一、相关概念介绍:
持续(Continuous):不断地获取反馈、响应反馈
集成(Integration):编译、打包、测试
部署(Deployment):应用组件或基本设施的代码或配置变更在产品环境生效
发布(Release):具有业务影响的功能变化对最终用户可见
交付(Delivery):可以理解为从Deployment到Release之间的阶段,强调的是一种能力,开发有能力频繁部署,业务有能力随时发布
Jenkins:开源的、可扩展的、基于Web界面的持续集成平台
Git:开源的分布式版本控制系统
GitLab:用于仓库管理系统的开源项目,使用Git作为代码管理工具,并在此基础上搭建起来的Web服务
Maven:基于项目对象模型(POM)的项目管理及自动构建工具,用于编译源码并打包
Nexus:Maven私服
SonarQube:用于代码质量管理和检测的开源平台
Node.js:基于Chrome V8引擎的JavaScript运行环境
ZrLog:开源Java博客系统(编译打包发布后为zrlog-2.1.3.war)
二、准备工作(3个节点都需要执行如下操作):
1、演示环境:
IP |
操作系统 |
主机名 |
部署软件包 |
192.168.1.144 |
CentOS 7.6 x86_64 |
node1 |
JDK(jdk-8u221-linux-x64.tar.gz) Node.js(node-v12.10.0-linux-x64.tar.xz) Git(git-2.23.0.tar.xz) Maven(apache-maven-3.6.2-bin.tar.gz) Nexus(nexus-3.18.1-01-unix.tar.gz,端口8081,用户名:admin,密码:root@123) Jenkins(2.176.3,yum方式安装,端口8080,用户名:root,密码:root@123) |
192.168.1.145 |
CentOS 7.6 x86_64 |
node2 |
GitLab(12.2.5,yum方式安装,端口8000,用户名:root,密码:root@123) |
192.168.1.146 |
CentOS 7.6 x86_64 |
node3 |
JDK(jdk-8u221-linux-x64.tar.gz) Tomcat(apache-tomcat-8.5.45.tar.gz,端口8080,用户名:root,密码:root@123) MySQL(5.7.27,yum方式安装,端口3306,用户名:root,密码:123456) SonarQube(sonarqube-7.7.zip,端口9000,用户名:admin,密码:root@123) |
演示目标:修改本地ZrLog项目的源码,通过Git提交至GitLab,如果推送master分支的代码会触发Jenkins自动使用Maven构建项目,而推送dev分支的代码则不会触发Jenkins使用Maven构建项目,项目构建完成后通过SonarQube对代码进行质量管理和检测,最终发布至远程节点的Tomcat中自动解压执行
2、关闭SELinux和firewalld
3、配置epel源
4、配置节点时间同步
5、配置主机名
6、配置/etc/hosts文件:
# vim /etc/hosts
192.168.1.144 node1
192.168.1.145 node2
192.168.1.146 node3
7、下载所需软件包:
(1)JDK:https://www.oracle.com/technetwork/java/javase/downloads/index.html
(2)Node.js:http://nodejs.cn/download/
(3)Git:https://mirrors.edge.kernel.org/pub/software/scm/git/
(4)Maven:http://maven.apache.org/download.cgi
(5)Nexus:https://www.sonatype.com/download-oss-sonatype
(6)Tomcat:http://tomcat.apache.org/
(7)SonarQube:https://www.sonarqube.org/downloads/
(8)ZrLog:https://github.com/*4fzb/zrlog
备注:由于51CTO违禁词规则,请将上述*换成9,再进行访问
三、3个节点分别部署对应软件包:
1、node1和node3节点分别部署JDK:
(1)解压JDK:
# tar -xf jdk-8u221-linux-x64.tar.gz -C /usr/local
# cd /usr/local
# ln -sv jdk1.8.0_221 jdk
(2)配置JDK环境变量:
# vim /etc/profile.d/jdk.sh
export JAVA_HOME=/usr/local/jdk
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$JAVA_HOME/bin:$PATH
# . /etc/profile.d/jdk.sh
# echo $JAVA_HOME
(3)查看JDK版本信息:# java -version
2、node1节点部署Node.js:
(1)解压Node.js:
# tar -xf node-v12.10.0-linux-x64.tar.xz -C /usr/local
# cd /usr/local
# ln -sv node-v12.10.0-linux-x64 node
(2)配置Node.js环境变量:
# vim /etc/profile.d/node.sh
export NODE_HOME=/usr/local/node
export PATH=$NODE_HOME/bin:$PATH
export NODE_PATH=$NODE_HOME/lib/node_modules
# . /etc/profile.d/node.sh
# echo $NODE_HOME
(3)查看Node.js版本信息:# node -v
备注:如果不安装Node.js,之后在构建ZrLog项目,SonarQube Scanner执行扫描时会提示“ERROR: Failed to get Node.js version. No CSS files will be analyzed.”
3、node1节点部署Git:
(1)安装依赖软件包:
# yum -y install gcc perl-ExtUtils-MakeMaker curl-devel expat-devel gettext-devel openssl-devel zlib-devel
(2)编译安装Git:
# tar -xf git-2.23.0.tar.xz -C /usr/src
# cd /usr/src/git-2.23.0
# ./configure --prefix=/usr/local/git-2.23.0
# make && make install
# cd /usr/local
# ln -sv git-2.23.0 git
(3)配置Git环境变量:
# vim /etc/profile.d/git.sh
export PATH=/usr/local/git/bin:$PATH
# . /etc/profile.d/git.sh
(4)查看Git版本信息:# git --version
备注:yum方式安装的Git版本为1.8.3,版本太低
(5)创建本地用于存放ZrLog源码的目录:# mkdir -pv /projects
(6)初始化Git仓库,并克隆ZrLog源码:
# cd /projects
# git init
# git clone https://github.com/*4fzb/zrlog.git
备注:由于51CTO违禁词规则,请将上述*换成9,再进行代码克隆
# ls -a
# ls -a .git
# ls -a zrlog
4、node2节点部署GitLab:
(1)创建清华大学开源软件镜像站的yum仓库,下载速度快:
# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=GitLab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1
# yum clean all
# yum makecache
# yum repolist
(2)安装GitLab:# yum -y install gitlab-ce
(3)修改gitlab.rb配置文件:
# vim /etc/gitlab/gitlab.rb
注释代码:external_url 'http://gitlab.example.com'
新增代码:external_url 'http://192.168.1.145:8000'
新增代码:nginx['listen_port'] = 8000
# gitlab-ctl reconfigure
# gitlab-ctl status
# systemctl status gitlab-runsvdir.service
# ps aux | grep gitlab
# ss -tunlp | grep 8000
备注:可使用# gitlab-ctl help查看gitlab-ctl命令更为详细的用法
(4)配置GitLab开机自启:# systemctl enable gitlab-runsvdir.service
(5)浏览器访问http://192.168.1.145:8000,输入新密码root@123,点击“Change your password”:
登录:用户名root,密码root@123
(6)配置GitLab邮件服务:
# vim /etc/gitlab/gitlab.rb
修改如下代码:
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "834143808@qq.com"
gitlab_rails['smtp_password'] = "QQ邮箱授权码"
gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
新增代码:user['git_user_email'] = "834143808@qq.com"
新增代码:gitlab_rails['gitlab_email_from'] = '834143808@qq.com'
# gitlab-ctl reconfigure
(7)测试GitLab邮件服务是否正常:
# gitlab-rails console
irb(main):001:0> Notify.test_email('834143808@qq.com','GitLab Test','Hello GitLab').deliver_now
备注:Notify.test_email('接收方邮件地址','邮件标题','邮件内容').deliver_now,回车,测试发送
收取邮件:
(8)开启GitLab注册邮箱验证功能:
Admin Area --> Settings --> General --> Sign-up restrictions --> Expand --> 勾选“Send confirmation email on sign-up”--> Save changes
(9)配置GitLab用户名和邮箱:
右上角图标 --> Settings --> Profile --> Full name(qiuyue)--> Email(834143808@qq.com)--> Update profile settings
收取邮件,点击“Confirm your email address”:
重新登录:
右上角图标 --> Settings --> Profile --> Public email(834143808@qq.com)--> Update profile settings
右上角图标 --> Settings --> Emails --> 删除默认邮箱admin@example.com
(10)启用“允许来自钩子和服务对本地网络的请求”:
Admin Area --> Settings --> Network --> Outbound requests --> Expand --> 勾选“Allow requests to the local network from web hooks and services”--> Save changes
(11)创建GitLab项目:
填写项目名称为zrlog,Visibility Level为“Private”,点击“Create project”:
提示“创建SSH公钥”:
(12)创建SSH公钥:
node1节点生成密钥对:
# yum -y install openssh-clients
# ssh-keygen -t rsa -P ""
# ls -a ~/.ssh
复制id_rsa.pub文件中的内容
右上角图标 --> Settings --> SSH Keys --> 粘贴id_rsa.pub文件中的内容 --> Add key
收取邮件:
之前“创建SSH公钥”的提示已经消失:
(13)node1节点将本地zrlog项目源码推送至node2节点中的GitLab:
# git config --global user.name "qiuyue"
# git config --global user.email "834143808@qq.com"
# git config --global credential.helper store
# git config --global color.ui true
# git config --list
备注:命令# git config --global credential.helper store的作用是避免每次pull/push代码时输入用户名和密码
# cd /projects/zrlog
# git remote rename origin old-origin
# git remote add origin git@192.168.1.145:root/zrlog.git
# git push -u origin --all
# git push -u origin --tags
备注:上述执行的命令可参考如下页面
刷新此页面,zrlog项目的仓库不再为空仓库:
(14)创建dev分支,将本地zrlog项目源码推送至node2节点中的GitLab的dev分支:
# cd /projects/zrlog
# git branch
备注:默认为master分支
# git branch dev
# git checkout dev
备注:创建并切换到dev分支
# git branch
备注:现在默认为dev分支
# git push -u origin dev
刷新页面,已变为2个分支:
(15)创建“Access Tokens”:
右上角图标 --> Settings --> Access Tokens --> Name(zrlog)--> Scopes(api)--> Create personal access token
Access Tokens:nziSYx2sSMHmaDFs5x7Q
5、node1节点部署Maven:
(1)解压Maven:
# tar -xf apache-maven-3.6.2-bin.tar.gz -C /usr/local
# cd /usr/local
# ln -sv apache-maven-3.6.2 maven
(2)配置Maven环境变量:
# vim /etc/profile.d/maven.sh
export MAVEN_HOME=/usr/local/maven
export PATH=$MAVEN_HOME/bin:$PATH
# . /etc/profile.d/maven.sh
# echo $MAVEN_HOME
(3)查看Maven版本信息:# mvn -v
备注:Maven的部署依赖于JDK
6、node1节点部署Nexus:
(1)创建Nexus安装目录:# mkdir -pv /usr/local/nexus
(2)解压Nexus:
# tar -xf nexus-3.18.1-01-unix.tar.gz -C /usr/local/nexus
# cd /usr/local/nexus
备注:解压后会生成两个目录,分别为nexus-3.18.1-01和sonatype-work
# ln -sv nexus-3.18.1-01 nexus
(3)修改nexus-default.properties配置文件:
# vim /usr/local/nexus/nexus/etc/nexus-default.properties,修改如下代码:
application-host=0.0.0.0 --> application-host=192.168.1.144
备注:Nexus默认监听的端口号为8081
(4)创建Nexus启动用户nexus,并赋予对应权限:
# useradd nexus
# chown -R nexus.nexus /usr/local/nexus
(5)修改Nexus的启动用户为nexus:
# vim /usr/local/nexus/nexus/bin/nexus.rc,修改如下代码:
#run_as_user="" --> run_as_user="nexus"
(6)启动Nexus:
# ln -sv /usr/local/nexus/nexus/bin/nexus /usr/local/bin
# nexus start
备注:nexus脚本支持的参数为{ start | stop | run | run-redirect | status | restart | force-reload }
# ps aux | grep nexus
# ss -tunlp | grep 8081
# tail -100 /usr/local/nexus/sonatype-work/nexus3/log/nexus.log
备注:如果没有修改nexus.rc文件,启动Nexus前需要先su - nexus
(7)浏览器访问http://192.168.1.144:8081,点击右上角“Sign in”:
登录:用户名admin,默认密码保存在/usr/local/nexus/sonatype-work/nexus3/admin.password文件中,此处为b6873c5b-d8ee-4454-a17a-d99bc7f19f40
新密码为root@123
(8)修改系统文件描述符大小,并重启生效:
# ulimit -a
# vim /etc/security/limits.conf,末尾新增如下代码:
* soft nofile 65536
* hard nofile 65536
# reboot
# ulimit -a
(9)启动Nexus,并刷新页面:
# nexus start
# ps aux | grep nexus
# ss -tunlp | grep 8081
(10)配置Nexus开机自启:
# vim /etc/rc.d/rc.local
/usr/local/nexus/nexus/bin/nexus start
# chmod +x /etc/rc.d/rc.local
备注:如果没有修改nexus.rc文件,开机自启命令为su - nexus -c '/usr/local/nexus/nexus/bin/nexus start'
(11)修改Nexus中maven-central的仓库地址为阿里云仓库:
点击“maven-central”,将Remote storage中的地址https://repo1.maven.org/maven2/修改为http://maven.aliyun.com/nexus/content/groups/public/,点击“Save”:
备注:仓库类型
a、hosted:宿主仓库,用于发布内部项目的仓库,其中maven-releases用来存放releases版本jar包的仓库,maven-snapshots用来存放snapshots版本jar包的仓库
b、proxy:代理仓库,用于代理远程仓库
c、group:仓库组,通常包含了多个宿主仓库和代理仓库,其中maven-public为maven-central、maven-releases和maven-snapshots三个仓库的合集
(12)修改Nexus中maven-releases的Deployment policy为“Allow redeploy”:
(13)node1节点修改Maven配置文件:
# cd $MAVEN_HOME/conf
# cp settings.xml settings.xml.bak
# vim settings.xml
a、配置私服用户名密码,在<servers></servers>配置段中新增如下代码:
<servers>
<server>
<id>nexus-releases</id>
<username>admin</username>
<password>root@123</password>
</server>
<server>
<id>nexus-snapshots</id>
<username>admin</username>
<password>root@123</password>
</server>
</servers>
b、配置仓库地址,在<profiles></profiles>配置段中新增如下代码:
<profiles>
<profile>
<id>nexus</id>
<!--私服地址-->
<repositories>
<repository>
<id>nexus</id>
<url>http://192.168.1.144:8081/repository/maven-public/</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
<!--插件库地址-->
<pluginRepositories>
<pluginRepository>
<id>nexus</id>
<url>http://192.168.1.144:8081/repository/maven-public/</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>nexus</activeProfile>
</activeProfiles>
备注:http://192.168.1.144:8081/repository/maven-public/的来源如下图所示
(14)node1节点修改ZrLog源码中common/pom.xml配置文件:
# vim /projects/zrlog/common/pom.xml,注释如下代码:
<!--
<repositories>
<repository>
<id>ngnx</id>
<url>https://oss.sonatype.org/content/groups/public</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repositories>
-->
(15)node1节点修改ZrLog源码中pom.xml配置文件:
# vim /projects/zrlog/pom.xml,在</build></project>配置段中新增如下代码:
<distributionManagement>
<repository>
<id>nexus-releases</id>
<name>Nexus Releases</name>
<url>http://192.168.1.144:8081/repository/maven-releases/</url>
</repository>
<snapshotRepository>
<id>nexus-snapshots</id>
<name>Nexus Snapshots</name>
<url>http://192.168.1.144:8081/repository/maven-snapshots/</url>
</snapshotRepository>
</distributionManagement>
备注:
a、此处的id必须要与$MAVEN_HOME/conf/settings.xml中server下的id内容一致
b、http://192.168.1.144:8081/repository/maven-releases/的来源如下图所示
c、http://192.168.1.144:8081/repository/maven-snapshots/的来源如下图所示
(16)node1节点将修改推送至node2节点中的GitLab:
# cd /projects/zrlog
# git add .
# git status
# git commit -m "modify pom.xml"
# git push -u origin dev
# git status
刷新如下页面,dev分支页面内容均已更新:
http://192.168.1.145:8000/root/zrlog/blob/dev/pom.xml
http://192.168.1.145:8000/root/zrlog/blob/dev/common/pom.xml
master分支同理:
# git checkout master
# git branch
# vim /projects/zrlog/common/pom.xml,如上述注释代码
# vim /projects/zrlog/pom.xml,如上述在</build></project>配置段中新增代码
# git add .
# git status
# git commit -m "modify pom.xml"
# git push -u origin master
# git status
刷新如下页面,master分支页面内容也已更新:
http://192.168.1.145:8000/root/zrlog/blob/master/pom.xml
http://192.168.1.145:8000/root/zrlog/blob/master/common/pom.xml
(16)node1节点上传jar包至私服:
默认仓库为空:
# cd /projects/zrlog
# mvn clean deploy -Dmaven.test.skip=true
刷新页面http://192.168.1.144:8081/#browse/browse:maven-public
刷新页面http://192.168.1.144:8081/#browse/browse:maven-releases
(17)node1节点从私服下载jar包:
从https://mvnrepository.com/上任意找一个依赖,如https://mvnrepository.com/open-source/json-libraries
点击“Jackson Databind”:
选择版本,如2.9.9.3:
将上述红框中的代码复制至/projects/zrlog/pom.xml:
从私服下载之前本地没有此jar包:# find / -name jackson-databind-2.9.9.3.jar
# cd /projects/zrlog
# mvn clean deploy -Dmaven.test.skip=true
7、node3节点部署Tomcat:
(1)解压Tomcat:
# tar -xf apache-tomcat-8.5.45.tar.gz -C /usr/local
# cd /usr/local
# ln -sv apache-tomcat-8.5.45 tomcat
(2)配置Tomcat环境变量:
# vim /etc/profile.d/tomcat.sh
export CATALINA_HOME=/usr/local/tomcat
export PATH=$CATALINA_HOME/bin:$PATH
# . /etc/profile.d/tomcat.sh
# echo $CATALINA_HOME
# catalina.sh version
(3)创建Tomcat启动用户tomcat,并赋予对应权限:
# useradd tomcat
# chown -R tomcat.tomcat /usr/local/apache-tomcat-8.5.45
# chown -R tomcat.tomcat /usr/local/tomcat
(4)调整JVM使用的内存大小:
# vim /usr/local/tomcat/bin/catalina.sh
在首行#!/bin/sh下新增代码JAVA_OPTS='-server -Xms2048m -Xmx2048m'
备注:内存大小按实际情况调整,Server端JVM最好将-Xms和-Xmx设为相同值
(5)配置Tomcat访问权限:
# cd /usr/local/tomcat/conf
# cp tomcat-users.xml tomcat-users.xml.bak
# vim tomcat-users.xml,在<tomcat-users></tomcat-users>配置段中新增如下代码:
<role rolename="admin"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<role rolename="manager"/>
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="manager-status"/>
<user username="root" password="root@123" roles="admin,admin-gui,admin-script,manager,manager-gui,manager-script,manager-jmx,manager-status"/>
# vim /usr/local/tomcat/webapps/manager/META-INF/context.xml
注释如下代码:
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
(6)启动Tomcat:
# su - tomcat
$ catalina.sh configtest
$ catalina.sh start
$ ps aux | grep java
$ ss -tunlp | grep 8080
$ tail -100 /usr/local/tomcat/logs/catalina.out
(7)浏览器访问http://192.168.1.146:8080
点击右侧“Manager App”,用户名root,密码root@123
(8)配置Tomcat开机自启:
# vim /etc/rc.d/rc.local
export JAVA_HOME=/usr/local/jdk
su - tomcat -c '/usr/local/tomcat/bin/startup.sh'
# chmod +x /etc/rc.d/rc.local
8、node3节点部署MySQL:
(1)删除CentOS 7.6内置的MySQL相关组件:
# rpm -qa | grep -i mariadb --> mariadb-libs-5.5.60-1.el7_5.x86_64
# rpm -e --nodeps mariadb-libs-5.5.60-1.el7_5.x86_64
如果之前安装过MySQL,先卸载:# rpm -qa | grep -i mysql
如果存在/etc/my.cnf配置文件,先删除:# rm -rf /etc/my.cnf
(2)从http://repo.mysql.com/下载mysql57-community-release-el7.rpm
(3)安装mysql57-community-release-el7.rpm:# rpm -ivh mysql57-community-release-el7.rpm
备注:安装后会在/etc/yum.repos.d目录中生成mysql-community-source.repo和mysql-community.repo
(4)安装MySQL:
# yum -y install mysql-community-client mysql-community-libs mysql-community-common mysql-community-libs-compat mysql-community-devel mysql-community-server
(5)初始化MySQL:# mysqld --initialize --user=mysql --datadir=/var/lib/mysql
备注:初始化之前确保/var/lib/mysql目录为空
(6)修改/etc/my.cnf配置文件:
# mv /etc/my.cnf /etc/my.cnf.bak
# vim /etc/my.cnf
[mysqld]
port=3306
socket=/var/lib/mysql/mysql.sock
datadir=/var/lib/mysql
pid-file=/var/run/mysqld/mysqld.pid
log-error=/var/log/mysqld.log
lower_case_table_names=1
character_set_server=utf8mb4
collation_server=utf8mb4_general_ci
innodb_file_per_table=1
skip_name_resolve=1
slow_query_log=1
slow_query_log_file=mysql-slow.log
symbolic-links=0
explicit_defaults_for_timestamp=1
server_id=1
sync_binlog=1
innodb_flush_log_at_trx_commit=1
log_bin=mysql-bin
log_bin_index=mysql-bin.index
binlog_format=mixed
(7)启动MySQL服务:
# systemctl start mysqld.service
# systemctl status mysqld.service
# ps aux | grep mysqld
# ss -tunlp | grep 3306
# tail -100 /var/log/mysqld.log
(8)配置MySQL服务开机自启:# systemctl enable mysqld.service
(9)查看root@localhost用户的初始密码:# grep password /var/log/mysqld.log
(10)配置MySQL安全向导:# mysql_secure_installation
(11)创建ZrLog和SonarQube所需的数据库和用户:
# mysql -uroot -p
mysql> create database zrlog;
mysql> grant all on zrlog.* to 'zrlog'@'192.168.1.%' identified by '123456';
mysql> create database sonar default character set utf8;
mysql> grant all on sonar.* to 'sonar'@'192.168.1.%' identified by '123456';
mysql> flush privileges;
mysql> select user,host from mysql.user;
(17)node1节点配置ZrLog源码中的MySQL数据库连接信息:
# cd /projects/zrlog
# git branch
# rm -rf web/src/main/webapp/WEB-INF/install.lock
# vim web/src/main/webapp/WEB-INF/db.properties
(18)node1节点将修改推送至node2节点中的GitLab:
# cd /projects/zrlog
# git add .
# git status
备注:之前pom.xml中引用jackson-databind-2.9.9.3.jar时没有推送代码至GitLab
# git commit -m "modify db.properties"
# git push -u origin master
刷新master分支页面,内容已更新:
dev分支同理:
# git checkout dev
# git branch
# rm -rf web/src/main/webapp/WEB-INF/install.lock
# vim web/src/main/webapp/WEB-INF/db.properties,如上述修改代码
# git add .
# git status
# git commit -m "modify db.properties"
# git push -u origin dev
刷新dev分支页面,内容也已更新:
9、node3节点部署SonarQube:
(1)查看部署SonarQube的前置条件:
目前最新版本为7.9.1,必须JDK 11+,且不支持MySQL
https://docs.sonarqube.org/7.9/requirements/requirements/
此处使用的版本为7.7,只兼容JDK 8,并支持MySQL 5.6 or 5.7
https://docs.sonarqube.org/7.7/requirements/requirements/
(2)修改系统文件描述符大小,并重启生效:
# ulimit -a
# vim /etc/security/limits.conf,末尾新增如下代码:
* soft nofile 65536
* hard nofile 65536
# reboot
# ulimit -a
(3)修改系统参数值vm.max_map_count:
# vim /etc/sysctl.conf
vm.max_map_count = 262144
# sysctl -p
(4)解压SonarQube:
# yum -y install unzip
# unzip -qd /usr/local/ sonarqube-7.7.zip
# cd /usr/local
# ln -sv sonarqube-7.7 sonar
(5)配置SonarQube访问MySQL及Web相关信息:
# vim /usr/local/sonar/conf/sonar.properties,新增如下代码:
sonar.jdbc.username=sonar
sonar.jdbc.password=123456
sonar.jdbc.url=jdbc:mysql://192.168.1.146:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
sonar.web.host=192.168.1.146
sonar.web.context=/sonar
sonar.web.port=9000
备注:数据库名称为sonar
(6)创建SonarQube启动用户sonar,并赋予对应权限:
# useradd sonar
# chown -R sonar.sonar /usr/local/sonarqube-7.7
# chown -R sonar.sonar /usr/local/sonar
(7)启动SonarQube:
# ln -sv /usr/local/sonar/bin/linux-x86-64/sonar.sh /usr/local/bin
# su - sonar
$ sonar.sh start
$ sonar.sh status
$ ps aux | grep sonar
$ ss -tunlp | grep 9000
$ tail -100 /usr/local/sonar/logs/sonar.log
备注:sonar.sh脚本支持的参数为{ console | start | stop | restart | status | dump }
(8)浏览器访问http://192.168.1.146:9000/sonar,点击右上角“Log in”:
登录:用户名和密码均为admin
(9)修改admin用户的默认密码:
点击右上角“Administrator”--> My Account:
点击“Security”:
填写旧密码为admin,新密码为root@123,点击“Change password”:
(10)开启强制用户身份认证:
点击“Administration”--> Configuration --> Security --> 启用“Force user authentication”--> Save
(11)创建SonarQube项目:
项目名称:zrlog
点击“Generate”生成Token:
Token:a8a629f19768a1cf81c4ed772f294c5a17eec854
项目的主要语言:Java,项目的构建技术:Maven
(12)node1节点在项目根目录(pom.xml所在位置)执行上述红框中的代码进行代码分析:
# cd /projects/zrlog
mvn sonar:sonar \
-Dsonar.projectKey=zrlog \
-Dsonar.host.url=http://192.168.1.146:9000/sonar \
-Dsonar.login=a8a629f19768a1cf81c4ed772f294c5a17eec854
(13)刷新页面,查看代码分析结果:
10、node1节点部署Jenkins:
(1)下载Jenkins仓库:
# yum -y install wget
# wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
# cat /etc/yum.repos.d/jenkins.repo
# rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
(2)下载Jenkins:# yum -y install jenkins
备注:也可以从https://jenkins.io/zh/download/下载jenkins.war,然后将war包部署于Tomcat的webapps目录下启动
(3)修改启动脚本,并使其生效:
# which java
# vim /etc/init.d/jenkins,在/usr/bin/java下新增代码:/usr/local/jdk/bin/java
# systemctl daemon-reload
(4)启动Jenkins:
# systemctl start jenkins.service
# systemctl status jenkins.service
# ps aux | grep jenkins
# ss -tunlp | grep 8080
备注:安装后生成的文件和目录
a、配置文件:/etc/sysconfig/jenkins
b、监听端口:8080
c、war包位置:/usr/lib/jenkins/jenkins.war
d、缓存目录:/var/cache/jenkins
e、安装目录:/var/lib/jenkins
f、日志文件:/var/log/jenkins/jenkins.log
g、启动用户:jenkins
(5)配置Jenkins开机自启:# systemctl enable jenkins.service
(6)浏览器访问http://192.168.1.144:8080
默认密码保存在/var/lib/jenkins/secrets/initialAdminPassword文件中,此处为d81df2baa4e84f08b802a1baf3660232
安装推荐的插件:
登录:用户名root,密码root@123
(7)Jenkins安装指定插件:
Manage Jenkins --> Manage Plugins --> Available --> 安装Deploy to container Plugin、GitLab Plugin、Maven Integration plugin、NodeJS Plugin、Publish Over SSH、SonarQube Scanner for Jenkins插件
备注:下载的插件存放于/var/lib/jenkins/plugins目录下
# systemctl restart jenkins.service
刷新页面:
备注:界面语言自动变为简体中文
(8)系统管理 --> 全局安全配置:
勾选“允许用户注册”和“匿名用户具有可读权限”:
取消勾选“防止跨站点请求伪造”,点击“保存”:
(9)系统管理 --> 全局工具配置:
Maven配置:
JDK:
Git:
SonarQube Scanner:
Maven:
NodeJS:
最后点击“保存”
(10)系统管理 --> 系统设置:
Maven项目配置:
全局属性:
SonarQube servers:
Secret处填写SonarQube的Token:a8a629f19768a1cf81c4ed772f294c5a17eec854
Gitlab:
API token处填写GitLab的Token:nziSYx2sSMHmaDFs5x7Q
Jenkins Location:
Git plugin:
Extended E-mail Notification:
Extended E-mail Notification插件无论项目构建成功与否都会发送邮件,而“邮件通知”插件只有在项目构建不稳定或项目构建失败时发送邮件
Publish over SSH:
node1节点执行如下命令:
# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.1.146
# ssh root@192.168.1.146 'hostname'
Key处填写node1中~/.ssh/id_rsa的私钥内容
最后点击“保存”
四、Jenkins创建新任务:
General:
源码管理:
Username为git,Key处填写node1中~/.ssh/id_rsa的私钥内容
构建触发器:
GitLab webhook URL:http://192.168.1.144:8080/project/zrlog
Secret token:bb9547d853de09897f0d5ae8fff7c4c8
配置GitLab webhook:
构建环境:
Pre Steps保持默认
Build:
Post Steps:
Analysis properties:
sonar.projectKey=zrlog
sonar.projectName=zrlog
sonar.projectVersion=1.0
sonar.sources=./common/src,./data/src,./service/src,./web/src
sonar.java.binaries=./common/target/classes,./data/target/classes,./service/target/classes,./web/target/classes
sonar.language=java
sonar.sourceEncoding=UTF-8
sonar.login=admin
sonar.password=root@123
备注:sonar.sources表示存放.java文件的目录,sonar.java.binaries表示存放.class文件的目录,不同项目文件的存放位置可能不同
构建设置保持默认
构建后操作:
Editable Email Notification:
Deploy war/ear to a container:
conf/tomcat-users.xml文件中配置的用户名和密码
Send build artifacts over SSH:
Exec command:
su - tomcat -c "/usr/local/tomcat/bin/shutdown.sh"
sleep 5
cd /usr/local/tomcat/webapps
mv zrlog /tmp/zrlog_`date +%F_%T` &> /dev/null
mv zrlog-*.war /tmp
mv zrlog-* zrlog
su - tomcat -c "/usr/local/tomcat/bin/startup.sh"
最后点击“保存”
五、Jenkins构建新任务:
手动构建:
点击“立即构建”:
点击“控制台输出”:
将/var/lib/jenkins/workspace/zrlog/target/zrlog-2.1.3.war部署至远程node3节点的Tomcat中自动解压执行
收取邮件:
查看Nexus:
查看SonarQube:
安装ZrLog:
浏览器访问http://192.168.1.146:8080/zrlog
管理员账号:root,管理员密码:root@123
“点击查看”,显示主页:
点击“管理”,登录后显示后台管理:
ZrLog目录结构比较:
Git源码目录:
Jenkins工作目录:
编译打包发布后的目录:
GitLab测试Webhook:
测试成功,返回“HTTP 200”:
已触发自动构建:
收取邮件:
查看SonarQube:
node1节点修改dev分支源码并推送至node2节点中的GitLab不会触发自动构建:
# cd /projects/zrlog
# git checkout dev
# git branch
# echo "dev branch" > README.md
# git add .
# git commit -m "modify README.md"
# git push -u origin dev
node1节点修改master分支源码并推送至node2节点中的GitLab会触发自动构建:
# cd /projects/zrlog
# git checkout master
# git branch
# echo "master branch" > README.md
# git add .
# git commit -m "modify README.md"
# git push -u origin master
收取邮件:
查看SonarQube:
所有页面最终效果如下所示:
GitLab:
Nexus:
SonarQube:
Jenkins: