部署背景:
jenkins: CentOS 7.4C IP:172.16.3.74
gitlab-11.5.3: CentOS 7.4D IP:172.16.4.74
此上部署都是根據我之前的博客配置完成的;
jenkins有三種構建方式:
觸發式構建:用於開發環境部署,開發人員可以push代碼或者合併代碼到gitlab項目的master分支上,jenkins就部署代碼到對應服務器;
參數化構建:用於測試環境或者預上線環境部署,只需要在jenkins的界面傳入對應參數即可執行部署;
定時構建:在參數化基礎上添加,可以每天定時打包;
觸發式構建部署過程:
1.首先,我們需要在jenkins主機上生成root用戶的公鑰和jenkins用戶的公鑰;
因爲jenkins用戶默認沒有bash;所以我們需要給jenkins設定一個bash,用以輸入命令;
[root@master testProject]# grep jenkins /etc/passwd jenkins:x:982:976:Jenkins Automation Server:/var/lib/jenkins:/bin/false [root@master ~]#usermod -s /bin/bash jenkins [root@master testProject]# grep jenkins /etc/passwd jenkins:x:982:976:Jenkins Automation Server:/var/lib/jenkins:/bin/bash
2.生成公鑰:
[root@master ~]# ssh-keygen -t rsa [root@master ~]# cat .ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCq4LhWeHNqq34B7j2uL4Ss4EJWyZkWeNHrgsN/2IkaVPatLEJliDHGnPVnKQEejUmApjRofTzJ6eHryzr/7NYNYVoYY08gpVYer2Tct0EWp7V6IA+8OUrMYZYGXLVEBaj/SsTlp23sPZKYUfshGW4wFMBsTGtSNspsSl2MyBnNbO/VDNZUtkx18UwBocBdOLM0ogaT1Taa+/XOtTYs5tP1LWfZA/Wcbwih+9mZFZD55wsyUgIGEgQd9M88lhbHKzjTU9bVUPBOLwQVdcnsd5o/KduNidwY3+Pd+75hDXwE6o4xh5M0+pd6M+KyDMQLN8ZD51P1+91IDvp2W9uEQDCf [email protected]
[root@master ~]# su - jenkins -bash-4.2$ ssh-keygen -t rsa -bash-4.2$ cat .ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6j4gWxtlwzuwEDBOHmuchiZgNRAdNTLHj+70TJY+lqTKM4YkYHvdD6ZXtmTafrHW5onMzzzdNr3xnsvuGVdxc7hzJ5KZ27bWAo4Ka2IhH2+KXaKxooqcVOsrHdzEOsoOM9fLgLzZgn674NRZky4lZTNxFb9Iu8nu3EgjIa2Juio/DM+IPmipy4u+qHWoJ2RJqVuNh+qiSrpXXnwYLEB28MoHbCZa2otHoIITAekYvTJfIyqfl5NT3IXG4+AaWhQ0sTsEw3qpB4Tgi3FTtVuVXvp0QrvCCN6UKS1/nIcaNU9KFak4bGjv7V7uE2MexWOjacLWuxByuF4/hLca08a0F [email protected]
3.把生成的公鑰文件(.ssh/id_rsa.pub內容)複製到gitlab服務器上:
添加完成之後。
注意:我們需要在jenkins用戶登錄中對root用戶進行免密認證,否則在我們進行觸發式構建的時候,會執行不成功,出現 Host key verification failed錯誤,會讓我們功虧一簣,因爲jenkins默認是jenkins用戶執行我們設置的命令,而我們腳本一旦有ssh root@HOST_IP的時候,那麼jenkins就需要登錄爲root用戶執行後邊的命令,我們就讓jenkins免密登錄root即可解決;
[root@master ~]#登出 Connection to 172.16.3.74 closed. -bash-4.2$ ssh-copy-id -i .ssh/id_rsa.pub [email protected] /bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub" /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. -bash-4.2$
5.找到我們創建的gitlab庫,並下載至jenkins主機上;
下載過程;
[root@master ~]# git config --global user.name ljy [root@master ~]# git config --global user.email [email protected] [root@master ~]# git clone [email protected]:/root/testProject
6.創建觸發式任務;
7.選擇git Repository的URL;
8.設定觸發條件;
9.創建觸發腳本並寫入觸發shell;
[root@master ~]#cd testProject/ [root@master testProject]#cat jenkins_trigger.sh #!/bin/bash # echo "test successful" [root@master testProject]#chmod +x jenkins_trigger.sh
10.進入jenkins à 全局安全設置;
把此選項的取消勾選,否則jenkins認爲gitlab請求不合法;
11(可選).我們可以設置一個API token;
輸入名稱,會輸出一個token,我們需要把token複製下來;
12.進入gitlab服務器,添加一個webhooks;
URL格式:
http://name:token@JENKINS_HOST_IP/job/JOB_NAME/build?token=BUILD_TOKEN
比如我設置的:
http://ljy:[email protected]:8080/job/fastjson/build?token=hehe
注意:如果我們是gitlab-10.6以後的版本,我們會無法創建,出現一個requests to the local network are not allowed的紅色報警信息,這時我們需要允許gitlab訪問本地網絡,默認不允許訪問本地網絡;
13.我們對設置好的webhooks進行Test;
14.出現一個HTTP 201的返回值即證明成功;
15.進入jenkins查看是否成功;
返回值爲SUCCESS即爲成功;
參數化構建就相對簡單一點;
1.依舊是創建一個任務;
2. 任務內容:
創建一個參數腳本;
[root@master ~]#cd testProject/
[root@master testProject]#vim jenkins_paramter.sh
[root@master testProject]#cat jenkins_paramter.sh
#!/bin/bash
#
git_pro(){
echo "pull $1 code"
}
git_pro $1
[root@master testProject]#
[root@master testProject]#chmod +x jenkins_paramter.sh
[root@master testProject]#
3.保存以後,開始執行此任務;
顯示SUCCESS即爲成功;
定時構建;
1.定時構建依據在參數化基礎之上,選擇一個臨近的時間;
2.可以用參數化構建的腳本;也可以新建一個腳本;
3.測試;
4.顯示SUCCESS即爲成功;
至此:三種構建方式已經部署完畢;作爲公司常用工具,這個技能還是很必要的;