相关系列文章:
1、Docker+Harbor私有仓库快速搭建
2、Docker+Jenkins+Harbor
3、Docker安装Mysql、Redis、nginx、nacos等环境
1、jenkins构建前端并上传服务器
在这篇文章中(Docker+Jenkins+Harbor)未完成前端的远程部署,这里对前端vue工程进行编译打包并上传远程服务器。
1-1 jenkins安装nodejs和nodejs插件
1-2 前端编译流水线语法
stage('编译前端工程') {steps {dir("${env.WORKSPACE}/infra-portal"){nodejs('Nodejs14') {sh '''npm -vnpm config set registry https://registry.npm.taobao.orgnpm config set sass_binary_site=https://npm.taobao.org/mirrors/node-sassrm -rf dist/npm install && npm run build'''sh "tar -zcvf dist-${env.TAG}.tar.gz dist/*"echo '打包完成'}}}
}
1-3 jenkins免密登陆配置
jenkins服务器执行ssh-keygen -t rsa生成密钥对,遇到卡顿地方直接回车即可
ssh-keygen -t rsa
远程服务器(需要免密登陆的服务器)在/root/.ssh路径下会生成authorized_keys文件
执行下面代码将jenkins服务器生成的id_rsa.pub(公钥)内容复制到authorized_keys文件下:
# 复制到远程服务器
ssh-copy-id root@192.168.88.9
# 重启远程服务器的SSH
systemctl restart sshd
# 设置权限
chmod 700 /root/.ssh
chmod 644 authorized_keys
chmod 644 known_hosts
# 验证,不需要密码登陆
ssh 192.168.88.9
ps: 根据网上其他人的文章到这一步也就完成,但我这边不成功,还是需要密码才能登陆,我这边重启了服务器才成功
1-4 jenkins配置全局凭证并远程部署
添加SSH凭证,配置前面1-3生成的id_rsa私钥内容
username:远程服务器名
Private Key: 私钥文件(id_rsa)
# 流水线语法,credentialsId为创建的凭证随机生成的ID,也可以自定义生成ID
stage('上传远程服务器') {steps {dir("${env.WORKSPACE}/infra-portal"){withCredentials([sshUserPrivateKey(credentialsId: '48a060e5-74f0-4193-90d7-a8b6a7fdbab3', keyFileVariable: 'identity', usernameVariable: 'root')]) {sh 'ssh -T -o StrictHostKeyChecking=no root@192.168.88.9'sh 'scp -P 22 -o StrictHostKeyChecking=no dist-v1.0.0.tar.gz root@192.168.88.9:/home/'echo '上传成功'}}}}
ps: 若主机可以免登陆但容器内不行,构建时报错:Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
远程连接失败需要密码可尝试以下步骤:
# 远程连接失败可能是由于容器内.ssh文件夹没有相关密钥,<container_name>为容器名,复制密钥到容器内
docker cp /root/.ssh <container_name>:/root/.ssh
# 以root进入jenkins容器下
docker exec -u root -it <container_name> bash
# 复制 Root 用户的 .ssh 目录到 Jenkins 用户的 home 目录
cp -r /root/.ssh /var/jenkins_home/
# 更改文件的所有者为 Jenkins 用户
chown -R jenkins:jenkins /var/jenkins_home/.ssh
1-5 Jenkinsfile完整代码
//harbor地址
def harbor_url="192.168.88.20:9002"
//镜像库的名称
def harbor_project="infra"
//Harbor的凭证
def harbor_auth = "9ed86288-cf38-4533-86ca-792b934452f9"
// 远程连接凭证
def remote_auth = "48a060e5-74f0-4193-90d7-a8b6a7fdbab3"
// 远程服务器
def remote_addr = "root@192.168.88.9"// 镜像
def authImage = "${harbor_url}/${harbor_project}/infra-auth:${env.TAG}"
def businessImage = "${harbor_url}/${harbor_project}/infra-business:${env.TAG}"
def gatewayImage = "${harbor_url}/${harbor_project}/infra-gateway:${env.TAG}"
def vue_dist = "dist-${env.TAG}.tar.gz"
pipeline {agent anytools {// jenkins全局工具配置配置的maven和jdkmaven 'apache-maven-3.9.2'jdk 'jdk1.8.0_291'}stages {stage('拉取代码') {steps {echo '相关环境变量'sh "printenv"echo '-------------------------------------'git 'https://gitee.com/dalao708/infra.git'echo '拉取成功'}}stage('编译前端工程') {steps {dir("${env.WORKSPACE}/infra-portal"){nodejs('Nodejs14') {sh '''npm -vnpm config set registry https://registry.npm.taobao.orgnpm config set sass_binary_site=https://npm.taobao.org/mirrors/node-sassrm -rf dist/npm install && npm run build'''sh "tar -zcvf ${vue_dist} dist/*"echo '打包完成'}}}}stage('上传远程服务器') {steps {dir("${env.WORKSPACE}/infra-portal"){withCredentials([sshUserPrivateKey(credentialsId: "${remote_auth}", keyFileVariable: 'identity', usernameVariable: 'root')]) {sh "ssh -T -o StrictHostKeyChecking=no ${remote_addr}"sh "scp -P 22 -o StrictHostKeyChecking=no ${vue_dist} ${remote_addr}:/home/nginx/www/infra/"sh "rm -rf ${vue_dist}"echo '上传成功'}}}}stage('清理maven库') {steps {dir("${env.WORKSPACE}"){sh "rm -rf /var/jenkins_home/.m2/repository/com/infra/server/*"echo '清理maven库完成'}}}stage('构建基础工程') {steps {dir("${env.WORKSPACE}/infra-server"){sh "mvn -Dmaven.test.skip=true clean install"//编译,安装公共工程sh "mvn -f infra-support -Dmaven.test.skip=true clean install"echo '构建基础工程'}}}stage('编译&构建镜像') {steps {dir("${env.WORKSPACE}/infra-server"){sh "mvn -f infra-auth -Dmaven.test.skip=true clean package dockerfile:build"sh "mvn -f infra-business -Dmaven.test.skip=true clean package dockerfile:build"sh "mvn -f infra-gateway -Dmaven.test.skip=true clean package dockerfile:build"echo '编译&构建镜像完成'sh "docker tag infra-auth ${authImage}"sh "docker tag infra-business ${businessImage}"sh "docker tag infra-gateway ${gatewayImage}"echo '镜像打标签完成'}}}stage('上传Harbor') {steps {withCredentials([usernamePassword(credentialsId: "${harbor_auth}", passwordVariable: 'password', usernameVariable: 'username')]) {//登录到Harborsh "docker login -u ${username} -p ${password} ${harbor_url}"//镜像上传sh "docker push ${authImage}"sh "docker push ${businessImage}"sh "docker push ${gatewayImage}"sh "echo 镜像上传成功"//删除本地镜像sh "docker rmi -f ${authImage}"sh "docker rmi -f ${businessImage}"sh "docker rmi -f ${gatewayImage}"sh "docker rmi -f infra-auth"sh "docker rmi -f infra-business"sh "docker rmi -f infra-gateway"sh "echo 删除本地镜像成功"}}}}
}
2、部署项目
2-1 测试是否能正常从harbor拉取镜像
docker pull 192.168.88.20:9002/infra/infra-gateway:v1.0
报错:Error response from daemon: Get “https://192.168.88.20:9002/v2/”: http: server gave HTTP response to HTTPS client
解决:
vim /etc/docker/daemon.json
# 内容如下,保存并退出
{"insecure-registries": ["192.168.88.20:9002"]
}
# 重新加载daemon
systemctl daemon-reload
# 重启docker
systemctl restart docker
报错:Error response from daemon: unauthorized: unauthorized to access repository: infra/infra-gateway, action: pull: unauthorized to access repository: infra/infra-gateway, action: pull
解决:
# 登陆再拉取
docker login 192.168.88.20:9002 -u admin -p Harbor12345
2-2 编写docker-compose.yaml
# 前面安装mysql集群时候已经安装了docker swarm集群
# node1上创建docker-compose.yaml文件
mkdir /opt/infra
cd /opt/infra
vim docker-compose.yaml
version: '3.8'
services:infra-gateway:image: 192.168.88.20:9002/infra/infra-gateway:v1.0.0 # 拉取Harbor中拉取镜像environment:- SPRING_PROFILES_ACTIVE=prodports:- "9000:9000"deploy:replicas: 1 # 部署1个副本endpoint_mode: vip # 使用默认的vip方式进行服务访问volumes:- gateway-data:/app/datainfra-auth:image: 192.168.88.20:9002/infra/infra-auth:v1.0.0environment:- SPRING_PROFILES_ACTIVE=prodports:- "9001:9001"deploy:replicas: 1 endpoint_mode: vip volumes:- auth-data:/app/datainfra-business:image: 192.168.88.20:9002/infra/infra-business:v1.0.0environment:- SPRING_PROFILES_ACTIVE=prodports:- "9002:9002"deploy:replicas: 1 endpoint_mode: vip volumes:- business-data:/app/datavolumes:gateway-data:auth-data:business-data:
2-3 启动&停止
docker compose up -d
其他命令:
# 检查docker-compose.yaml文件的命令是否正确
docker compose config -q
# 停止服务
docker compose down -v
2-4 其他
- 前端vue项目工程只需要构建完放到服务器上,nginx做映射即可,其实也可以直接通过jenkins做完这一切,上传到服务器后直接解压到指定目录
- 部署过程中可能会遇到很多问题,如虚拟机的设置的内存或者硬盘不足导致服务启动失败,需要检查看看。项目本身问题,如整合了redis集群,项目本地是单机的,需要检查一下redisConfig类是否有做动态切换等
- 构建镜像后运行时报找不到app.jar,找不到主类等,则项目中参考以下配置一下:
<plugin><groupId>org.springframework.boot</groupId><artifactId>spring-boot-maven-plugin</artifactId><version>2.4.1</version><executions><execution><phase>package</phase><goals><goal>repackage</goal></goals></execution></executions><configuration><includeSystemScope>true</includeSystemScope><mainClass>com.infra.server.AuthRun</mainClass></configuration></plugin>