Gitlab
Gitlab安装配置管理
安装Gitlab前系统预配置准备工作:
-
关闭firewalld防火墙
systemctl stop firewalld systemctl disable firewalld -
关闭SELINUX并重启系统
vim /etc/sysconfig/selinux SELINUX=disabled # 并重启系统 reboot # 检查是否禁用了 getenforce
安装Omnibus Gitlab-ce package
-
安装Gitlab组件
yum -y install curl policycoreutils openssh-server openssh-clients postfix -
配置YUM仓库
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash -
启动postfix邮件服务
systemctl start postfix && systemctl enable postfix -
安装Gitlab-ce社区版本
yum install -y gitlab-ce
Omnibus Gitlab等相关配置初始化并完成安装
-
证书创建与配置加载
mkdir -p /etc/gitlab/ssl cd /etc/gitlab/ssl openssl genrsa -out "/etc/gitlab/ssl/gitlab.example.com.key" 2048 openssl req -new -key "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.csr" openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.example.com.csr" -signkey "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.crt" openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048 # 修改权限 cd /etc/gitlab/ssl chmod 600 *[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-iP1eTMPs-1583921680311)(./images/csr.png)]
-
Nginx SSL代理服务配置
vim /etc/gitlab/gitlab.rb # 修改如下内容 external_url 'http://gitlab.example.com' # old external_url 'https://gitlab.example.com' # new # nginx['redirect_http_to_https'] = false # old nginx['redirect_http_to_https'] = true # new # nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt" # nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key" # nginx['ssl_dhparam'] = /etc/gitlab/ssl/dhparams.pem -
初始化Gitlab相关服务并完成安装
gitlab-ctl reconfigure vim /var/opt/gitlab/nginx/conf/gitlab-http.conf # 在server_name下面添加一行 rewrite ^(.*)$ https://$host$1 permanent; # 重启服务 gitlab-ctl restart # windows下访问,需要配置hosts文件 gitlab部署ip gitlab.example.com 192.168.5.11 gitlab.example.com # 访问 gitlab.example.com # 初始化管理员密码 Mysql123!
账号:root
### gitlab操作项目
```shell
# clone项目
git config --global http.sslVerify false
git clone https://gitlab.example.com/root/test-repo.git
# 或
git -c http.sslVerify=false clone https://gitlab.example.com/root/test-repo.git
# 创建文件
vim test.py
git add .
git commit -m "First commit"
# 提交到远程分支
git -c http.sslVerify=false push origin master
# 拉取代码
git -c http.sslVerify=false pull
创建用户权限
# 创建用户
1.点击小扳手 -> overview -> dashboard -> new user
2.输入name,用户名Username,Email,其它默认,点击创建用户
3.再点击user,给用户设置密码
# 添加用户权限
1.点击小扳手 -> overview -> project -> 点击项目名 -> Manage access
2.用户名和权限,其它默认,点击invite
Ansible
- Python语言编写,无client,模块化配置管理,Playbook脚本编写规范,易于上手,适合中小规模快速部署
安装
git cloen https://github.com/ansible/ansible.git
预先安装
-
关闭firewalld防火墙
systemctl stop firewalld systemctl disable firewalld -
关闭SELINUX并重启系统
vim /etc/sysconfig/selinux SELINUX=disabled # 并重启系统 reboot # 检查是否禁用了 getenforce
Python3.6+Ansible2.5
python3.6.5安装
wget http://www.python.org/ftp/python/3.6.5/Python-3.6.5.tar.xz
tar xf Python-3.6.5.tar.xz
cd Python-3.6.5
./configure --prefix=/usr/local --with-ensurepip=install --enable-shared LDFLAGS="-wl, -rpath /usr/local/lib"
make && make altinstall
# 下载好解释器python3.6压缩包 网址:https://www.cnblogs.com/lilidun/p/6041198.html
sudo yum install openssl-devel -y
sudo yum install zlib-devel -y
1.下载对应的 .tgz包
https://www.python.org/ftp/python/3.6.5/Python-3.6.5.tgz
# 在终端下下载
wget --no-check-certificate https://www.python.org/ftp/python/3.6.5/Python-3.6.5.tgz
2.解压到安装目录
sudo mkdir /usr/local/python3
tar -zxvf Python-3.6.5.tgz -C /usr/local/python3
cd /usr/local/python3
3.安装
cd Python-3.6.5
# 可能需要安装gcc
sudo yum install gcc -y
sudo ./configure --prefix=/usr/local/python3.6 --enable-shared # 指定创建目录
sudo make && make install
ln -s /usr/local/python3.6/bin/python3 /usr/bin/python3
ln -s /usr/local/python3.6/bin/pip3 /usr/bin/pip3
此时运行python3命令的话会报错,缺少.so文件,我们需要进行如下操作:
cp -R /usr/local/python3.6/lib/* /usr/lib64/
# pip加速
mkdir ~/.pip
cd ~/.pip
cat>> pip.conf <<EOF
[global]
index-url=http://pypi.douban.com/simple
trusted-host=pypi.douban.com
EOF
# 安装虚拟环境
pip3 install virtualenv
find / -name virtualenv
ln -s /usr/local/python3.6/bin/virtualenv /usr/bin/virtualenv3
yum -y install git nss curl
# 创建用户
useradd deploy
su - deploy
# 授权
vim /etc/sudoers
deploy ALL=(ALL) ALL
wq! # 强制保存
# 创建虚拟环境
virtualenv3 --system-site-packages .py3-a2.5-env
# 进入虚拟环境
. .py3-a2.5-env/bin/activate
pip install paramiko PyYAML jinja2
安装Ansible2.5
# 进入虚拟环境下,clone
git clone https://github.com/ansible/ansible.git
mv ansible .py3-a2.5-env/
cd .py3-a2.5-env/ansible
# 切换版本
git checkout stable-2.5
# 加载ansible环境
source .py3-a2.5-env/ansible/hacking/env-setup -q
# 测试
ansible --version
Jenkins
Jenkins安装
-
添加yum仓库源
wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key -
关闭firewalld防火墙
systemctl stop firewalld systemctl disable firewalld -
关闭SELINUX并重启系统
vim /etc/sysconfig/selinux SELINUX=disabled # 并重启系统 reboot # 检查是否禁用了 getenforce -
安装java环境
-
安装与初始化配置
# 安装jenkins yum install -y jenkins git # 自定义配置java环境,需要把java命令连接到/usr/bin下 # 创建Jenkisn系统用户 useradd deploy # 更改Jenkisn启动用户与端口,在页面操作jenkins都是deploy用户操作 vim /etc/sysconfig/jenkins ... JENKINS_USER=deploy JENKINS_PORT=8080 ... # chown将指定文件的拥有者改为指定的用户或组,修改权限 chown -R deploy:deploy /var/lib/jenkins chown -R deploy:deploy /var/log/jenkins chown -R deploy:deploy /var/cache/jenkins # 遇到错误查找jenkins.log文件 # 启动 systemctl start jenkins # 查看是否启动成功 netstat -nltp | grep 8080
jenkins插件下载镜像加速
https://blog.csdn.net/you227/article/details/81076032
# 插件下载的地址
http://updates.jenkins-ci.org/download/plugins/
http://mirrors.tuna.tsinghua.edu.cn/jenkins/plugins/
Jenkins Pipeline Job编写规范
pipeline基础架构
- 所有代码包裹在pipeline{}层内
- stages{}层用来包含该pipeline所有stage子层
- stage{}层用来包含具体我们需要白那些任务的steps{}子层
- steps{}层用来添加我们具体需要调用的模块语句
pipeline{
agent any
environment{
host="test.example.com"
user="deploy"
}
stages{
stage("build"){
steps{
sh "cat $host"
echo $deploy
sh """
cat $host > 1.txt
cat $deploy > 1.txt
"""
}
}
}
}
agent区域
# agent定义pipeline在哪里运行
可以使用any,none或具体的Jenkins node主机名等
例:如果我们要特指在node1上执行,可以写成:
agent{node {label 'node1'}}
environment区域
- "变量名称=变量值"定义我们的环境变量
- 可以定义全局环境变量,应用所有stages任务
- 可以定义stage环境变量,应用单独的stage任务
...
stages{
stage("build"){
environment{
JAVA_HOME="/usr/lib/jre"
}
steps{
sh "cat $JAVA_HOME"
echo $JAVA_HOME
}
}
}
...
script区域(可选)
- 在steps内定义script{}
- groovy脚本语言
- 用来进行脚本逻辑运算
常用steps区域
- echo:打印输出
- sh:调用Linux系统shell命令
- git url:调用git模块进行git相关操作
创建pipeline job
一般里配置
# 创建自由风格任务的时候,这样去配置
# 选择运行的环境
This project isparameterized -> Choice Parameter
Name: deploy_env
Choices: dev \n pood
Description: Choose deploy env
# 选择运行的版本号
String Parameter
name: "version",
defaultValue: "1.0.0",
description: "build version"
Pipeline脚本
#!groovy
pipeline {
agent {node {label 'master'}}
environment {
PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin"
WORK_DIR="/data/repo/"
}
parameters {
choice(
name: "deploy_env",
choices: "dev\nprod",
description: "Choose deploy env"
)
string(
name: "version",
defaultValue: "1.0.0",
description: "build version"
)
}
stages{
stage("Checkout test repo"){
steps{
sh "git config --global http.sslVerify false"
dir("${env.WORKSPACE}"){
git branch: "master", credentialsId: "187a5385-2a32-4860-9393-96fd495fa567", url: "https://gitlab.example.com/root/test-repo.git"
}
}
}
stage("Print env variable"){
steps{
dir("${env.WORKSPACE}"){
sh """
echo "[INFO] Print env variable"
echo "Current deployment environment is $deploy_env" >> test.properties
echo "The build is $version" >> test.properties
echo "[INFO] Done..."
"""
}
}
}
stage("Check test properties"){
steps{
dir("${env.WORKSPACE}"){
sh """
echo "[INFO] Check test properties"
if [ -s test.properties]
then
cat test.properties
else
echo "test.properties is empty"
fi
echo ${env.WORKSPACE}
rm -rf ${WORK_DIR}
mkdir ${WORK_DIR}
cp -r ${env.WORKSPACE} ${WORK_DIR}
"""
echo "[INFO SUCCESS...]"
}
}
}
}
}
Pipeline脚本里的参数说明
# 这个是在jenkins为master的服务器上运行
agent {node {label 'master'}}
# parameters模块
构建任务时所带的参数
# git模块里的参数
sh "git config --global http.sslVerify false" # 不用ssl校验
branch 表示分支,credentialsId为Jenkins的凭证id
# 授权
chown -R deploy:deploy /data/
使用jenkisn file
# 在gitlabe上创建项目 test-pipeline,在该项目里创建pipeline文件夹,在创建test.Jenkins
# 在jenkins上创建一个pipeline的项目pipeline-job,进行如下配置
集成maven
-
创建一个freestyle的项目maven-freestryl-job
-
配置该项目,配置git(项目路径),在配置构建,选择maven调用顶层配置,package
-
配置全局工具(在Manage Jenkins下),添加jdk,配置JAVA_HOME,配置maven的path
-
再配置该项目,配置构建,选择maven的版本
-
运行构建即可
# 运行打包好的war包
set JAVA_OPTS=-Xms256m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m
java %JAVA_OPTS% -jar web.war
java -Xms256m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m -jar web.war
来源:CSDN
作者:ZbyFt
链接:https://blog.csdn.net/weixin_42149982/article/details/104801685