以下所有内容 仅做日常笔记,如有错误 请自行排查

一、运行环境及版本

  • Ubuntu 20.x.x
  • Docker 20.x
  • Docker-compose

二、Jenkins安装

1.目录结构

服务器上 文件存放路径(根路径下): /jenkins (也可以放在其他路径这个随意)

jenkins
      |-- data # 用户存放数据的目录
      |-- docker-compose.yml

2.编写docker-compose.yml

version: "3"

networks:
  jenkins-net:
    driver: bridge

services:
  # 安装jenkins
  jenkins:
    image: jenkinsci/blueocean:latest
    user: root # root 用户运行 否则会有权限问题
    container_name: jenkins
    restart: always
    volumes:
      - ./data:/var/jenkins_home
      - /home/ubuntu:/home
      - /var/run/docker.sock:/var/run/docker.sock:rw # jenkins 容器内部调用宿主机docker 运行环境
    ports:
      - "8080:8080"
      - "50000:50000"
    networks:
      - jenkins-net

3. 服务器上运行docker-compose 安装Jenkins服务

# 1. 上传jenkins 目录到服务器根目录(或者用户家目录等 自由选择)
# 2. 确保服务器已经安装docker运行环境
# 3. 运行
cd /jenkins 
docker-composer up -d

三、安装并配置插件

1. 安装插件

可选插件中 搜索 SSH Pipeline Steps 并安装

docker jenkins 平台 docker jenkins pipeline_docker jenkins 平台


docker jenkins 平台 docker jenkins pipeline_docker jenkins 平台_02

2. 安装 maven 包到 Jenkins 容器中

下载maven安装包到服务器上(下载链接: https://maven.apache.org/download.cgi

docker jenkins 平台 docker jenkins pipeline_docker jenkins 平台_03

wget https://dlcdn.apache.org/maven/maven-3/3.8.6/binaries/apache-maven-3.8.6-bin.tar.gz
	# 解压
	tar -zxvf apache-maven-3.8.6-bin.tar.gz 
	# 重命名
	mv apache-maven-3.8.6 maven

替换 maven 中的settings.xml 配置 阿里云镜像

<?xml version="1.0" encoding="UTF-8"?>

<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements.  See the NOTICE file
distributed with this work for additional information
regarding copyright ownership.  The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License.  You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied.  See the License for the
specific language governing permissions and limitations
under the License.
-->

<!--
 | This is the configuration file for Maven. It can be specified at two levels:
 |
 |  1. User Level. This settings.xml file provides configuration for a single user,
 |                 and is normally provided in ${user.home}/.m2/settings.xml.
 |
 |                 NOTE: This location can be overridden with the CLI option:
 |
 |                 -s /path/to/user/settings.xml
 |
 |  2. Global Level. This settings.xml file provides configuration for all Maven
 |                 users on a machine (assuming they're all using the same Maven
 |                 installation). It's normally provided in
 |                 ${maven.conf}/settings.xml.
 |
 |                 NOTE: This location can be overridden with the CLI option:
 |
 |                 -gs /path/to/global/settings.xml
 |
 | The sections in this sample file are intended to give you a running start at
 | getting the most out of your Maven installation. Where appropriate, the default
 | values (values used when the setting is not specified) are provided.
 |
 |-->
<settings xmlns="http://maven.apache.org/SETTINGS/1.2.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 https://maven.apache.org/xsd/settings-1.2.0.xsd">
    <!-- localRepository
     | The path to the local repository maven will use to store artifacts.
     |
     | Default: ${user.home}/.m2/repository
    <localRepository>/path/to/local/repo</localRepository>
    -->

    <!-- interactiveMode
     | This will determine whether maven prompts you when it needs input. If set to false,
     | maven will use a sensible default value, perhaps based on some other setting, for
     | the parameter in question.
     |
     | Default: true
    <interactiveMode>true</interactiveMode>
    -->

    <!-- offline
     | Determines whether maven should attempt to connect to the network when executing a build.
     | This will have an effect on artifact downloads, artifact deployment, and others.
     |
     | Default: false
    <offline>false</offline>
    -->

    <!-- pluginGroups
     | This is a list of additional group identifiers that will be searched when resolving plugins by their prefix, i.e.
     | when invoking a command line like "mvn prefix:goal". Maven will automatically add the group identifiers
     | "org.apache.maven.plugins" and "org.codehaus.mojo" if these are not already contained in the list.
     |-->
    <pluginGroups>
        <!-- pluginGroup
         | Specifies a further group identifier to use for plugin lookup.
        <pluginGroup>com.your.plugins</pluginGroup>
        -->
    </pluginGroups>

    <!-- proxies
     | This is a list of proxies which can be used on this machine to connect to the network.
     | Unless otherwise specified (by system property or command-line switch), the first proxy
     | specification in this list marked as active will be used.
     |-->
    <proxies>
        <!-- proxy
         | Specification for one proxy, to be used in connecting to the network.
         |
        <proxy>
          <id>optional</id>
          <active>true</active>
          <protocol>http</protocol>
          <username>proxyuser</username>
          <password>proxypass</password>
          <host>proxy.host.net</host>
          <port>80</port>
          <nonProxyHosts>local.net|some.host.com</nonProxyHosts>
        </proxy>
        -->
    </proxies>

    <!-- servers
     | This is a list of authentication profiles, keyed by the server-id used within the system.
     | Authentication profiles can be used whenever maven must make a connection to a remote server.
     |-->
    <servers>
        <!-- server
         | Specifies the authentication information to use when connecting to a particular server, identified by
         | a unique name within the system (referred to by the 'id' attribute below).
         |
         | NOTE: You should either specify username/password OR privateKey/passphrase, since these pairings are
         |       used together.
         |
        <server>
          <id>deploymentRepo</id>
          <username>repouser</username>
          <password>repopwd</password>
        </server>
        -->

        <!-- Another sample, using keys to authenticate.
        <server>
          <id>siteServer</id>
          <privateKey>/path/to/private/key</privateKey>
          <passphrase>optional; leave empty if not used.</passphrase>
        </server>
        -->
    </servers>

    <!-- mirrors
     | This is a list of mirrors to be used in downloading artifacts from remote repositories.
     |
     | It works like this: a POM may declare a repository to use in resolving certain artifacts.
     | However, this repository may have problems with heavy traffic at times, so people have mirrored
     | it to several places.
     |
     | That repository definition will have a unique id, so we can create a mirror reference for that
     | repository, to be used as an alternate download site. The mirror site will be the preferred
     | server for that repository.
     |-->
    <mirrors>
        <!-- mirror
         | Specifies a repository mirror site to use instead of a given repository. The repository that
         | this mirror serves has an ID that matches the mirrorOf element of this mirror. IDs are used
         | for inheritance and direct lookup purposes, and must be unique across the set of mirrors.
         |
        <mirror>
          <id>mirrorId</id>
          <mirrorOf>repositoryId</mirrorOf>
          <name>Human Readable Name for this Mirror.</name>
          <url>http://my.repository.com/repo/path</url>
        </mirror>
         -->
        <mirror>
            <id>aliyunmaven</id>
            <mirrorOf>*</mirrorOf>
            <name>阿里云公共仓库</name>
            <url>https://maven.aliyun.com/repository/public</url>
        </mirror>
        <mirror>
            <id>maven-default-http-blocker</id>
            <mirrorOf>external:http:*</mirrorOf>
            <name>Pseudo repository to mirror external repositories initially using HTTP.</name>
            <url>http://0.0.0.0/</url>
            <blocked>true</blocked>
        </mirror>
    </mirrors>

    <!-- profiles
     | This is a list of profiles which can be activated in a variety of ways, and which can modify
     | the build process. Profiles provided in the settings.xml are intended to provide local machine-
     | specific paths and repository locations which allow the build to work in the local environment.
     |
     | For example, if you have an integration testing plugin - like cactus - that needs to know where
     | your Tomcat instance is installed, you can provide a variable here such that the variable is
     | dereferenced during the build process to configure the cactus plugin.
     |
     | As noted above, profiles can be activated in a variety of ways. One way - the activeProfiles
     | section of this document (settings.xml) - will be discussed later. Another way essentially
     | relies on the detection of a system property, either matching a particular value for the property,
     | or merely testing its existence. Profiles can also be activated by JDK version prefix, where a
     | value of '1.4' might activate a profile when the build is executed on a JDK version of '1.4.2_07'.
     | Finally, the list of active profiles can be specified directly from the command line.
     |
     | NOTE: For profiles defined in the settings.xml, you are restricted to specifying only artifact
     |       repositories, plugin repositories, and free-form properties to be used as configuration
     |       variables for plugins in the POM.
     |
     |-->
    <profiles>
        <!-- profile
         | Specifies a set of introductions to the build process, to be activated using one or more of the
         | mechanisms described above. For inheritance purposes, and to activate profiles via <activatedProfiles/>
         | or the command line, profiles have to have an ID that is unique.
         |
         | An encouraged best practice for profile identification is to use a consistent naming convention
         | for profiles, such as 'env-dev', 'env-test', 'env-production', 'user-jdcasey', 'user-brett', etc.
         | This will make it more intuitive to understand what the set of introduced profiles is attempting
         | to accomplish, particularly when you only have a list of profile id's for debug.
         |
         | This profile example uses the JDK version to trigger activation, and provides a JDK-specific repo.
        <profile>
          <id>jdk-1.4</id>

          <activation>
            <jdk>1.4</jdk>
          </activation>

          <repositories>
            <repository>
              <id>jdk14</id>
              <name>Repository for JDK 1.4 builds</name>
              <url>http://www.myhost.com/maven/jdk14</url>
              <layout>default</layout>
              <snapshotPolicy>always</snapshotPolicy>
            </repository>
          </repositories>
        </profile>
        -->

        <!--
         | Here is another profile, activated by the system property 'target-env' with a value of 'dev',
         | which provides a specific path to the Tomcat instance. To use this, your plugin configuration
         | might hypothetically look like:
         |
         | ...
         | <plugin>
         |   <groupId>org.myco.myplugins</groupId>
         |   <artifactId>myplugin</artifactId>
         |
         |   <configuration>
         |     <tomcatLocation>${tomcatPath}</tomcatLocation>
         |   </configuration>
         | </plugin>
         | ...
         |
         | NOTE: If you just wanted to inject this configuration whenever someone set 'target-env' to
         |       anything, you could just leave off the <value/> inside the activation-property.
         |
        <profile>
          <id>env-dev</id>

          <activation>
            <property>
              <name>target-env</name>
              <value>dev</value>
            </property>
          </activation>

          <properties>
            <tomcatPath>/path/to/tomcat/instance</tomcatPath>
          </properties>
        </profile>
        -->
    </profiles>

    <!-- activeProfiles
     | List of profiles that are active for all builds.
     |
    <activeProfiles>
      <activeProfile>alwaysActiveProfile</activeProfile>
      <activeProfile>anotherAlwaysActiveProfile</activeProfile>
    </activeProfiles>
    -->
</settings>

复制 maven 到Jenkins容器中

# docker cp  宿主机目录文件  容器:容器中的目录
docker cp maven jenkins:/maven

3. 设置Jenkins 中 maven 配置

docker jenkins 平台 docker jenkins pipeline_maven_04

设置 maven中 settings.xml 在Jenkins 容器中的位置

docker jenkins 平台 docker jenkins pipeline_docker_05

设置 maven 在容器中的路径

docker jenkins 平台 docker jenkins pipeline_maven_06

4. 配置Git 管理工具 (假设使用的码云的Gitee管理工具)

安装 Gitee Plugin 工具

docker jenkins 平台 docker jenkins pipeline_spring boot_07

配置 Gitee

docker jenkins 平台 docker jenkins pipeline_docker jenkins 平台_08

docker jenkins 平台 docker jenkins pipeline_spring boot_09

docker jenkins 平台 docker jenkins pipeline_spring boot_10

Gitee API V5 的私人令牌 (获取地址 https://gitee.com/profile/personal_access_tokens

docker jenkins 平台 docker jenkins pipeline_docker_11


docker jenkins 平台 docker jenkins pipeline_spring boot_12

docker jenkins 平台 docker jenkins pipeline_docker_13

5. 保存服务器以及Docker镜像仓库用户名密码等

docker jenkins 平台 docker jenkins pipeline_spring boot_14


docker jenkins 平台 docker jenkins pipeline_maven_15


docker jenkins 平台 docker jenkins pipeline_spring boot_16


docker jenkins 平台 docker jenkins pipeline_jenkins_17


docker jenkins 平台 docker jenkins pipeline_jenkins_18

四、部署Pipline 流水线

1. 配置 Gitee WebHook

docker jenkins 平台 docker jenkins pipeline_maven_19


docker jenkins 平台 docker jenkins pipeline_maven_20


docker jenkins 平台 docker jenkins pipeline_spring boot_21


docker jenkins 平台 docker jenkins pipeline_jenkins_22


docker jenkins 平台 docker jenkins pipeline_maven_23


docker jenkins 平台 docker jenkins pipeline_docker jenkins 平台_24

2. 配置 pipline 脚本

docker jenkins 平台 docker jenkins pipeline_docker jenkins 平台_25


docker jenkins 平台 docker jenkins pipeline_docker_26

3. Jenkinsfile 模板(仅做参考)

模板仅做参考 本人也不熟悉 ,不对的地方 请自行修改

#!/usr/bin/env groovy


def ipList = ['45.x.x.x']

def getServer(ip){
    def remote = [:]
    remote.name = "server-${ip}"
    remote.host = ip
    remote.port = 22
    remote.allowAnyHosts = true
    withCredentials([usernamePassword(credentialsId: ip, passwordVariable: 'password', usernameVariable: 'username')]) {
        remote.user = "${username}"
        remote.password = "${password}"
    }
    return remote
}


def maven_package(){
    sh """
        mvn clean package -D maven.test.skip=true -P prod
        echo '---------------- maven-package complete ! ----------------'
    """
}
// username: docker仓库用户名 password:docker仓库密码 registry_addr:docker仓库地址 namespace:docker仓库命名空间
// project_name:项目名称 docker_file:Dockerfile 所在的项目目录

def push_docker(username,password,registry_addr,namespace,project_name,docker_file){
    def docker_image = "${registry_addr}/${namespace}/${project_name}:${env.BUILD_NUMBER}"
    sh """
        docker build -t ${docker_image} ${docker_file}
        docker login -u ${username} -p '${password}' ${registry_addr}
        docker push ${docker_image}
        echo '---------------- docker-push complete ! ----------------'
    """
}

// username: docker仓库用户名 password:docker仓库密码 registry_addr:docker仓库地址 namespace:docker仓库命名空间
// project_name:项目名称 server_docker_path:服务器上docker目录 start_containers: 需要启动的容器名称

def deploy(username,password,registry_addr,namespace,project_name,server_docker_path,start_containers){
    def docker_image = "${registry_addr}/${namespace}/${project_name}"
    def replaceVersion = "sed -i 's#^${project_name}=.*#${project_name}=${registry_addr}/${namespace}/${project_name}:${env.BUILD_NUMBER}#' ${server_docker_path}/.env"
    // 获取指定的容器是否存在
    def stopRemoveContainers = "container_num=`docker ps -a | grep -w ${docker_image} | awk 'NR>0'|wc -l`; if [ \$container_num -gt 0 ]; then docker stop `docker ps -a | grep -w ${docker_image} | awk '{print \$1}'` && docker rm `docker ps -a | grep -w ${docker_image} | awk '{print \$1}'`; fi"
    // 强制删除滚动更新残留的镜像(保留3个最近的docker镜像版本)
    def removeImages = "images_num=`docker images | grep -w ${docker_image} | awk 'NR>3'|wc -l`; if [ \$images_num -gt 0 ]; then docker rmi --force `docker images | grep -w ${docker_image} | awk 'NR>3 {print \$3}'`; fi"
    // 启动容器
    def restartContainers="cd ${server_docker_path} && docker-compose up -d ${start_containers}"
    return """
        #拉取最新镜像
        docker login -u ${username} -p '${password}' ${registry_addr}
        docker pull ${docker_image}:${env.BUILD_NUMBER}
        # 替换版本号
        ${replaceVersion}
        # 停止并删除指定的容器
        ${stopRemoveContainers}
        # 启动新容器
        ${restartContainers}
        # 强制删除滚动更新残留的镜像
        ${removeImages}
    """
}

pipeline {
    agent any
    tools {
        maven 'M3'
    }
    stages {
        stage('部署项目') {
            steps {
                withCredentials([usernamePassword(credentialsId: 'docker-tencent', passwordVariable: 'password', usernameVariable: 'username')]) {
                    maven_package()
                    push_docker("${username}","${password}","ccs.tencentyun.com","mall-pro",'voice_server','voice-admin')
                    script {
                        for(ip in ipList){
                            def remote = getServer(ip)
                            sshCommand remote: remote, command: deploy("${username}","${password}","ccs.tencentyun.com","mall-pro","voice_server","/data/project/voice/docker","voice-server1 voice-server2")
                        }
                    }
                }
            }
        }
    }
}

4. 立即构建

docker jenkins 平台 docker jenkins pipeline_docker_27