Jenkins企业应用
Posted wsnbba
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Jenkins企业应用相关的知识,希望对你有一定的参考价值。
一,CI/CD,DevOps介绍
持续集成(Continuous Integration,CI):
代码合并,构建,部署,测试都在一起,不断地执行这个过程,并对结果反馈
持续交付(Continuous Delivery,CD):
部署到生产环境,给用户使用
持续部署(Continuous Deployment,CD):
部署到生产环境
二,部署Git版远程仓库
2.1 系统环境要求
主机名 |
IP地址 |
备注 |
Git |
10.1.1.135 |
Git服务器 |
Jenkins |
10.1.1.134 |
Jenkins服务器 |
[[email protected] ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
[[email protected] ~]# uname -r
3.10.0-862.el7.x86_64
[[email protected] ~]# systemctl stop firewalld
[[email protected] ~]# systemctl disable firewalld
[[email protected] ~]# systemctl stop NetworkManager
[[email protected] ~]# systemctl disable NetworkManager
2.2 部署Git版远程仓库
在Git服务器上进行如下操作
安装Git
[[email protected] ~]# yum -y install git
创建Git账户
[[email protected] ~]# useradd git
[[email protected] ~]# passwd git
Changing password for user git.
New password:
BAD PASSWORD: The password is a palindrome
Retype new password:
passwd: all authentication tokens updated successfully.
[[email protected]li ~]# su - git
创建Git远程仓库
[[email protected] ~]$ mkdir repos #创建Git仓库目录
[[email protected] ~]$ cd repos/
[[email protected] repos]$ mkdir app.git #创建app的项目目录
[[email protected] repos]$ pwd
/home/git/repos
[[email protected] repos]$ cd app.git/
[[email protected] app.git]$ pwd
/home/git/repos/app.git
[[email protected] app.git]$ export LANG=zh_CN.UTF8
[[email protected] app.git]$ git --bare init #--bare创建一个裸仓库(只用作远程推送仓库不支持本地git命令)
初始化空的 Git 版本库于 /home/git/repos/app.git/
[[email protected] app.git]$ ls
branches config description HEAD hooks info objects refs
说明:
使用”git init –bare”方法创建一个所谓的裸仓库,之所以叫裸仓库是因为这个仓库只保存git历史提交的版本信息,而不允许用户在上面进行各种git操作,如果你硬要操作的话,只会得到下面的错误(”This operation must be run in a work tree”)
[[email protected] app.git]$ git status
fatal: This operation must be run in a work tree
2.3 在Jenkins服务器进行git代码远程推送测试
在Jenkins服务器上进行如下操作
安装Git
[[email protected] ~]# yum -y install git
创建一个目录,尝试git clone远程Git服务器仓库的代码
[[email protected] ~]# mkdir /test
[[email protected] ~]# cd /test
[[email protected] test]# git clone [email protected]:/home/git/repos/app.git
正克隆到 ‘app‘...
Warning: Permanently added ‘10.1.1.135‘ (ECDSA) to the list of known hosts.
[email protected]‘s password: #输入远程服务器git用户的密码
warning: 您似乎克隆了一个空版本库。
[[email protected] test]# ls
app
[[email protected] test]# ls app/
[[email protected] test]#
进行代码提交测试
[[email protected] test]# cd app/
[[email protected] app]# touch test
[[email protected] app]# echo "nihao" >> test
[[email protected] app]# cat test
nihao
配置git全局配置
[[email protected] app]# git config --global user.email "[email protected]"
[[email protected] app]# git config --global user.name "wwl"
进行代码提交测试
[[email protected] app]# git add * #将文件添加到本地暂存区
[[email protected] app]# git commit -m ‘测试提交‘
[master(根提交) b332f94] 测试提交
1 file changed, 1 insertion(+)
create mode 100644 test
查看远程仓库
[[email protected] app]# git remote -v
origin [email protected]:/home/git/repos/app.git (fetch)
origin [email protected]:/home/git/repos/app.git (push)
将代码推送到远程仓库的master分支
[[email protected] app]# git push -u origin master
[email protected]‘s password:
Counting objects: 3, done.
Writing objects: 100% (3/3), 218 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To [email protected]:/home/git/repos/app.git
* [new branch] master -> master
分支 master 设置为跟踪来自 origin 的远程分支 master。
查看分支情况
[[email protected] app]# git branch -a
* master #本地当前所处分支
remotes/origin/master #远程仓库已有分支
2.4 在Jenkins服务器进行SSH免密钥操作
[[email protected] ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:y52N6b4BwLMDfluJQjw/oZFXX5tJxSHBdwsls7txtzs [email protected]
The key‘s randomart image is:
+---[RSA 2048]----+
| . .=*+o |
| . o . . o.** .|
| B * . +o...|
| o B * . .. |
| + B S o ..|
| o * + = + o|
| . o * .. . |
| . . E.|
| .+. ..|
+----[SHA256]-----+
进行公钥分发
[[email protected] ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_
rsa.pub"/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filt
er out any that are already installed/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are pro
mpted now it is to install the new [email protected]‘s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh ‘[email protected]‘"
and check to make sure that only the key(s) you wanted were added.
测试免密钥的git推送测试
[[email protected] ~]# cd /test/app/
[[email protected] app]# ls
test
[[email protected] app]# echo "kakakakaka" >> test
[[email protected] app]# tail -1 test
kakakakaka
[[email protected] app]# git add *
[[email protected] app]# git commit -m ‘免秘钥推送测试‘
[master a2d4e32] 免秘钥推送测试
1 file changed, 1 insertion(+)
[[email protected] app]# git push -u origin master
Counting objects: 5, done.
Writing objects: 100% (3/3), 268 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To [email protected]:/home/git/repos/app.git
b332f94..a2d4e32 master -> master
分支 master 设置为跟踪来自 origin 的远程分支 master。
三,Jenkins的企业应用管理
jenkins官网:https://jenkins.io/
redhat版jenkins官方页面:https://pkg.jenkins.io/redhat-stable/
3.1 Jenkins的安装与基础配置
安装Jenkins的三种方法 :利用Yum源安装,下载jenkins的rpm包安装,jenkins的war包安装
用Yum来安装Jenkins
[[email protected] app]# wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins
.io/redhat-stable/jenkins.repo 下载Jenkins的yum源文件
[[email protected] app]# rpm --import https://pkg.jenkins.io/redhat-stable/jenkins
.io.key 导入jenkins的rpm证书
利用Yum安装最新版本jenkins
[[email protected] app]# yum -y install jenkins
查看jenkins安装路径
[[email protected] app]# rpm -ql jenkins
/etc/init.d/jenkins
/etc/logrotate.d/jenkins
/etc/sysconfig/jenkins #jenkins配置文件
/usr/lib/jenkins
/usr/lib/jenkins/jenkins.war
/usr/sbin/rcjenkins
/var/cache/jenkins
/var/lib/jenkins
/var/log/jenkins
下载jenkins的rpm包安装
[[email protected] ~]# yum -y localinstall jenkins-2.138.1-1.1.noarch.rpm
3.1.2 安装和配置jdk环境
由于jenkins是java开发的所以需要jdk支持
解压安装jdk
[[email protected] ~]# tar xf jdk-8u171-linux-x64.tar.gz -C /usr/local/
[[email protected] ~]# cd /usr/local/
[[email protected] local]# ls
bin games jdk1.8.0_171 lib64 sbin src
etc include lib libexec share
[[email protected] local]# mv jdk1.8.0_171 jdk
[[email protected] local]# /usr/local/jdk/bin/java -version
java version "1.8.0_171"
Java(TM) SE Runtime Environment (build 1.8.0_171-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.171-b11, mixed mode)
配置java环境
[[email protected] ~]# vim /etc/profile
[[email protected] ~]# tail -3 /etc/profile
export JAVA_HOME=/usr/local/jdk/
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar
[[email protected] ~]# source /etc/profile
[[email protected] ~]# java -version
java version "1.8.0_171"
Java(TM) SE Runtime Environment (build 1.8.0_171-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.171-b11, mixed mode)
3.1.3 安装和配置maven环境
解压安装maven
[[email protected] ~]# ll apache-maven-3.5.0-bin.tar.gz
-rw-r--r--. 1 root root 8534562 12月 29 09:51 apache-maven-3.5.0-bin.tar.gz
[[email protected] ~]# tar xf apache-maven-3.5.0-bin.tar.gz -C /usr/local/
[[email protected] ~]# cd /usr/local/
[[email protected] local]# ls
apache-maven-3.5.0 etc include lib libexec share
bin games jdk lib64 sbin src
[[email protected] local]# mv apache-maven-3.5.0 maven
配置maven环境变量
[[email protected] local]# vim /etc/profile
[[email protected] local]# tail -2 /etc/profile
MAVEN_HOME=/usr/local/maven
export PATH=${MAVEN_HOME}/bin:$PATH
[[email protected] local]# source /etc/profile
[[email protected] local]# mvn -v
Apache Maven 3.5.0 (ff8f5e7444045639af65f6095c62210b5713f426; 2017-04-04T03:3
9:06+08:00)Maven home: /usr/local/maven
Java version: 1.8.0_171, vendor: Oracle Corporation
Java home: /usr/local/jdk/jre
Default locale: zh_CN, platform encoding: UTF-8
OS name: "linux", version: "3.10.0-862.el7.x86_64", arch: "amd64", family: "u
nix"
启动jenkins
启动jenkins,报错
[[email protected] local]# systemctl start jenkins
Job for jenkins.service failed because the control process exited with error
code. See "systemctl status jenkins.service" and "journalctl -xe" for details.
[[email protected] local]# systemctl status jenkins
● jenkins.service - LSB: Jenkins Automation Server
Loaded: loaded (/etc/rc.d/init.d/jenkins; bad; vendor preset: disabled)
Active: failed (Result: exit-code) since 六 2018-12-29 09:55:54 CST; 3min 0s ago
Docs: man:systemd-sysv-generator(8)
Process: 10761 ExecStart=/etc/rc.d/init.d/jenkins start (code=exited, status=1/FAILURE)
12月 29 09:55:54 Jenkins systemd[1]: Starting LSB: Jenkins Automation Server...
12月 29 09:55:54 Jenkins runuser[10766]: pam_unix(runuser:session): session opened fo...0)
12月 29 09:55:54 Jenkins jenkins[10761]: Starting Jenkins bash: /usr/bin/java: No suc...ry没有那个文件或目录 #原来是找不到java命令
12月 29 09:55:54 Jenkins jenkins[10761]: [FAILED]
12月 29 09:55:54 Jenkins systemd[1]: jenkins.service: control process exited, code=e...s=1
12月 29 09:55:54 Jenkins systemd[1]: Failed to start LSB: Jenkins Automation Server.
12月 29 09:55:54 Jenkins systemd[1]: Unit jenkins.service entered failed state.
12月 29 09:55:54 Jenkins systemd[1]: jenkins.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
做一个java命令的软连接
[[email protected] local]# ln -s /usr/local/jdk/bin/java /usr/bin/
再次启动jenkins
[[email protected] ~]# systemctl start jenkins
[[email protected] ~]# systemctl status jenkins #正常启动
● jenkins.service - LSB: Jenkins Automation Server
Loaded: loaded (/etc/rc.d/init.d/jenkins; bad; vendor preset: disable
d) Active: active (running) since 六 2018-12-29 10:01:29 CST; 59s ago
Docs: man:systemd-sysv-generator(8)
Process: 10820 ExecStart=/etc/rc.d/init.d/jenkins start (code=exited,
status=0/SUCCESS) CGroup: /system.slice/jenkins.service
└─10839 /usr/bin/java -Dcom.sun.akuma.Daemon=daemonized -D...
12月 29 10:01:28 Jenkins systemd[1]: Starting LSB: Jenkins Automati....
12月 29 10:01:28 Jenkins runuser[10825]: pam_unix(runuser:session): ...
12月 29 10:01:29 Jenkins jenkins[10820]: Starting Jenkins [ OK ]
12月 29 10:01:29 Jenkins systemd[1]: Started LSB: Jenkins Automatio....
Hint: Some lines were ellipsized, use -l to show in full.
查看jenkins监听端口8080
[[email protected] ~]# netstat -antup | grep 8080
tcp6 0 0 :::8080 :::* LIST
EN 10839/java
添加开机自启动
[[email protected] ~]# systemctl enable jenkins
jenkins.service is not a native service, redirecting to /sbin/chkconfig.
Executing /sbin/chkconfig jenkins on
用浏览器访问IP:8080
初始化jenkins
查看jenkins解锁密码,并复制到jenkins的web界面,解锁jenkins
[[email protected] ~]# cat /var/lib/jenkins/secrets/initialAdminPassword
7ec7b36951814f89ad49e0ac095e7bb9
常用的系统模块介绍
系统管理--->全局工具配置介绍
- Maven配置: 配置maven的settings.xml配置文件的位置路径(不修改为默认路径)。
- 配置JDK: 配置java命令的执行路径;JDK是java语言的软件开发工具包。
- 配置Git: 配置Git的命令执行路径;Git是分布式版本控制软件。
- 配置Gradle: 配置Gradle的执行路径;Gradle是面向java的自动化构建开源工具,同maven。
- 配置Ant: 配置Ant的执行路径;Ant是面向java的自动化构建开源工具,同maven。
- 配置Maven:配置maven的命令执行路径;maven是面向java的自动化构建开源工具。
- 配置Docker: 配置Docker的命令执行路径;Docker是最近大热的容器级虚拟化产品。
全局工具配置----> 配置JDK
全局工具配置----> 配置Git
全局工具配置----> 配置maven
- Apache Maven是一种创新的软件项目管理工具,提供了一个项目对象模型(POM)文件的新概念来管理项目的构建,相关性和文档。最强大的功能就是能够自动下载项目依赖的库文件。
- 在开发中,为了保证编译通过,开发会到处去寻找项目依赖的jar包(类似rpm安装软件时需要的一堆依赖包)
- 因此,就要用到Maven(Ant和gradle也是干这个的)
- Maven其实就类似Linux的Yum仓库,可以自动帮我们下载(公网源)和安装java项目所依赖的支持包。
用户权限管理
在一个成熟的企业应用环境中,jenkins是需要通过权限来控制角色功能使用的
开发人员利用jenkins====>生产环境项目代码版本发布(A/B测试等)
测试人员利用jenkins====>测试环境自动化部署
运维人员利用jenkins====>生产环境项目代码版本回滚
安装插件Role-based Authorization Strategy
全局安全配置--->授权策略--->Role-Based Strategy
3.2.3 注册两个用户(开发和测试)
由于开启了Role-Based Strategy,此时用户没有任何权限
3.2.4 系统管理--->Manage and Assign Roles
- Manage Roles:权限管理
- Assign Roles:授权管理
(1)进入权限管理
- Golbal roles:全局权限管理
- jenkins的整体权限分配,至少要开读的权限
- Project roles:项目权限管理
- 正则匹配具体的项目,分配管理权限
(2)进入授权管理
- Global roles:全局权限授权
- Item roles:项目权限授
(3)创建两个项目分别以A-和B-开头
(4)登陆用户user1和user2进行权限登陆测试
添加视图
3.3 参数化构建
3.3.1 什么是参数化构建?
参数化构建就是在执行自动构建之前可以对构建过程手动传入外部参数,从而改变构建的过程。
(1)配置一个构建脚本,然后执行
(2)添加参数化构建功能
(3)执行参数构建
当然,我们在构建的时候也可以修改参数的默认值
3.3.2 安装插件Extended Choice Parameter
- Extended Choice Parameter
- 作用就是在参数化构建时可以出现一个下拉框让用户直接选择多个值
3.4 Git参数化构建插件
Git Parameter插件可以直接获取Git仓库的branch,tag等信息
3.4.1 安装插件Git Parameter
3.4.2 添加远程Git仓库的密钥管理
由于我们之前用jenkins的root账户已经做过免密钥连接git了
因此,我们创建SSH的密钥管理
[[email protected] ~]# cd ~/.ssh
[[email protected] .ssh]# ls
id_rsa id_rsa.pub known_hosts
[[email protected] .ssh]# cat id_rsa
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAs9HDwUbfAWm5paenddXXHfrCjxTH005WlNSSRo6DdDjqEmk0
Mi218ImnVFR/rorQOc53UY8DyCVldh9rO+xm+/9h2IHuHgiMwFUYV0tNXnQzuaEi
LscD7y4iB4liGRpJf29z5VEAi4VNIvSgc3CxKz5bDnwyXBYJNffOGrA42dueSLGw
Vhqkrpx6tkzUe42OpOjGnbzUhzeAETumpX0UX1lu8CpIk/ufo1O/DczhKlI7i8Qb
cS5/o1T55o4fc9bwzGH58PbfX6AYN4Rzjd2BvOL9reKKzCJvmU2PZfUAh+AIXE/z
4ndBmenmpwFD/nxDbkRiN88q2OJ1NTKGlqjRFQIDAQABAoIBACAT3HLfHKsY3ChD
9yibJAvSDuENWPRF9kYIgauagrK58G+mWsxUwS8Or03o4PoXAzw8q6Zd99O9cBMZ
WbzP2DM+BItl6j9rUQiCZZw077FY011a9EkZ8Ya6WRG1HU3TFadpD2iqAYniFreU
ogbV5JUNQ5sa5rTsrWn2McsrAolCSkTgVfrppZ4x2mBa1GGfVg6F+1yigZdABgw5
ZOhWXU2LgY0BPY/4s1m0w5EhsAxdNR1Rm7RGbso70LFtMg9VRQ+T6G6VWco/H0xy
vlcPGlYEQtJMK6wtHmJG/BDnAe/WRfd0q44pjKoI3L4Dm1X3Hs5fi3TF88RSwHLT
E8eS5CECgYEA7vQ/oRhLl9Ylqp1X40+ejy8N1GJT5jb4fX/TVCZkzmjpqzRlXxCj
317FnsQrJeOxVqkBb5r3N5juywPbERmZrXvWQOcUeEeY0c3aIp0lBUYSWpIRN7OA
QHo80BlpufpCV2Ek0Ha1h8ZVdQ35xoaMnNGvibmh3HYoy1ky1it47O0CgYEAwKWa
7D6KIMwgLNPYQzXhj18rPucK/K7wIT2TTbT0uFsDuMYQwGhLQznYTsyuS+11Ig4U
QnhW9xgSVyYwYokdLMkn+x0SMjL2wKyVCWgSkAQEUWuAb+IobGcklB7G/iSBQE3c
OH1cGtcSZrezFzfPqf6x7cq4eQ6mjWFiiqzzl8kCgYBmP1d2zFmUWAr4DanM14Xm
iODnD0gNS1pbATZhXKhn9lZ+bsYtvoYQj5IKVLCN3vdEOL8njWzZenQ7pKO5lnW+
2S2dygNlUGWg6O+9PfbYYdp6rOP3LLTlYijhdu5ZqS94ClZhaVpWBdUNaHSHsY07
kTIGwcrz9g+Qq9Nn92QgJQKBgQCbg9R5i87jxQTgSy+UqiVpINF/WPIEo5ATtWp5
W3AGduqdOb8CI+9F2KdmjVLS1mEtWaI/Ongxxkvf8GM02C0mH0jYLVKoFX4ecfNq
AYqimauGsrqfFzm8sNLVg7buKDfy2ifBrmkw/ZfMNdUsFBDe0U1/gZvDlfEbxpbP
DekjCQKBgErDnSo5qu36ev7Q9NHCJPsSHNverJ8RNBMZ9p1RxwNsInQd/9aTbGe3
0+2bq3TL9nolTHOnzj0bYdGpOOpTU3JcFOaweF0ckFEm1pZ9HtySuyvkfoX86n2m
E8MCJu75YT9zrRR+UD61eC72H4tFaI+LLDKiad5DzXCGUl0sCRzJ
-----END RSA PRIVATE KEY-----
将私钥的内容复制一下
3.4.3 进行Git参数化构建
(1)配置Git Parameter插件
(2)配置Git远程仓库
[[email protected] .ssh]# cd /test/
[[email protected] test]# cd app/
[[email protected] app]# ls
test
[[email protected] app]# git branch dev
[[email protected] app]# git checkout dev
Switched to branch ‘dev‘
[[email protected] app]# git branch
* dev
master
[[email protected] app]# echo "dev" >> test
[[email protected] app]# git add *
[[email protected] app]# git commit -m "111"
[dev 6370db7] 111
1 file changed, 1 insertion(+)
[[email protected] app]# git push origin dev
Counting objects: 5, done.
Writing objects: 100% (3/3), 245 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To [email protected]:/home/git/repos/app.git
* [new branch] dev -> dev
[[email protected] app]# git branch test
[[email protected] app]# git checkout test
Switched to branch ‘test‘
[[email protected] app]# git branch
dev
master
* test
[[email protected] app]# echo "ll" >> test
[[email protected] app]# git add *
[[email protected] app]# git commit -m "111"
[test d7dcd17] 111
1 file changed, 1 insertion(+)
[[email protected] app]# git push origin test
Counting objects: 5, done.
Writing objects: 100% (3/3), 249 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To [email protected]:/home/git/repos/app.git
* [new branch] test -> test
以上是关于Jenkins企业应用的主要内容,如果未能解决你的问题,请参考以下文章