gitlab + jenkins + salt持续集成
目的:
主要是了解持续集成方面的知识,分析gitlab的对于svn的优势,了解gitlab和jenkins的原理,再配合脚本和salt做一个简易的持续集成。环境
我使用三台机器做测试: 三台机器系统都是centos7,selinux disabled,iptables disabled 192.168.46.66 jenkins salt-master 192.168.46.82 gitlab 192.168.46.105 nginx salt-minion该测试大致过程
通过提交代码到gitlab触发jenkins构建,jenkins调用脚本打包程序,通过salt分发包,并通过salt部署包
1.1 安装jenkins安装
官网安装文档:https://wiki.jenkins-ci.org/display/JENKINS/Installing+Jenkins#InstallingJenkins-Unix%2FLinuxInstallation 我装的稳定版本: 1.1.1 添加Jenkins的源(repository): wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key yum install jenkins 1.1.2 安装/检查JDK [root@localhost jenkins]# yum install java -y [root@localhost jenkins]# java -version openjdk version "1.8.0_71" OpenJDK Runtime Environment (build 1.8.0_71-b15) OpenJDK 64-Bit Server VM (build 25.71-b15, mixed mode) 1.1.3 安装Jenkins: [root@localhost jenkins]#yum install jenkins 遇到错误 Delta RPMs disabled because /usr/bin/applydeltarpm not installed. jenkins-1.653-1.1.noarch.rpm FAILED http://pkg.jenkins-ci.org/redhat-stable/jenkins-1.653-1.1.noarch.rpm: [Errno 14] HTTP Error 404 - Not Found ] 0.0 B/s | 0 B --:--:-- ETA Trying other mirror. [root@localhost ~]# yum install -y deltarpm 继续安装jenkins [root@localhost jenkins]#yum install jenkins 如果有防火墙 firewall-cmd --zone=public --add-port=8080/tcp --permanent firewall-cmd --zone=public --add-service=http --permanent firewall-cmd --reload firewall-cmd --list-all /usr/lib/jenkins/:jenkins安装目录,WAR包会放在这里。 /etc/sysconfig/jenkins:jenkins配置文件,“端口”,“JENKINS_HOME”等都可以在这里配置 /var/lib/jenkins/:默认的JENKINS_HOME。 /var/log/jenkins/jenkins.log:Jenkins日志文件。 启动Jenkins [root@localhost jenkins]# /sbin/chkconfig jenkins on [root@localhost jenkins]# systemctl start jenkins 1.1.4 安装salt-master 1.1.4.1 导入key rpm --import https://repo.saltstack.com/yum/redhat/7/x86_64/latest/SALTSTACK-GPG-KEY.pub 1.1.4.2 编辑源/etc/yum.repos.d/saltstack.repo [saltstack-repo] name=SaltStack repo for RHEL/CentOS $releasever baseurl=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest enabled=1 gpgcheck=1 gpgkey=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest/SALTSTACK-GPG-KEY.pub 1.1.4.3 安装master yum install salt-master -y 1.1.4.4 启动 systemctl enable salt-master systemctl start salt-master访问 192.168.46.66:8080 [attach]991[/attach] 1.2 gitlab安装
官网安装文档:https://www.elastic.co/guide/index.html
1.2.1 安装相关软件
yum install curl policycoreutils openssh-server openssh-clients
systemctl enable sshd
systemctl start sshd
yum install postfix
systemctl enable postfix
systemctl start postfix
firewall-cmd --permanent --add-service=http
systemctl reload firewalld
1.2.2 下载安装gitlab包
curl -LJO https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-8.5.5-ce.0.el7.x86_64.rpm/download
rpm -i gitlab-ce-8.5.5-ce.0.el7.x86_64.rpm
1.2.3 配置启动gitlab
gitlab-ctl reconfigure
gitlab-ctl --help 查看帮助
[root@localhost ~]# gitlab-ctl service-list
gitlab-workhorse*
logrotate*
nginx*
postgresql*
redis*
sidekiq*
unicorn*
1.2.4 登陆 192.168.46.82
Username: root
Password: 5iveL!fe
第一次登陆会让你修改密码
[attach]992[/attach]
1.3 nginx安装1.3.1 安装nginx
yum install -y nginx
启动nginx
nginx
1.3.2 安装salt-minion
1.3.2.1 导入key
rpm --import https://repo.saltstack.com/yum/redhat/7/x86_64/latest/SALTSTACK-GPG-KEY.pub
1.3.2.2 编辑源/etc/yum.repos.d/saltstack.repo
[saltstack-repo]
name=SaltStack repo for RHEL/CentOS $releasever
baseurl=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest
enabled=1
gpgcheck=1
gpgkey=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest/SALTSTACK-GPG-KEY.pub
1.3.2.3 安装master
yum install salt-master -y
1.3.2.4 启动
systemctl enable salt-minion
systemctl start salt-minion
2.1 配置46.105 nginx配置
2.1.1 配置nginx 我的代码会发布到/usr/share/nginx/html/demo目录中 [root@nginx ~]# vim /etc/nginx/nginx.conf server { listen 80 default_server; listen [::]:80 default_server; server_name _; root /usr/share/nginx/html/demo; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } 重启nginx nginx -s reload 2.1.2 配置salt-minion [root@nginx ~]# vim /etc/salt/minion master: 192.168.46.66 id: nginx 重启minion systemctl restart salt-minion 在46.66 salt-master 加入nginx salt-key -a nginx2.2 配置46.82 gitlab
2.2.1 创建一个demo项目[attach]993[/attach]
2.2.2 在46.66上创建ssh key 把公钥拷贝过来,私钥会拷到jenkins上,就可以无密码通信了[attach]994[/attach]
2.2.3 配置gitlab的web hooks 当有push时会触发jenkins构建 url为: http://192.168.46.66:8080/git/notifyCommit?url=git@192.168.46.82:root/demo.git /git/notifyCommit?url=前为jenkins的地址和端口 /git/notifyCommit?url=后为git项目地址 2.2.4 配置salt master vim /etc/salt/master file_roots: base: - /srv/salt 重启salt-master systemctl restart salt-master[attach]995[/attach] 2.2 配置46.66 jenkins
2.2.1 配置jenkins 系统设置[attach]996[/attach] [attach]997[/attach] 创建项目 [attach]998[/attach] 添加私钥 [attach]999[/attach] [attach]1000[/attach] [attach]1001[/attach]
脚本放在/project [root@jenkins01 project]# ls code config deploy.sh package code 代码目录 config 配置文件目录 package 代码打包后存放目录 deploy.sh jenkins构建时调用脚本 [root@jenkins01 project]# cat deploy.sh #!/usr/bin/bash ###########[size=16]#[/size] #author:CM #mail:kakaximeng@163.com #########[size=16]#[/size] [size=16]提前建立相应的目录[/size] LOCK_FILE="/project/lock" CODE_PATH="/project/code" DEMO_PATH="/project/code/demo" PACKAGE_PATH="/srv/salt/package" SALT_PACKAGE_PATH="package" CONFIG_PATH="/project/config" LOG_FILE="/project/deploy.log" DEST_PROJECT="/project" CTIME=$(date "+%Y-%m-%d-%H-%M") Usage(){ echo "Usage: $0 ( deploy | list | rollback edition)" } Lock_judge(){ if [ -f $LOCK_FILE ];then echo "warnning !!! someone else must deploy new version or rollback old version! please wait." exit 2 else touch -f $LOCK_FILE fi } Delete_lock_file(){ if [ -f $LOCK_FILE ];then rm -f $LOCK_FILE fi } Deploy_code(){ Lock_judge tag=$? echo $tag if [ $tag == 0 ];then cd $DEMO_PATH git pull Commit=$(git log|head -n 1|cut -d ' ' -f 2) Com_ID=$(echo ${Commit:0:6}) cp -r $DEMO_PATH ${PACKAGE_PATH}/demo_${Com_ID}_${CTIME} cp -r ${CONFIG_PATH}/* ${PACKAGE_PATH}/demo_${Com_ID}_${CTIME}/ cd $PACKAGE_PATH tar -zcf demo_${Com_ID}_${CTIME}.tar.gz demo_${Com_ID}_${CTIME} salt "nginx" cp.get_file salt://${SALT_PACKAGE_PATH}/demo_${Com_ID}_${CTIME}.tar.gz ${DEST_PROJECT}/demo_${Com_ID}_${CTIME}.tar.gz salt "nginx" cmd.run "cd ${DEST_PROJECT} && tar -zxf demo_${Com_ID}_${CTIME}.tar.gz && rm -f /usr/share/nginx/html/demo && ln -s ${DEST_PROJECT}/demo_${Com_ID}_${CTIME} /usr/share/nginx/html/demo && nginx -s reload" fi Delete_lock_file } Edition_list(){ salt 'nginx' cmd.run "ls -l ${DEST_PROJECT}|grep ^d" } Rollback_code(){ Lock_judge salt 'nginx' cmd.run "rm -f /usr/share/nginx/html/demo && ln -s ${DEST_PROJECT}/$1 /usr/share/nginx/html/demo" Delete_lock_file } main(){ case $1 in deploy) Deploy_code ;; list) Edition_list ;; rollback) Rollback_code $2 ;; *) echo $1 Usage ;; esac } main $1 $2 #脚本没有完善,没有写日志
测试
我之前已经推上去代码[attach]1002[/attach] [attach]1003[/attach]
vim index.html[attach]1004[/attach] [attach]1005[/attach]Adam Jensen
今晚上吃
西红柿鸡
西红牛腩
git add index.html git commit -m "牛腩" git push origin master
回滚 [root@jenkins01 project]# ls code config deploy.sh package [root@jenkins01 project]# sh deploy.sh list nginx: drwxr-xr-x 7 root root 129 Mar 23 09:28 demo_205d03_2016-03-23-09-28 drwxr-xr-x 7 root root 129 Mar 23 17:04 demo_3c2a63_2016-03-23-17-04 drwxr-xr-x 7 root root 129 Mar 22 09:21 demo_43fabe_2016-03-22-09-21 drwxr-xr-x 7 root root 151 Mar 21 17:41 demo_4c5be1_2016-03-21-17-41 drwxr-xr-x 7 root root 151 Mar 21 17:48 demo_4c5be1_2016-03-21-17-48 drwxr-xr-x 7 root root 119 Mar 21 14:46 demo_574cdd_2016-03-21-14-46 drwxr-xr-x 7 root root 119 Mar 21 14:48 demo_574cdd_2016-03-21-14-48 drwxr-xr-x 7 root root 119 Mar 21 14:49 demo_574cdd_2016-03-21-14-49 drwxr-xr-x 7 root root 119 Mar 21 14:56 demo_574cdd_2016-03-21-14-56 drwxr-xr-x 7 root root 129 Mar 21 15:59 demo_8c7d37_2016-03-21-15-59 drwxr-xr-x 7 root root 129 Mar 23 17:22 demo_8cc9b4_2016-03-23-17-22 drwxr-xr-x 7 root root 129 Mar 21 15:41 demo_a2333d_2016-03-21-15-41 drwxr-xr-x 7 root root 129 Mar 23 17:03 demo_d5f4f3_2016-03-23-17-03 [root@jenkins01 project]# sh deploy.sh rollback demo_3c2a63_2016-03-23-17-04[attach]1006[/attach]