使用 ansible+jenkins+gitlab 实现自动化发布和手动回滚前端项目 01

惯例,介绍下 ansible、jenkins、gitlab

ansible:Ansible 简单的说是一个配置管理系统(configuration management system)。你只需要可以使用 ssh 访问你的服务器或设备就行。它也不同于其他工具,因为它使用推送的方式,而不是像 puppet 等 那样使用拉取安装 agent 的方式。你可以将代码部署到任意数量的服务器上!
jenkins:Jenkins 是一个开源的、可扩展的持续集成、交付、部署(软件/代码的编译、打包、部署)的基于 web 界面的平台。允许持续集成和持续交付项目,无论用的是什么平台,可以处理任何类型的构建或持续集成。
gitlab:GitLab 是一个基于 Git 实现的在线代码仓库托管软件,你可以用 gitlab 自己搭建一个类似于 Github 一样的系统,一般用于在企业、学校等内部网络搭建 git 私服。


准备工作

准备 4 台机器并且为了方便,把防火墙和 SElinux 关闭停用(实际环境看需求开放端口)
ansible
hostname:dev-of-runfa-20
IP:10.18.193.20
jenkins
hostname:dev-of-runfa-25
IP:10.18.193.25
gitlab
hostname:dev-of-runfa-26
IP:10.18.193.26
web
hostname:dev-of-runfa-27
IP:10.18.193.27


部署 ansible、jenkins、gitlab 服务器

ansible

[[email protected] ~]# yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
[[email protected] ~]# yum -y install ansible
[[email protected] ~]# ansible --version
ansible 2.8.1
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Apr  9 2019, 14:30:50) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]

jenkins

[[email protected] ~]# curl https://download.docker.com/linux/centos/docker-ce.repo -o  /etc/yum.repos.d/docker.repo
[[email protected] ~]# yum -y install docker-ce.x86_64
[[email protected] ~]# systemctl start docker.service
[[email protected] ~]# systemctl enable docker.service
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[[email protected] ~]# mkdir -p /data/jenkins_home
[[email protected] ~]# chmod -R 777 /data/jenkins_home
[[email protected] ~]# docker run -itd --name jenkins --hostname jenkins -v /data/jenkins_home:/var/jenkins_home -v /etc/localtime:/etc/localtime:ro -p 8080:8080 -p 50000:50000 jenkins/jenkins:latest
[[email protected] ~]# docker ps
CONTAINER ID        IMAGE                    COMMAND                  CREATED             STATUS              PORTS                                              NAMES
8ea0f7f2a521        jenkins/jenkins:latest   "/sbin/tini -- /usr/…"   5 seconds ago       Up 4 seconds        0.0.0.0:8080->8080/tcp, 0.0.0.0:50000->50000/tcp   jenkins

gitlab

[[email protected] ~]# vim /etc/yum.repos.d/gitlab.repo
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1
[[email protected] ~]# yum install -y gitlab-ce
[[email protected] ~]# gitlab-ctl reconfigure
[[email protected] ~]# gitlab-ctl start
ok: run: alertmanager: (pid 9205) 23s
ok: run: gitaly: (pid 9031) 27s
ok: run: gitlab-monitor: (pid 9089) 26s
ok: run: gitlab-workhorse: (pid 9061) 27s
ok: run: grafana: (pid 9230) 22s
ok: run: logrotate: (pid 8576) 123s
ok: run: nginx: (pid 8553) 129s
ok: run: node-exporter: (pid 9081) 26s
ok: run: postgres-exporter: (pid 9220) 23s
ok: run: postgresql: (pid 8319) 203s
ok: run: prometheus: (pid 9105) 25s
ok: run: redis: (pid 8158) 215s
ok: run: redis-exporter: (pid 9093) 25s
ok: run: sidekiq: (pid 8501) 141s
ok: run: unicorn: (pid 8473) 147s

配置 gitlab 和 jenkins 服务器,模拟真实环境

gitlab 相关

先在 gitlab 上创建项目,然后在 windows 主机上(存放源码)安装 windows git 客户端

90134-ikm8lcexcg8.png

25449-n27z5e5vvt.png

15732-ijt9seut4zd.png

75102-j8qjo80v8es.png

87375-8i9ehg50r1j.png

17518-duzer0cbo5l.png

28109-cyl042g49op.png

使用 git 客户端把源码上传到 gitlab 仓库,git push 的时候提示输入用户名和密码,输入 gitlab 的登录用户的信息

[email protected] MINGW64 ~
$ cd /d/CF/website/

[email protected] MINGW64 /d/CF/website
$ git config --global user.name "Administrator"

[email protected] MINGW64 /d/CF/website
$ git config --global user.email "[email protected]"

[email protected] MINGW64 /d/CF/website
$ git init
Initialized empty Git repository in D:/CF/website/.git/

[email protected] MINGW64 /d/CF/website (master)
$ git remote add origin http://10.18.193.26/root/website.git

[email protected] MINGW64 /d/CF/website (master)
$ git add .

[email protected] MINGW64 /d/CF/website (master)
$ git commit -m "One commit"

[email protected] MINGW64 /d/CF/website (master)
$ git push -u origin master
Enumerating objects: 202, done.
Counting objects: 100% (202/202), done.
Delta compression using up to 4 threads
Compressing objects: 100% (198/198), done.
Writing objects: 100% (202/202), 12.01 MiB | 7.74 MiB/s, done.
Total 202 (delta 5), reused 0 (delta 0)
remote: Resolving deltas: 100% (5/5), done.
To http://10.18.193.26/root/website.git
 * [new branch]      master -> master
Branch 'master' set up to track remote branch 'master' from 'origin'.

查看 gitlab 是否有你所上传的项目

82381-txnj5zv5yw.png

jenkins 相关

打开 jenkins web 页面并做一些配置

20170-cdhfujmhv4h.png

03896-wt35aioyufg.png

19467-b0eb6c2gsep.png

57826-nle1jjfm2c8.png

77335-paigyhp0v9c.png

16945-6cgstvjmuph.png

23509-5qwszwr8nme.png

安装一些前端项目需要用到的插件(具体需求具体分析,我这里的不一定通用)
并且针对项目需求做一些配置,我这里安装 gitlab、gitlab hook、nodejs、SSH、Publish Over SSH 五个插件

29689-da3bf04egyf.png

30273-ncor755icx.png

93227-xpdzqsx9kgr.png

93775-h0bsydu94o6.png

34490-af2yc8jawn5.png

49062-2nb6rl4yv1d.png

52018-gaswxww9ykv.png

87069-p9vj4b1oo2h.png

把 jenkins 和 gitlab 串联起来并尝试构建

首先在 jenkins 上生成私钥和公钥

[[email protected] ~]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:4Rql+pHx9WmNPXyU9blYevCK8/xmwDThgk8+USo+aUA [email protected]
The key's randomart image is:
+---[RSA 2048]----+
|                 |
|       E     o   |
|      . o . + . .|
|       = + = +  =|
|      + S B =..+o|
|     . * * = O*..|
|    . + o . *o*+.|
|     . .   oo o= |
|      .    .o++. |
+----[SHA256]-----+
[[email protected] ~]# cat .ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAwm0l/UzoOGlpIK1cz8+PKEJGILmV5FJWLYwH/Kbe7c5GGS0d
lXLcAl7TngjV9UNSkCDXh792ThCr5hMZyL5YAD0dJ8fRLWmWwyO8neda9I+XndQY
ktgW9TCPtrjquhtFMbL6gwvAua6jzmk2wQzNNUHfkQI+eAk0Fe1XYKLQ1Z/Chk6Z
okfwuZ762zxpmyTyMJBDNibEMBo7PcqLfEuw37hTEkSCGDVi01Im4b9nCl3TK6ZR
IqviQaxrOIyrOlQqhQCSBbtP8T7O1ZmWA1sMdwehxUQyj9+J/x6hErf8DOSmamM2
f4EKxA0Syfcbl/Oz1Eg1exctxmZrI9q8CEtfcQIDAQABAoIBAQCXkqgPNSnE8Mi4
ZO76Q4IDjMdHM+ebPGVa1NRVL3KUSj9z2Sw7GnRSlMK9bX3/2yA+pJvihG0ipvSc
RT/QtDO+2+Yi4TA+CxcxwmaFY5wRFPDKZlNSB4y+UcF4XekAdcoX2MRb7YmuOGwT
uwqoreY9IsG8NteklOg6P/HisIvGPYtS2Te15DoldH/047z7C5I7KWSCRj09L1fk
7TQjYZLV15Gmev0GG/qpp7PVKyp2zd7g9XlC4X2H4pDC15TmM4d3GpUqJ5l8ybfX
3LvWqR8YRoVq4mWvKKXkh0yr/pYJKA1QXud7eMSIIaXO0UdEtdEARI2VNruG5QXq
75k1iTURAoGBAP859j30Mx31fxIQNlh3JeSh3gcXEGeprvRbELXig+AOC11Zcf3g
Da2NDDctGNOdq2TdF/uvK3FI9Ot+8ifDkqJ/VEP5KJ8EgOY3d3vNl/Y8UfW7C1oj
UEcKTcVeF8y+l9k0vb65+xjxSk1InwJ/uIi9CgU2u9mvEbC8wsaZwlmbAoGBAMME
AoY21IHoOkIDqinrQPxT0Fwrs0E6+hzgLM/D9gCFyJSlnl50RuPYNY3qP65AV32a
4A4ZUVcCiXqG6jkT/El0/2YYnVXZyStUnYER6/G5sH4dtD4rwFHco46Bmg/M+g4B
DeitiAdsom8AHbl2hkxZvEPmS/juQvdzoeizAfHjAoGAWppX6NxkvRDmYCIzOKpr
YEN6DyhH4ZTiD8q4HulfiU1TCXt0NPyxvldg68Ftm8nQC0lVdzpTAK82itcQ3b7W
sirjXhH4MqMloxQzrVZpyLbXHZWdzQzWNbHZs+PYLQ3H2AqaBTf+hHc7uj26fOec
OaZqBTnN69PzQrtvpZL15FsCgYAyjCiHV1DvtxzanY6OvP6kKKlaKq2U28+Winiz
Ba0O555dASyyeNsjFZiUB0KoTN8gnHM01FUkA3FVBAFT+B0tgRjuArVNWlztUUpd
+SI6DpJzrglZEAgSb+ko9+jR7aRm2tkbFVer7PmRYetSdilLQvssclYA2OkcsKkn
4rY/VwKBgQCCtEFlD8e0wdcTOqxu0kOC9um5fgWesmZnsSmJGyvXnGwvWZViFcSx
3aF5LaSSU7aUxFijaIDHp/rMreoy0i9JePtHysqR5xJNK507RxKXGAM9M4VPNb3O
J5pBfwh7jV9VoAA0shznph6AwYUxJ8lr03QuLJfhhGczxYYbuCGsMQ==
-----END RSA PRIVATE KEY-----
[[email protected] ~]# cat .ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCbSX9TOg4aWkgrVzPz48oQkYguZXkUlYtjAf8pt7tzkYZLR2VctwCXtOeCNX1Q1KQINeHv3ZOEKvmExnIvlgAPR0nx9EtaZbDI7yd51r0j5ed1BiS2Bb1MI+2uOq6G0UxsvqDC8C5rqPOaTbBDM01Qd+RAj54CTQV7VdgotDVn8KGTpmiR/C5nvrbPGmbJPIwkEM2JsQwGjs9yot8S7DfuFMSRIIYNWLTUibhv2cKXdMrplEiq+JBrGs4jKs6VCqFAJIFu0/xPs7VmZYDWwx3B6HFRDKP34n/HqESt/wM5KZqYzZ/gQrEDRLJ9xuX87PUSDV7Fy3GZmsj2rwIS19x [email protected]

把私钥放到 jenkins 上,把公钥放到 gitlab 上,使 jenkins 能从 gitlab 拉取代码构建

10464-iuodjoih64.png

86438-wpopcudn89.png

51981-xswbkqq9kh.png

47049-lvab4q1gxl.png

44562-e1ewmkybbo7.png

68881-77735nw96h8.png

51009-ebe1ds715h.png

回到 jenkins,新建项目

40308-qvh286k3srs.png

51469-1128xplaza3.png

02972-2yvdfmmbgw8.png

97703-ss80m612ru.png

66721-ghy5hoxzbdv.png

96223-atwhwp68cql.png

79268-ag8g2ywf5wb.png

测试是否能正常构建,构建完成最后又 SUCCESS 即为构建成功(最后一张图比较大,可以另开页面放大看下)
我这里一开始因为 npm install 和 npm run build 后面有个空格导致构建失败,所以调试了好几次才成功,能看到调试了 7 次
所以大家有什么问题要自己看下

88722-5473sdazjxw.png

70619-1or6olostgbh.png

84310-uulr85xf1hd.png

65950-789f325qalw.png


这篇文章结束了

到这里,已经把 jenkins 和 gitlab 串联起来了
因为篇幅所限,下一篇文章将介绍如何使用 gitlab 钩子触发自动构建,以及 jenkins 和 ansible 协同部署到服务器


linuxansiblejenkinsgitlab手动回滚自动化发布

我来吐槽

*

*