Devops
前言
可以实现yaml文件上传到gitlab后,Jenkins自动拉取代码并部署docker。
gitlab
前提
需要有docker和docker-compose
docker version
docker-compose version
部署gitlab
version: '3.1'
services:
gitlab:
image: 'swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/gitlab/gitlab-ce:latest'
container_name: gitlab
restart: always
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://192.168.248.12:8929'
gitlab_rails['gitlab_shell_ssh_port'] = 2224
ports:
- '8929:8929'
- '2224:2224'
volumes:
- './config:/etc/gitlab'
- './logs:/var/log/gitlab'
- './data:/var/opt/gitlab'
git config --global user.name "Wise_Jenkins"
git config --global user.email wiseshark@yeah.net
访问
获取密码
docker exec -it gitlab bash
cat /etc/gitlab/initial_root_password
获取Token
Scopes: read_repository, write_repository
如果要配置给Jenkins使用,需要勾选:api
报错处理
执行:git remote add origin http://192.168.248.12:8929/root/wise_project.git
报错:fatal: not a git repository (or any of the parent directories): .git
原因:你当前的文件夹,不是 Git 仓库!
处理方式:git init # 初始化一个空的 Git 仓库
执行:git pull
报错:fatal: Unencrypted HTTP is not recommended for GitLab. Ensure the repository remote URL is using HTTPS or see https://aka.ms/gcm/unsaferemotes about how to allow unsafe remotes.
原因:GitLab不建议使用未加密的HTTP协议。确保仓库远程URL使用HTTPS
处理方式:
git config --global http.sslVerify false
git config --global credential.helper store
报错:remote: HTTP Basic: Access denied. If a password was provided for Git authentication, the password was incorrect or you're required to use a token instead of a password. If a token was provided, it was either incorrect, expired, or improperly scoped. See http://192.168.248.12:8929/help/topics/git/troubleshooting_git.md#error-on-git-fetch-http-basic-access-denied
原因:必须使用token而不是密码。
处理方式:git remote add origin http://oauth2:glpat-cFwREBkZknoLEy2uik7h@192.168.248.12:8929/root/wise_project.git
执行 git push orgin main
报错:error: src refspec main does not match any.
原因:本地分支名和远程分支名不一致
处理方式:git push origin master
maven不需要部署
作用
编译 Java 代码
打包 jar/war
管理 Java 依赖
部署
tar -zxvf jdk-8u202-linux-x64.tar.gz -C /usr/local
tar -zxvf apache-maven-3.9.14-bin.tar.gz -C /usr/local
mv jdk1.8.0_202/ jdk/
mv apache-maven-3.9.14/ maven/
修改配置
配置阿里云仓库地址
vi ./maven/conf/settings.xml
<mirror>
<id>alimaven</id>
<name>aliyun maven</name>
<url>http://maven.aliyun.com/nexus/content/groups/public/</url>
<mirrorOf>central</mirrorOf>
</mirror>
<mirrors>
<!-- 阿里云 Maven 仓库(HTTPS 新版地址,推荐)-->
<mirror>
<id>aliyunmaven</id>
<mirrorOf>central</mirrorOf>
<name>阿里云公共仓库</name>
<url>https://maven.aliyun.com/repository/public</url>
</mirror>
</mirrors>
配置jdk8编译插件配置
<profile>
<id>jdk8</id>
<activation>
<activeByDefault>true</activeByDefault>
<jdk>1.8</jdk>
</activation>
<properties>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<maven.compiler.compilerVersion>1.8</maven.compiler.compilerVersion>
</properties>
</profile>
docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum install -y docker-ce
yum install -y docker-compose
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
docker-compose -v
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Jenkins
version: "3.1"
services:
jenkins:
image: swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/jenkins/jenkins:2.541.2-lts
container_name: jenkins
pull_policy: if_not_present # 优先使用本地镜像,本地没有才去拉取
ports:
- 8080:8080
- 50000:50000
volumes:
- ./data/:/var/jenkins_home/
docker-compose up -d
访问jenkins
http://192.168.248.10:8080/
故障处理
启动异常
现象:执行docker logs -f jenkins
报错:
Can not write to /var/jenkins_home/copy_reference_file.log. Wrong volume permissions?
touch: cannot touch '/var/jenkins_home/copy_reference_file.log': Permission denied
解决方法:chmod -R 777 ./data
修改 /var/lib/jenkins/updates/default.json
jenkins 在下载插件之前会先检查网络连接,其会读取这个文件中的网址。默认是访问谷歌
改为<www.baidu.com>即可,更改完重启服务。 <www.qq.com都不行>
docker restart jenkins
密码问题
secrets/initialAdminPassword # 查看初始密码
如果没有这个文件,则
docker stop jenkins
vi /wise/jenkins_docker/data/config.xml
<useSecurity>true</useSecurity> --> <useSecurity>false</useSecurity>
docker start jenkins
现象:Failed to load: Variant Plugin (variant 70.va_d9f17f859e0) - Jenkins (2.479.1) or higher required
原因:Jenkins版本太低
把swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/jenkins/jenkins:lts-jdk8改为swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/jenkins/jenkins:2.60.2
修改confi.xml <?xml version='1.1' encoding='UTF-8'?>
为<?xml version='1.0' encoding='UTF-8'?>
现象:无法下载插件
解决方法:
https://mirrors.ustc.edu.cn/jenkins/updates/update-center.json
https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json
http://mirror.esuni.jp/jenkins/updates/update-center.json
# 修改数据卷中的hudson.model.UpdateCenter.xml文件
<?xml version='1.1' encoding='UTF-8'?>
<sites>
<site>
<id>default</id>
<url>https://updates.jenkins.io/update-center.json</url> # 修改这里
</site>
</sites>
配置
插件:publish over ssh
连接GitLab
- gitlab生成令牌
,勾选api权限 - Manage Jenkins-->Syste-->GitLab
Connection name:gitlab
GitLab host URL:http://192.168.248.12:8929
勾选 Ignore SSL errors
Credentials: 添加GitLab API Token--API token填gitlab生成的
3. 创建项目
项目名称:wise_project
选择:Freestyle project
Sourc Code Management: Git
Repository URL: http://192.168.248.12:8929/root/wise_project.git
Credentials-->添加-->Username with password-->Username填gitlab的用户名<root>,密码填gitlab生成的token
- Triggers
勾选:Build when a change is pushed to GitLab
记录下webhook URL
Advanced(高级)--> Secret token --> Secret token
GitLab配置webhook
SSH Publishers
Source files:选择要上传的文件
Remote directory:要上传到的目录,./代表publish over ssh配置的目录
Exec command: 默认是在/root/下执行,所以需要先cd到要上传的目录
Jenkins配置截图
系统管理>>系统配置
config
cd /usr/local/test
for file in $(cat changed_yml_files.txt); do
docker-compose -f $file up -d
done
cd ${WORKSPACE}
git diff --name-only HEAD^ HEAD | grep -E '\.yaml$' > changed_yml_files.txt || true
echo "本次更新文件:"
cat changed_yml_files.txt
浙公网安备 33010602011771号