前言 : 随着容器化的不断发展,目前公司也在往容器化部署方面靠拢,这不最近就在整合公司的微服务项目,目标是把传统的微服务改造成Docker环境部署,言归正传,部署流程搞起。
前言:
随着容器化的不断发展,目前公司也在往容器化部署方面靠拢,这不最近就在整合公司的微服务项目,目标是把传统的微服务改造成Docker环境部署,言归正传,部署流程搞起。
环境准备:
IP
角色
192.168.0.112
Docker环境+jenkins+gitlab+Maven私服
192.168.0.113
Docker环境+Harbor+微服务项目
1. 分别在192.168.0.112,192.168.0.113上面安装Docker
$ yum install -y yum-utils$ yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
$ yum -y install docker-ce
$ docker info #查看docker信息
$ vim /etc/docker/daemon.json #配置镜像加速器,提高下载镜像的速度
{
"registry-mirrors": ["https://m81hcukn.mirror.aliyuncs.com"]
}
$ systemctl restart docker
2. 在192.168.0.112上面操作
- 部署jdk
$ mv jdk1.8.0_45 /usr/local/jdk8
- 部署Maven
$ mv apache-maven-3.5.0 /usr/local/maven3
#修改Maven源
vim /usr/local/maven3/conf/settings.xml
<mirrors>
<mirror>
<id>central</id>
<mirrorOf>central</mirrorOf>
<name>aliyun maven</name>
<url>https://maven.aliyun.com/repository/public</url>
</mirror>
</mirrors>
- 部署Gitlab
--name gitlab \
-p 8443:443 \
-p 9999:80 \
-p 9998:22 \
-v /opt/gitlab/config:/etc/gitlab \
-v /opt/gitlab/logs:/var/log/gitlab \
-v /opt/gitlab/data:/var/opt/gitlab \
-v /etc/localtime:/etc/localtime \
--restart=always \
lianzhibo/gitlab-ce-zh:latest
访问地址:http://192.168.0.112:9999 ,初次会先设置管理员 ,然后登陆,默认管理员用户名root,就是刚设置的。
创建项目,提交测试代码:
链接:https://pan.baidu.com/s/1rPgpnDa8EqE3etDh1hHWlg
提取码:avop
tar xf java.tar.gz
cd tomcat-java-demo-master
git init
git remote add origin http://192.168.0.112:9999/root/java-demo.git
git add .
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
git commit -m 'all'
git push origin master
- 部署Harbor镜像仓库
curl -L https://github.com/docker/compose/releases/download/1.29.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
#安装Harbor镜像仓库
harbor-offline-installer-v2.3.2.tgz 下载地址:https://github.com/goharbor/harbor/releases/download/v2.3.2/harbor-offline-installer-v2.3.2.tgz
tar zxvf harbor-offline-installer-v2.3.2.tgz
cd harbor
cp harbor.yml.tmpl harbor.yml
vi harbor.yml
hostname: 192.168.0.113
https: # 先注释https相关配置
harbor_admin_password: Harbor12345
./prepare #检查配置
./install.sh #安装
由于habor未配置https,还需要在docker配置可信任
# cat /etc/docker/daemon.json{"registry-mirrors": ["https://m81hcukn.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.0.113"]
}
# systemctl restart docker
- 部署Jenkins
-v /opt/jenkins_home:/var/jenkins_home \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
-v /usr/local/maven3:/usr/local/maven \
-v /usr/local/jdk8:/usr/local/jdk \
-v /etc/localtime:/etc/localtime \
--restart=always \
--name jenkins jenkins/jenkins
访问地址:http://192.168.0.112
安装插件:
管理Jenkins->系统配置-->管理插件-->搜索git , pipeline,选中点击安装。默认从国外网络下载插件,会比较慢,建议修改国内源:
cd /opt/jenkins_home/updates
sed -i 's/http:\/\/updates.jenkins-ci.org\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json && \
sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
docker restart jenkins
- 发布测试
New Item -> Pipeline -> This project is parameterized -> String Parameter
- Name:Branch # 变量名,下面脚本中调用
- Default Value:master # 默认分支
- Description:发布的代码分支 # 描述
def registry = "192.168.0.113"
def project = "prd"
def app_name = "java-demo"
def image_name = "${registry}/${project}/${app_name}:${Branch}-${BUILD_NUMBER}"
def git_address = "http://192.168.0.112:9999/root/java-demo.git"
def docker_registry_auth = "796b3651-c0b1-4429-b32a-288e0fa66c77"
def git_auth = "35ad5e6a-d132-4cac-9d74-d65223a2d8c0"
pipeline {
agent any
stages {
stage('拉取代码'){
steps {
checkout([$class: 'GitSCM', branches: [[name: '${Branch}']], userRemoteConfigs: [[credentialsId: "${git_auth}", url: "${git_address}"]]])
}
}
stage('代码编译'){
steps {
sh """
pwd
ls
JAVA_HOME=/usr/local/jdk8
PATH=$JAVA_HOME/bin:/usr/local/maven3/bin:$PATH
mvn clean package -Dmaven.test.skip=true
"""
}
}
stage('构建镜像'){
steps {
withCredentials([usernamePassword(credentialsId: "${docker_registry_auth}", passwordVariable: 'password', usernameVariable: 'username')]) {
sh """
echo '
FROM ${registry}/library/tomcat:v1
LABEL maitainer lianzhibo
RUN rm -rf /usr/local/tomcat/webapps/*
ADD target/*.war /usr/local/tomcat/webapps/ROOT.war
' > Dockerfile
docker build -t ${image_name} .
docker login -u ${username} -p '${password}' ${registry}
docker push ${image_name}
"""
}
}
}
stage('部署到Docker'){
steps {
sh """
REPOSITORY=${image_name}
docker rm -f tomcat-java-demo |true
docker container run -d --name tomcat-java-demo -p 88:8080 ${image_name}
"""
}
}
}
}
上述脚本中,docker_registry_auth 和git_auth变量的值为Jenkins凭据ID,添加凭据后修改。
添加凭据
管理Jenkins->安全-->管理凭据->Jnekins->添加凭据->Username with password
- Username:用户名
- Password:
- ID:留空
- Description:描述
分别添加连接git和harbor凭据,并修改脚本为实际凭据ID
重要提示:如果部署其他微服务项目,只需要根据项目实际情况修改项目中的DockerFile即可,已经在生产环境验证可行。
容器化运维课程学习连接:https://ke.qq.com/course/4300856?tuin=d8aedf68