===============================================
2021/1/14_第2次修改 ccb_warlock
更新說明:
2021/1/14:
1.修改jenkinsfile腳本,ssh命令中增加取消檢查主機密鑰的參數“-o StrictHostKeyChecking=no”;
===============================================
最近根據領導的要求,要改用jenkins的流水線來部署項目,同時要求部署的修改可以通過在jenkins上進行操作來實現。
由於其他項目使用流水線的方案和我們項目的差異較大(1.我們的jenkins使用docker運行;2.我們的項目編譯構建不是在jenkins服務器而是在開發服務器上),經過摸索試驗,最終實現了一個可行的版本供參考。
PS.通過"構建一個自由風格的軟件項目",請參考:https://www.cnblogs.com/straycats/p/14065719.html
本篇就依據上次持續發布的文章(https://www.cnblogs.com/straycats/p/14065719.html)進行改寫,如果只想了解流水線如何部署可以直接看這篇文章。
可以選擇一些免費的鏡像倉庫(dockerhub、阿里雲等等)用於存放構建的鏡像。如果需要搭私有倉庫可以選擇搭建harbor(https://www.cnblogs.com/straycats/p/8850693.html)
這里選擇了阿里雲(registry.cn-beijing.aliyuncs.com)作為鏡像倉庫
sudo yum install -y git
2.3 安裝.net core
centos7上部署參考https://docs.microsoft.com/zh-cn/dotnet/core/install/linux-centos
2.4 創建rsa證書
因為我拉取git常用ssh,故需要在builder服務器上創建rsa證書,通過公鑰拉源碼。
sudo ssh-keygen -t rsa
接着將公鑰(/root/.ssh/id_rsa.pub)的內容貼到git賬號中。
這里將dev分支的源碼拷貝到目錄/opt/src下。
sudo mkdir -p /opt/src cd /opt/src sudo git clone -b dev <git項目地址>
三、部署jenkins服務器
3.1 部署jenkins服務器
參考:https://www.cnblogs.com/straycats/p/14033405.html
sudo ssh-keygen -t rsa cd /root/.ssh sudo cp id_rsa.pub id_rsa.pub.jenkins
這樣,在/root/.ssh下生成id_rsa(私鑰) 和 id_rsa.pub (公鑰)兩個文件。
sudo mkdir -p /root/.ssh sudo touch /root/.ssh/authorized_keys
cd /root/.ssh sudo cat id_rsa.pub.jenkins >> /root/.ssh/authorized_keys
3.4 添加憑據
1)"系統管理" - "Manage Credentials",進入憑據管理界面,點擊“全局”旁邊的箭頭,點擊“添加憑據”。
2)由於使用ssh密鑰對,故"類型"選擇"SSH Username with private key",填寫ID、Username,選中"Enter directly",填入私鑰(id_rsa)的內容,點擊"確定"。
3.5 創建jenkins任務
1)點擊“新建任務”
2)選擇"Pipeline script",填寫jenkinsfile腳本,點擊“保存”。
pipeline { agent any stages { stage('1.Prepare & Upload script') { steps { echo "=== Begin 1.Prepare & Upload script ===========" sh ''' pwd tee ./gitclone.sh <<-'EOF' #!/bin/bash source_dir="/opt/src/abc" cd $source_dir sudo git checkout dev sudo git pull EOF tee ./build_src.sh <<-'EOF' #!/bin/bash source_dir="/opt/src/abc" publish_dir="/opt/publish/abc" sudo rm -rf $publish_dir"/published" sudo mkdir -p $publish_dir"/published" cd $source_dir sudo dotnet publish -o $publish_dir"/published" EOF tee ./build_images.sh <<-'EOF' #!/bin/bash source_dir="/opt/src/abc" publish_dir="/opt/publish/abc" sudo yes| cp -rf $source_dir"/Server/Dockerfile" $publish_dir cd $publish_dir sudo docker build --rm -t registry.cn-beijing.aliyuncs.com/abc/abc:latest . sudo docker push registry.cn-beijing.aliyuncs.com/abc/abc:latest EOF tee ./abc-stack.yml <<-'EOF' version: '3.7' services: abc: image: registry.cn-beijing.aliyuncs.com/abc/abc:latest environment: - TZ=Asia/Shanghai - ASPNETCORE_ENVIRONMENT=Production deploy: replicas: 1 restart_policy: condition: any #on-failure resources: limits: cpus: "2" memory: 2048M update_config: parallelism: 1 delay: 5s max_failure_ratio: 0.1 order: start-first ports: - 35000:5000 networks: - swarm-net networks: swarm-net: external: true EOF tee ./deploy.sh <<-'EOF' #!/bin/bash cd /opt/docker/compose/abc sudo docker stack rm abc-stack sudo docker stack deploy -c abc-stack.yml abc-stack EOF ''' withCredentials([sshUserPrivateKey(credentialsId: 'mypk', keyFileVariable: 'keyfile', passphraseVariable: '', usernameVariable: 'user')]) { sh "scp -o StrictHostKeyChecking=no -i ${keyfile} *.sh ${user}@192.168.1.1:/opt/jenkinsfiles/" sh "scp -o StrictHostKeyChecking=no -i ${keyfile} abc-stack.yml ${user}@192.168.1.1:/opt/docker/compose/abc/" } echo "=== End 1.Prepare & Upload script ===========" } } stage('2.Git clone') { steps { echo "=== Begin 2.Git clone ===========" withCredentials([sshUserPrivateKey(credentialsId: 'mypk', keyFileVariable: 'keyfile', passphraseVariable: '', usernameVariable: 'user')]) { sh 'ssh -o StrictHostKeyChecking=no -i ${keyfile} ${user}@192.168.1.1 "cd /opt/jenkinsfiles/; sh ./gitclone.sh"' } echo "=== End 2.Git clone ===========" } } stage('3.Build src') { steps { echo "=== Begin 3.Build src ===========" withCredentials([sshUserPrivateKey(credentialsId: 'mypk', keyFileVariable: 'keyfile', passphraseVariable: '', usernameVariable: 'user')]) { sh 'ssh -o StrictHostKeyChecking=no -i ${keyfile} ${user}@192.168.1.1 "cd /opt/jenkinsfiles/; sh ./build_src.sh"' } echo "=== End 3.Build src ===========" } } stage('4.Build images') { steps { echo "=== Begin 4.Build images ===========" withCredentials([sshUserPrivateKey(credentialsId: 'mypk', keyFileVariable: 'keyfile', passphraseVariable: '', usernameVariable: 'user')]) { sh 'ssh -o StrictHostKeyChecking=no -i ${keyfile} ${user}@192.168.1.1 "cd /opt/jenkinsfiles/; sh ./build_images.sh"' } echo "=== End 4.Build images ===========" } } stage('5.Deploy') { steps { echo "=== Begin 5.Deploy ===========" withCredentials([sshUserPrivateKey(credentialsId: 'mypk', keyFileVariable: 'keyfile', passphraseVariable: '', usernameVariable: 'user')]) { sh 'ssh -o StrictHostKeyChecking=no -i ${keyfile} ${user}@192.168.1.1 "cd /opt/jenkinsfiles/; sh ./deploy.sh"' } echo "=== End 5.Deploy ===========" } } } }
3.6 執行任務
1)點擊任務進入任務界面。
2)點擊“立即構建”,該任務就會執行一次。
