DevOps流程demo（实操记录）

安装下载流程

VMVare安装

Centos下载

https://vault.centos.org/7.8.2003/isos/x86_64/

参考：https://blog.csdn.net/weixin_46623617/article/details/110008032
遇到的问题：
1、connect: Network is unreachable解决方案：
https://blog.csdn.net/qq_41793064/article/details/102641743
2、出现bash: ifconfig:command not found的解决办法,即安装ifconfig命令（亲测有效）
https://www.cnblogs.com/wangpingcong/p/12570929.html

准备一个clear的虚拟机，后面就克隆该虚拟机，采用完整克隆，如下图：

centos-gitlab

踩坑：gitlab比较大，最好设置40GB!!!

安装docker

1、下载docker依赖组件：

yum -y install yum-utils device-mapper-persistent-data lvm2

2、设置下载docker镜像源为阿里云：

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

3、安装docker服务

yum -y install docker-ce

4、启动docker，并设置开机自启

systemctl start docker
systemctl enable docker

[root@localhost ~]# docker version
Client: Docker Engine - Community
 Version:           20.10.17
 API version:       1.41
 Go version:        go1.17.11
 Git commit:        100c701
 Built:             Mon Jun  6 23:05:12 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.17
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.11
  Git commit:       a89b842
  Built:            Mon Jun  6 23:03:33 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.6
  GitCommit:        10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
 runc:
  Version:          1.1.2
  GitCommit:        v1.1.2-0-ga916309
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

安装docker-compose：
下载地址：https://github.com/docker/compose/releases
下载docker-compose-linux-x86_64
传输文件安装命令：（这里用的XShell）

yum -y install lrzsz
rz -y

[root@localhost ~]# ls
anaconda-ks.cfg  docker-compose-linux-x86_64
[root@localhost ~]# ll
total 25204
-rw-------. 1 root root     1274 Aug  1 11:06 anaconda-ks.cfg
-rw-r--r--. 1 root root 25804800 Aug  1 04:53 docker-compose-linux-x86_64
[root@localhost ~]# chmod +x docker-compose-linux-x86_64 
[root@localhost ~]# ls
anaconda-ks.cfg  docker-compose-linux-x86_64
[root@localhost ~]# mv docker-compose-linux-x86_64 docker-compose
[root@localhost ~]# ls
anaconda-ks.cfg  docker-compose
[root@localhost ~]# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
[root@localhost ~]# mv docker-compose /usr/bin
[root@localhost ~]# docker-compose version
Docker Compose version v2.8.0
[root@localhost ~]# 

安装gitlab

关闭防火墙：

systemctl stop firewalld

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# cd /usr/local
[root@localhost local]# ls
bin  etc  games  include  lib  lib64  libexec  sbin  share  src
[root@localhost local]# mkdir docker
[root@localhost local]# cd docker/
[root@localhost docker]# mkdir gitlab_docker
[root@localhost docker]# pwd
/usr/local/docker
[root@localhost docker]# cd gitlab_docker/
[root@localhost gitlab_docker]# pwd
/usr/local/docker/gitlab_docker

[root@localhost gitlab_docker]# vi docker-compose.yml

[root@localhost gitlab_docker]# docker search gitlab        
[root@localhost gitlab_docker]# docker pull gitlab/gitlab-ce:latest

拉取镜像可以从这里搜：https://hub.docker.com/search
遇到的错误：Error response from daemon:
解决：https://blog.csdn.net/Lyon_Nee/article/details/124169099
https://blog.csdn.net/weixin_45600855/article/details/117267344

[root@localhost docker]# cd /usr/local/docker/gitlab_docker
[root@localhost gitlab_docker]# ls
docker-compose.yml
[root@localhost gitlab_docker]# vi docker-compose.yml 

version:'3.1'
services:
  gitlab:
    image: 'gitlab/gitlab-ce:latest'
    container_name: gitlab
    restart: always
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://192.168.160.132:8929'
        gitlab_rails['gitlab_shell_ssh_port'] = 2224
    ports:
      - '8929:8929'
      - '2224:2224'
    volumes:
      - './config:/etc/gitlab'
      - './logs:/var/log/gitlab'
      - './data:/var/opt/gitlab'

参考：https://blog.csdn.net/qq_50573146/article/details/125477985

[root@localhost gitlab_docker]# docker-compose up -d
[+] Running 2/2
 ⠿ Network gitlab_docker-default  Created                                                           0.2s
 ⠿ Container gitlab               Started                                                           1.4s
[root@localhost gitlab_docker]# docker-compose logs -f #查看日志

出现了错误：
修改：停止正在运行的镜像：

docker ps -a
docker stop 容器id
docker rm 容器id

防火墙问题：https://blog.csdn.net/tootsy_you/article/details/124500127

所有问题解决，现在查看滚动日志，然后等待，会有一定的启动时间：
在浏览器访问：
http://192.168.160.132:8929/
可能会出现下面这样：

不过不要慌，慢慢等。。。

然后这不就出现了，哈哈哈。。。

进入gitlab内部：

[root@localhost gitlab_docker]# docker exec -it gitlab bash
root@65fff652833e:/# 
root@65fff652833e:/# cat /etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
#          1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
#          2. Password hasn't been changed manually, either via UI or via command line.
#
#          If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password. Password: y/Ok+yL0GXifnE43g0wfZ8qkFPcEVE3E7q6SwmCx/HA=

# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.
root@65fff652833e:/# 

密码在上面打印出来了
然后修改密码如下图：

cnetos-jekins

jdk和maven安装

[root@localhost ~]# ls
anaconda-ks.cfg
[root@localhost ~]# rz -y

[root@localhost ~]# rz -y
[root@localhost ~]# ls
anaconda-ks.cfg  apache-maven-3.8.6-bin.tar.gz  jdk-8u251-linux-x64.tar.gz
[root@localhost ~]# 

tar -zxvf jdk-8u251-linux-x64.tar.gz -C /usr/local

因为宿主机不会去做什么编译操作，所以没有配置环境变量。。
若要配置请参考：https://blog.csdn.net/weixin_42548459/article/details/116792525

tar -zxvf apache-maven-3.8.6-bin.tar.gz -C /usr/local

[root@localhost ~]# cd /usr/local
[root@localhost local]# mv jdk1.8.0_251/ jdk/
[root@localhost local]# mv apache-maven-3.8.6/ maven/
[root@localhost local]# ls
bin  etc  games  include  jdk  lib  lib64  libexec  maven  sbin  share  src

[root@localhost local]# cd maven/
[root@localhost maven]# cd conf/
[root@localhost conf]# vi settings.xml 

然后配置settings.xml文件中的镜像源和jdk
可以参考：https://blog.csdn.net/lee_yanyi/article/details/124774038

jenkins安装

PS：我有些地方写的是jekins，是错误的写法，对的写法是jenkins

docker pull jenkins/jenkins:2.339

可以先去jekin官方的download里面找到docker，然后进入doukerhub中去找对应的版本下载。

[root@localhost ~]# cd /usr/local
[root@localhost local]# ls
bin  etc  games  include  jdk  lib  lib64  libexec  maven  sbin  share  src
[root@localhost local]# mkdir docker
[root@localhost local]# cd docker
[root@localhost docker]# mkdir jekins_docker
[root@localhost docker]# cd jekins_docker/
[root@localhost jekins_docker]# vi docker-compose.yml

version: "3.6"
services:
  jekins:
    image: jenkins/jenkins:2.339
    container_name: jekins
    ports:
      - 8080:8080
      - 50000:50000
    volumes:
      - ./data/:/var/jenkins_home/

root@localhost jekins_docker]# docker logs -f jekins

[root@localhost jekins_docker]# ls
data  docker-compose.yml
[root@localhost jekins_docker]# ll
total 4
drwxr-xr-x. 2 root root   6 Aug  2 08:12 data
-rw-r--r--. 1 root root 191 Aug  2 08:12 docker-compose.yml
[root@localhost jekins_docker]# chmod -R 777 data

浏览器访问jenkins：http://192.168.160.129:8080

密码就在日志里面（见上上面截图）

进入–》选择插件安装–》安装–》等待安装插件。。（有些可能会安装失败，不过不要紧）



这里选择继续，进去之后再选择安装

搜索Git Parameter和Publish Over SSH，选择Install without restart

配置jenkins

[root@localhost data]# cd /usr/local
[root@localhost local]# ls
bin  docker  etc  games  include  jdk  lib  lib64  libexec  maven  sbin  share  src
[root@localhost local]# cd docker/jekins_docker/
[root@localhost jekins_docker]# cd data
[root@localhost data]# pwd
/usr/local/docker/jekins_docker/data
[root@localhost data]# mv /usr/local/jdk/ ./
[root@localhost data]# mv /usr/local/maven/ ./

[root@localhost ~]# docker exec -it jekins bash
jenkins@7cf18e40f55d:/$ cd ~
jenkins@7cf18e40f55d:~$ pwd
/var/jenkins_home
jenkins@7cf18e40f55d:~$ ls
config.xml				      		   nodes
copy_reference_file.log			       plugins
hudson.model.UpdateCenter.xml		   secret.key
identity.key.enc			           secret.key.not-so-secret
jdk					                   secrets
jenkins.install.InstallUtil.installingPlugins  updates
jenkins.telemetry.Correlator.xml	       userContent
jobs					               users
maven					               war
nodeMonitors.xml
jenkins@7cf18e40f55d:~$ exit
exit

配置好后点击应用、保存

增加目标服务器如下图：

[root@localhost ~]# cd /usr/local
[root@localhost local]# mkdir test
[root@localhost local]# ls
bin  docker  etc  games  include  lib  lib64  libexec  sbin  share  src  test

简单走一下CI流程

IDEA创建一个SpringBoot项目：

只勾选web就行了，做一个简单的

package com.houlijuan.demo.controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public  class  TestController{
    
    @GetMapping("/test")
    public String test(){
    
        return "Hello Jenkins!!!";
    }
}

在之前的centos-gitlab的gitlab中创建一个空白项目


将代码推送至仓库中（如上图）

回到jenkins======新建Item
由于电脑原因跑下去了，后面截视频的图吧，卡得太厉害了。。。。。。。

docker exec -it jenkins bash
cd ~
cd workspace
ls  //有src和pom.xml文件

回到jenkins中：



把jar包推送至目标服务器：





https://hub.daocloud.io/


为了方便管理：


出现的问题：
jenkins就是8080端口，冲突了


运行起来了！！


后期需要修改，直接修改后推送到gitlab，然后在jenkins上重新构建即可！！

补充命令：删除为null的镜像

补充基础CD操作

sonarQube安装

docker pull postgres
docker pull sonarqube:8.9.6-community

cd /usr/local/docker
mkdir sonarque_docker
vi docker-compose.yml

version: '3.6'
services:
  db:
    image: postgres
    container_name: db
    ports:
      - 5432:5432
    networks:
      - sonarnet
    environment:
      POSTGRES_USER: sonar
      POSTGRES_PASSWORD: sonar
  sonarqube:
    image: sonarqube:8.9.6-community
    container_name: sonarqube
    depends_on:
      - db //不是容器名，是最上面那个
    ports:
      - 9000:9000
    networks:
      - sonarnet 
    environment:
      SONAR_JDBC_URL: jdbc:postgressql://db:5432/sonar
      SONAR_JDBC_USERNAME: sonar
      SONAR_JDBC_PASSWORD: sonar
networks:
  sonarnet:
    driver: bridge      

docker-compose up -d

错误修改：

vi /etc/sysctl.conf

sysctl -p
docker-compose up -d

Maven方式：



sonar-scanner方式：

mv ~/sonar-scanner ./ //就是/usr/local/docker/jenkins-docker/data
cd sonar-scanner
cd conf/
vi sonar-scanner.properties

jenkins整合sonarQube

错误：删除插件的残余

Harbor安装（镜像仓库）

github下载：

tar -zxvf harbor-offline-installer-v2.3.4.tgz -C /usr/local

cd usr/local/harbor
cp harbor.yml.tmpl harbor.yml

修改harbor.yml文件：

./install.sh

vi /etc/docker/daemon.json

{
    
	"insecure-registries":["192.168.11.102:80"]
}

docker tag 镜像ID 192.168.11.102:80/repo/mytest:v1.0.0

systemctl restart docker //重启docker，daemon.json文件才能生效
docker login -u admin -p Harbor12345 192.168.11.102:80
docker push 192.168.11.102:80/repo/mytest:v1.0.0

如果目标服务器要拉取镜像，命令为：

docker pull 192.168.11.102:80/repo/mytest:v1.0.0

把harbor整合到jenkins

首先，需要jenkins内部能直接使用宿主机上的docker，要修改文件权限：

cd /var/run

chmod o+rw docker.sock
ll
cd /usr/local/docker/jenkins/jenkins_docker/
ls
vi docker-compose.yml

version: "3.6"
services:
  jekins:
    image: jenkins/jenkins:2.339
    container_name: jekins
    ports:
      - 8080:8080
      - 50000:50000
    volumes:
      - ./data/:/var/jenkins_home/
      - /var/run/docker.sock:/var/run/docker.sock
      - /usr/bin/docker:/usr/bin/docker
      - /etc/docker/daemon.json:/etc/docker/daemon.json

docker-compose up -d
docker exec -it jenkins bash
docker version

shell中：

mv target/*.jar docker/
docker build -t mytest:$tag docker/
docker login -u admin -p Harbor12345 192.168.11.102:80
docker tag mytest:$tag 192.168.11.102:80/repo/mytest:$tag 
docker push 192.168.11.102:80/repo/mytest:$tag 

思路：在目标服务器编写一个脚本文件，能够接收jenkins传来的上图参数

vi deploy.sh
chmod a+x deploy.sh

horbar_addr=$1
horbar_repo=$2
project=$3
version=$4
port=$5

imageName=$horbar_addr/$horbar_repo/$project:$version
echo $imageName

运行测试：

./deploy.sh 192.168.11.102:80 repo mytest v3.0.0 8081

horbar_addr=$1
horbar_repo=$2
project=$3
version=$4
container_port=$5
host_port=$6

imageName=$horbar_addr/$horbar_repo/$project:$version
echo $imageName

containerId=`docker ps -a | grep ${
     project} | awk '{print $1}'`
echo $containerId

if [ "$containerId" != "" ] ; then
  docker stop $containerId
  docker rm $containerId
fi

tag= `docker images | grep ${
     project} | awk '{print $2}')`
echo $tag
  
if[[ "$tag"=~"$version" ]] ; then
  docker rmi $imageName
fi

docker login -u admin -p Harbor12345 $harbor_addr
docker pull $imageName
docker run -d -p $host_port:$container_port--name $project $imageName
echo "SUCESS"

jenkins流水线

//所有的脚本命令都放在pipeline中
pipeline{
    
	//指定任务在哪个集群节点中执行
	agent any
	//声明全局变量
	environment {
    
		key = 'value'
	}
	stages{
    
		stage('拉取git仓库代码'){
    
			steps{
    
				echo '拉取git仓库代码-SUCCESS'
			}
		}
		stage('通过maven构建项目'){
    
			steps{
    
				echo '通过maven构建项目-SUCCESS'
			}
		}
		stage('通过sonarqbe进行代码质量检测'){
    
			steps{
    
				echo '通过sonarqbe进行代码质量检测-SUCCESS'
			}
		}
		stage('通过docker制作自定义镜像'){
    
			steps{
    
				echo '通过docker制作自定义镜像-SUCCESS'
			}
		}
		stage('将自定义镜像推送到harbor中'){
    
			steps{
    
				echo '将自定义镜像推送到harbor中-SUCCESS'
			}
		}
		stage('通过Publis Over SSH通知目标服务器'){
    
			steps{
    
				echo '通过Publis Over SSH通知目标服务器-SUCCESS'
			}
		}
	}
}

pipeline也可以通过git方式部署，就是要在项目中添加一个名为Jenkinsfile的文件，如下图：

通知钉钉

在jenkins中去安装Dingtalk这样一个插件

Kubernates

官网介绍：https://kubernetes.io/zh-cn/docs/concepts/overview/what-is-kubernetes/

https://kuboard.cn/

https://kuboard.cn/install/history-k8s/install-k8s-1.19.x.html
上面的网址中有各种操作步骤，跟着步骤走就可以了。。

安装k8s管理工具

https://kuboard.cn/install/v3/install-in-k8s.html#%E6%96%B9%E6%B3%95%E4%B8%80-%E4%BD%BF%E7%94%A8-hostpath-%E6%8F%90%E4%BE%9B%E6%8C%81%E4%B9%85%E5%8C%96

一个pod里面运行一个nginx的容器

kubectl get namespace
kubectl create ns test
kubectl delete ns test

vi namespace-test.yml

apiVersion: v1
kind: Namespace
metadata:
  name: test

kubectl apply -f namespace-test.yml
kubectl get ns

kubectl get pods
kubectl get pods -A
kubectl get pod -n test

kubectl run nginx --image=nginx:latest
kubectl get pod -n default
kubectl decribe pod nginx

kubectl  delete pod nginx -n default\
kubectl run nginx --image=daocloud.io/library/nginx:1.9.1 -n test
kubectl get pod -n test

//从主机
kubectl  delete pod nginx -n test
kubectl run nginx --image=daocloud.io/library/nginx:1.9.1 -n test
kubectl get pod -n test

//Master
kubectl decribe pod nginx -n test
curl 10.100.162.196
kubectl logs -f nginx -n test
kubectl exec -it nginx -n test --bash

kubectl delete -f pod-nginx.yml

一个pod运行多个容器

vi pod-nginx-tomcat.yml

apiVersion: v1
kind: Pod
metadata:
  name: nginx-tomcat
  namespace: test
spec:
  containers:
    - image: daocloud.io/library/nginx:1.9.1
      name: nginx
    - image: daocloud.io/library/tomcat:8.5.57
      name: tomcat

kubectl apply -f pod-nginx-tomcat.yml
kubectl get pod -n test
kubectl decribe pod nginx-tomcat -n test

deployment管理pod

kubectl get deploy
kubectl get deploy -n test
kubectl create deployment deploy-nginx --image=daocloud.io/library/nginx:1.9.1
kubectl delete deployment deploy-nginx

kubectl create deployment deploy-nginx -n test --image=daocloud.io/library/nginx:1.9.1
kubectl get deploy -n test

kubectl apply -f deployment-nginx.yml

Service

kubectl expose deployment nginx-deployment --port=8888 --target-port=80 -n test
kubectl get service -n test

===============================

vi deployment-nginx.yml

Ingress操作

kubectl delete -f deployment-nginx.yml
vi deployment-nginx.yml

kubectl apply -f deployment-nginx.yml

hosts文件在：C:\Windows\System32\drivers\etc目录下

jenkins整合k8s

上图docker pull去掉，然后ip后面加上:80


先可以在master节点上试运行

==========================

添加目标主机为Master：




**centos-jenkins：**让jenkins无密码访问master

docker exec -it jenkins bash
cd ~
ls -a
cd .ssh
cat id_rsa.pub
//然后复制公钥内容

把刚刚复制的公钥粘贴在**authorized_keys(上面图片中写错了)**文件中，就可以实现两主机之间无密码连接了，很多集群也是这么做的！

自动化CI

【参考视频】https://www.bilibili.com/video/BV11u411z719