 7.30 MiB/s, done.
Total 847 (delta 228), reused 0 (delta 0), pack-reused 0
remote: Resolving deltas: 100% (228/228), done.
To http://192.168.179.13/root/wanf.git3d32c31..58d6311 main - main
Branch main set up to track remote branch main from origin.
[rootgitlab wanf]# 后期开发人员上传的新代码会自动更新在此
2.在Jenkins创建项目并写流水线脚本运行项目
Jenkins使用方法请阅读Jenkins部署与应用
Jenkins流水线脚本如下
pipeline {agent anystages {stage(pull code){steps {sh git clone http://192.168.179.13/root/wanf.git mv /root/.jenkins/workspace/wanf/wanf /root/wanf}}stage(pull images){steps {sh docker pull harbor.server/library/tomcat:v1.0}}stage(make .war pkgs){steps {sh cd /root/wanf mvn clean package -Dmaven.test.skiptrue mv /root/wanf/target/ly-simple-tomcat-0.0.1-SNAPSHOT.war /root/test.war}}stage(vim dockerfile){steps {sh echo FROM harbor.server/library/tomcat:v1.0 /root/dockerfile echo RUN rm -rf /usr/local/tomcat/webapps/ROOT /root/dockerfile echo COPY ./test.war /usr/local/tomcat/webapps/ROOT.war /root/dockerfile echo CMD [/usr/local/tomcat/bin/catalina.sh,run] /root/dockerfile}}stage(make new images){steps {sh cd /root docker build -t harbor.server/library/wanf:v0.1 .}}stage(push images){steps {sh docker login harbor.server -u admin -p 123456 docker push harbor.server/library/wanf:v0.1}}stage(webs pull and run){steps {sh ssh webs docker pull harbor.server/library/wanf:v0.1 ssh webs docker run -d --name test -p 80:8080 -it harbor.server/library/wanf:v0.1}}}
}3.在webs服务器上测试
在浏览器访问webs服务器的IP地址 成功部署
