说明
Jenkins pipeline 是一套插件,支持将连续输送管道实施和整合到Jenkins。Pipeline提供了一组可扩展的工具,用于通过管道DSL为代码创建简单到复杂的传送流水线。他目前支持jenkins 2.x以上版本。pipeline是由groovy语言编写
参考:https://www.cnblogs.com/YatHo/p/7856556.html
基础使用范例
pipeline分为两种一种为jenkinsfile使用,一种直接在网页界面中输入脚本内容,本文介绍第二种使用方法
新建一个项目:
使用jenkins Groovy脚本实现源码拉取、源码打包、包上传与部署
首先源码拉取:
由于使用groovy语言,需要先生成pipeline可以用的git链接地址,生成方法如下:
链接格式如下:
checkout([$class: 'GitSCM', branches: [[name: '*/master']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: 'b96e05e1-193f-4e06-9195-fcaf31f579e9', url: 'http://10.10.10.217/test/test.git']]])
需要将此链接加到pipeline脚本里
编写pipeline脚本(本示例只做了拉取和打包):
pipeline { agent any
//此处为环境变量设置,定义变量需要用加上 "def" environment { def ITEMNAME = "flagship" def SRCCODE_DIR = "/root/.jenkins/workspace/test_pipeline/flagship-bigdata/" }
//此处即可开始进行代码部署操作 stages { stage('代码拉取并打包'){ steps { echo "checkout from ${ITEMNAME}"
//生成的git链接地址 checkout ([$class: 'GitSCM', branches: [[name: '*/master']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: 'b96e05e1-193f-4e06-9195-fcaf31f579e9', url: 'http://10.10.10.217/test/test.git']]]) echo "开始打包 "
//执行shell命令 sh 'export JAVA_HOME=/usr/local/java/jdk1.7.0_80 && cd $SRCCODE_DIR && mvn clean install -DskipTests -Denv=beta' } } } }
其他部署操作按照stage{ steps{} }的格式进行编写即可
构建完成后如图所示(查看log)
建议方案:jenkins+gitlab+ansible(playbook)
语法示例:
https://jenkins.io/doc/book/pipeline/
https://jenkins.io/doc/book/pipeline/syntax/#stage
上图中①表示定义执行jenkins pipeline等流程的节点
pipeline+gitlab+ansible简单部署案例
pipeline脚本内容
pipeline { agent any environment { def maven_home = "/usr/local/maven3.5/" def ITEMNAME = "hzjry" } stages { stage('代码拉取并打包'){ steps { echo "checkout from ${ITEMNAME}" checkout([$class: 'GitSCM', branches: [[name: '*/${branch}']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: '9a3eb706-aa23-4a07-8e00-188d91fbd98d', url: 'http://10.10.10.217/hz-cloud/hz-cloud.git']]]) echo "开始打包 " sh 'export JAVA_HOME=/usr/local/java/jdk1.7.0_80 && cd ${WORKSPACE} && /usr/local/maven3.5/bin/mvn clean install -Dmaven.test.skip=true -Pbeta' } } stage('部署项目'){ steps { echo "上传部署" sh 'ansible-playbook -i /etc/ansible/hosts /etc/ansible/hzjry/main.yml -e "host=hzjry_admin"' } } } }
说明:因为构建的时候定义了参数化构建,所以在选定源码仓库分支的时候用了变量(branch),所以生成的pipeline script里的git 地址为 ${branch}
ansible-playbook内容
[root@bogon hzjry]# tree roles/tomcat roles/tomcat ├── files │ └── index.html ├── handlers │ └── main.yaml ├── tasks │ └── main.yml ├── templates │ ├── a.txt │ ├── b.txt │ └── nginx.conf.j2 └── vars └── main.yml [root@bogon hzjry]# cat main.yml --- - hosts: "{{ host }}" gather_facts: False roles: # - init - tomcat [root@bogon tomcat]# cat tasks/main.yml - name: 查看目录 shell: ls /opt/tomcat-7/webapps | grep admin register: admin_dir ignore_errors: True - name: 创建目录 file: "path={{ tomcat_dir }}/webapps/admin state=directory" when: admin_dir|failed - name: 关闭tomcat shell: chdir={{ tomcat_dir }}/bin nohup ./shutdown.sh & - name: 检查进程是否还存在 shell: ps -ef |grep {{ tomcat_dir }}|grep -v "grep"|awk '{print $2}' register: pid_exist ignore_errors: True - name: 进程存在就杀死 shell: ps -ef |grep {{ tomcat_dir }}|grep -v "grep"|awk '{print $2}'|xargs kill -9 when: pid_exist|success #- name: backup old code # shell: chdir={{ tomcat_root }}/webapps tar -czf /root/xxx_$(date -d "today" +"%Y%m%d_%H%M%S").tar.gz - name: clean cache|清除缓存 shell: chdir={{ tomcat_dir }} rm -rf work - name: 解压war包 unarchive: src={{ war_dir }}/cloud-admin-0.0.1-SNAPSHOT.war dest={{ tomcat_dir }}/webapps/admin copy=yes # when: {{ service }}="admin" - name: 启动tomcat shell: export {{ item }} && chdir={{ tomcat_dir }}/bin nohup ./startup.sh & with_items: - JAVA_HOME=/usr/local/java/jdk1.8.0_151 - CLASSPATH=.:${JAVA_HOME}/jre/lib/rt.jar:${JAVA_HOME}/lib/dt.jar:${JAVA_HOME}/lib/tools.jar - PATH=$PATH:${JAVA_HOME}/bin
[root@bogon tomcat]# cat vars/main.yml --- tomcat_dir: /opt/tomcat-7 war_dir: /var/lib/jenkins/workspace/test-pipeline/hz-cloud-management/cloud-admin/target/
jenkins构建时,在部署上传steps处报错,如下所示:
fatal: [10.20.200.224]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). ", "unreachable": true} [WARNING]: Failure using method (v2_runner_on_unreachable) in callback plugin (</usr/lib/python2.7/site- packages/ansible/plugins/callback/log_plays.CallbackModule object at 0x1e32fd0>): [Errno 13] Permission denied: u'/var/log/ansible/hosts/10.20.200.224' [WARNING]: Could not create retry file '/etc/ansible/hzjry/main.retry'. [Errno 13] Permission denied: u'/etc/ansible/hzjry/main.retry'
但是在服务器终端页面执行ansible-playbook则没有出现问题,推测可能是权限问题
jenkins yum安装,在执行部署的时候默认使用jenkins用户进行部署,默认jenkins用户是无法连接远程服务器的,所以需要配置连接认证
解决方法一
//修改Jenkins配置文件 # 打开配置文件 vim /etc/sysconfig/jenkins # 修改$JENKINS_USER,并去掉当前行注释 $JENKINS_USER="root" //修改Jenkins相关文件夹用户权限 chown -R root:root /var/lib/jenkins chown -R root:root /var/cache/jenkins chown -R root:root /var/log/jenkins //重启Jenkins服务并检查运行Jenkins的用户是否已经切换为root # 重启Jenkins(若是其他方式安装的jenkins则重启方式略不同)
service jenkins restart#
//查看Jenkins进程所属用户
ps -ef | grep jenkins #若显示为root用户,则表示修改完成机修
继续执行可部署成功
解决方法二
配置jenkins的用户终端,修改jenkins用户shell为bash
jenkins:x:989:985:Jenkins Automation Server:/var/lib/jenkins:/bin/bash
配置jenkins用户连接ssh免秘钥
[root@bogon tomcat]# su jenkins bash-4.2$ ssh-keygen -t rsa bash-4.2$ ssh-copy-id root@10.20.200.224
修改ansible主机组信息
cat /etc/ansible/hosts [hzjry_admin] 10.20.200.224 ansible_ssh_private_key_file=/var/lib/jenkins/.ssh/id_rsa ansible_ssh_user='root'
继续执行
