长沙好的网站建设,网站里面如何做下载的app,织梦珠宝网站模板,物联网是什么目录 gitlab 部署 jenkins 部署 配置 实时触发 自动化构建docker镜像 通过ssh插件交付任务 添加jenkins节点 RBAC pipeline jenkins结合ansible参数化构建 安装ansible 新建gitlab项目 jenkins新建项目playbook gitlab 部署 虚拟机最小需求#xff1a;4G内存 4核cpu 下载… 目录 gitlab 部署 jenkins 部署 配置 实时触发 自动化构建docker镜像 通过ssh插件交付任务 添加jenkins节点 RBAC pipeline jenkins结合ansible参数化构建 安装ansible 新建gitlab项目 jenkins新建项目playbook gitlab 部署 虚拟机最小需求4G内存 4核cpu 下载Index of /gitlab-ce/yum/el7/ | 清华大学开源软件镜像站 | Tsinghua Open Source Mirror 安装依赖性 [rootserver1 ~]# yum install -y curl policycoreutils-python openssh-server perl
[rootserver1 ~]# yum install -y gitlab-ce-15.9.3-ce.0.el7.x86_64.rpm
[rootserver1 ~]# cd /etc/gitlab/
[rootserver1 gitlab]# vim gitlab.rb
external_url http://192.168.81.11 #gitlab访问地址自动化部署 [rootserver1 gitlab]# gitlab-ctl reconfigure登录 用户root 初始密码 cat /etc/gitlab/initial_root_password 修改密码初始密码24小时后过期 新建项目 添加密钥 克隆项目 [rootserver1 ~]# git clone git192.168.81.11:root/demo.git
[rootserver1 ~]# cd demo/
[rootserver1 demo]# git remote -v
origin git192.168.81.11:root/demo.git (fetch)
origin git192.168.81.11:root/demo.git (push)[rootserver1 demo]# echo www.westos.org index.html
[rootserver1 demo]# git add index.html
[rootserver1 demo]# git commit -m add index.html
[rootserver1 demo]# git push -u origin mainjenkins 部署 软件下载Index of /jenkins/redhat/ | 清华大学开源软件镜像站 | Tsinghua Open Source Mirror [rootserver2 ~]# rpm -ivh jdk-11.0.15_linux-x64_bin.rpm
[rootserver2 ~]# yum install -y fontconfig
[rootserver2 ~]# rpm -ivh jenkins-2.432-1.1.noarch.rpm
[rootserver2 ~]# systemctl enable --now jenkins.service
[rootserver2 ~]# netstat -antlp|grep :8080登录 http://192.168.81.12:8080/ 安装推荐插件 无需新建用户直接使用admin账户 配置 修改密码 新建项目 在jenkins主机上安装git工具 [rootserver2 ~]# yum install -y git创建密钥并上传gitlab 添加gitlab认证凭据 复制私钥 配置ssh [rootserver2~]# vim /etc/ssh/ssh_config构建触发器 构建任务 查看控制台输出 gitlab变动时进行轮询 实时触发 安装gitlab插件 配置项目触发器 生成secret token 配置gitlab 再回到demo项目下配置 测试推送 自动化构建docker镜像 在server6上安装docker-ce [rootserver2 docker]# cd /etc/yum.repos.d/
[rootserver2 yum.repos.d]# cat docker.repo
[docker]
namedocker-ce
baseurlhttps://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/x86_64/stable/
gpgcheck0[update]
namecentos
baseurlhttps://mirrors.tuna.tsinghua.edu.cn/centos/7/extras/x86_64/
gpgcheck0[rootserver2 yum.repos.d]# yum install -y docker-ce修改内核参数 [rootserver2 ~]# vim /etc/sysctl.d/docker.conf
net.bridge.bridge-nf-call-iptables 1
net.bridge.bridge-nf-call-ip6tables 1
net.ipv4.ip_forward 1[rootserver2 ~]# sysctl --system[rootserver2 ~]# systemctl enable --now docker配置docker默认仓库 [rootserver2 ~]# vim /etc/docker/daemon.json
{registry-mirrors: [https://reg.westos.org]
}[rootserver2 ~]# systemctl restart docker拷贝仓库证书 [rootk8s1 harbor]# cd /etc/docker/
[rootk8s1 docker]# scp -r certs.d/ 192.168.81.12:/etc/docker/[rootserver2 ~]# ls /etc/docker/certs.d/reg.westos.org/ca.crt
/etc/docker/certs.d/reg.westos.org/ca.crt登录私有harbor仓库 [rootserver2 test]# docker login reg.westos.org
[rootserver2 test]# chmod /var/run/docker.sock
[rootserver2 test]# cp -r /root/.docker/ /var/lib/jenkins/
[rootserver2 test]# cd /var/lib/jenkins/
[rootserver2 jenkins]# chown -R jenkins.jenkins .docker/ 安装CloudBees Docker Build and Publish插件 配置项目构建 在server1上提交Dockerfile [rootserver1 demo]# vim Dockerfile
FROM nginx
COPY index.html /usr/share/nginx/html[rootserver1 demo]# git status -s
?? Dockerfile
[rootserver1 demo]# git add Dockerfile
[rootserver1 demo]# git commit -m add Dockerfile
[rootserver1 demo]# git push -u origin main此时gitlab会主动触发jenkins构建任务观察jenkins的任务输出 通过ssh插件交付任务 新建测试虚拟机server3 在server3上安装docker-ce、修改内核参数、拷贝仓库证书 jenkins安装ssh插件 进入系统配置添加ssh主机 新建docker_test项目 当test项目成功运行后触发docker_test项目 构建后查看输出 添加jenkins节点 安装ssh agent插件 安装jdk和git [rootserver3 ~]# rpm -ivh jdk-11.0.15_linux-x64_bin.rpm
[rootserver3 ~]# yum install -y git配置解析 [rootserver3 ~]# vim /etc/hosts在节点管理中添加节点 配置从节点、 ssh认证 关闭Built-InNode节点的构建任务数 关闭git主机校验 最后测试构建构建任务会在server3节点上运行 RBAC 安装插件 修改默认授权策略 新建测试用户 新建角色 用户授权 docker_dev可以构建、read docker_test pipeline 新建流水线项目 docker_image_build server1对server3进行免密 pipeline {agent anystages {stage(check out) {steps {git credentialsId: b3c53a2f-3c0a-4f8b-95ac-6b215e11f71f, url: git192.168.81.11:root/dockerfile.git, branch: main}}stage(docker build) {steps {sh cd $WORKSPACEdocker build -t reg.westos.org/library/webserver:${BUILD_NUMBER} .}}stage(docker push) {steps {sh REPOSITORYreg.westos.org/library/webserver:${BUILD_NUMBER}docker tag $REPOSITORY reg.westos.org/library/webserver:latestdocker login reg.westos.org -u admin -p shg12345docker push $REPOSITORYdocker push reg.westos.org/library/webserver:latest}}stage(docker deploy) {steps {sshagent(credentials: [279e420b-1d3c-4ac4-a25f-10b876f700f3]) {sh ssh -o StrictHostKeyCheckingno root192.168.81.13 docker ps -a |grep myapp docker rm -f myappdocker rmi reg.westos.org/library/webserver:latestdocker run -d --name myapp -p 80:80 reg.westos.org/library/webserver:latest }}}}
}注意ssh需要使用ssh免密认证 jenkins结合ansible参数化构建 主机环境 主机 IP 角色 server1 192.168.81.12 jenkins、ansible server2 192.168.81.11 测试机test、devops sudo server3 192.168.81.13 测试机prod、devops sudo 安装ansible [rootserver2 ~]# vim /etc/yum.repos.d/ansible.repo
[ansible]
nameepel
baseurlhttps://mirrors.tuna.tsinghua.edu.cn/epel/7/x86_64/
gpgcheck0[rootserver2 ~]# yum install -y ansibledevops是测试机的ssh免密用户并且配置sudo [rootserver1 ~]# useradd devops
[rootserver1 ~]# echo westos | passwd --stdin devops
[rootserver1 ~]# visudoserver3同上配置 在ansible主机上以jenkins身份配置ssh免密到所有测试机 [rootserver2 ~]# usermod -s /bin/bash jenkins
[rootserver2 ~]# su - jenkins
-bash-4.2$ ssh-keygen
-bash-4.2$ ssh-copy-id devops192.168.81.11
-bash-4.2$ ssh-copy-id devops192.168.81.13新建gitlab项目 [rootserver1 ~]# git clone git192.168.81.11:root/playbook.git
[rootserver1 ~]# cd playbook/
[rootserver1 playbook]# vim ansible.cfg
[defaults]
command_warningsFalse
remote_userdevops[privilege_escalation]
becomeTrue
become_methodsudo
become_userroot
become_ask_passFalse[rootserver1 playbook]# mkdir inventory
[rootserver1 playbook]# cd inventory/
[rootserver1 inventory]# vim test
[test]
192.168.81.11 http_port8000[rootserver1 inventory]# vim prod
[prod]
192.168.81.13 http_port8080[rootserver1 inventory]# cd ..
[rootserver1 playbook]# vim playbook.yaml
---
- hosts: alltasks:- name: install the latest version of Apacheyum:name: httpdstate: latest- name: configure apachetemplate:src: httpd.conf.j2dest: /etc/httpd/conf/httpd.confnotify: restart apache- name: Start service httpd, if not startedservice:name: httpdstate: startedenabled: yeshandlers:- name: restart apacheservice:name: httpdstate: restarted[rootserver1 playbook]# yum install -y httpd
[rootserver1 playbook]# cp /etc/httpd/conf/httpd.conf .
[rootserver1 playbook]# mv httpd.conf httpd.conf.j2
[rootserver1 playbook]# vim httpd.conf.j2Listen {{ http_port }} 推送项目 jenkins新建项目playbook 选择参数构建
