Gitlab+Jenkins学习之路(十四)之自动化脚本部署实践

一、环境说明和准备

1、环境说明

主机名 IP地址 角色 系统
deploy-server 192.168.56.12 发布 Centos 7.4
web 192.168.56.13 web服务器,nfs服务器 Centos 7.4

2、服务器准备工作

(1)发布机前期准备

a.增加普通用户并配置密码
[root@deploy-server ~]# useradd www
[root@deploy-server ~]# id www
uid=1000(www) gid=1000(www) groups=1000(www)
[root@deploy-server ~]# passwd www
[root@deploy-server ~]# yum install -y git tree
b.创建部署需要的目录并初始化git目录
[root@deploy-server ~]# mkdir -pv /deploy/{code/{www,jxs,wap,gys,glzx,yyzx},config,tar,tmp}
[root@deploy-server ~]# chown -R www.www /deploy
[www@deploy-server ~]$ tree /deploy
/deploy
├── code
│   ├── glzx
│   ├── gys
│   ├── jxs
│   ├── wap
│   ├── www
│   └── yyzx
├── config
├── tar
└── tmp
[www@deploy-server ~]$ cd /deploy/code/www && git init
c.创建配置文件config.php
[www@deploy-server ~]$ vim /deploy/config/config.php 
this is config.php
[www@deploy-server ~]$ tree /deploy
/deploy
├── code
│   ├── glzx
│   ├── gys
│   ├── jxs
│   ├── wap
│   ├── www
│   └── yyzx
├── config
│   └── config.php
├── tar
└── tmp
d.配置发布机和目标机的ssh通信
[www@deploy-server deploy]$ cat /home/www/.ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDzM3AW6/X+djvKJTsdFbY3ik+mlradxpD3COoTP5h6x509unksuCdduV7awPjEGHvK2GVjJmvckxdvLkMc23p7bsctHlturPN2VozJTrYwXMAbmxf97cKE/fpKhjPXG8HlWBLpEaTM8PITgvdcyaeAUaIN+/h5VrA8TZKFAgbxDLxtgwqPzYIG9nqCO7MMCgzhJxI6PDQ6KVU9rHal/p4XKTIy4Rq4FzZTav2tS4zNJ7kX9+e6EO0JTooPanJXBTltLOJJsKxnlA7tc20rq6+0XVqbUBKYahL/8ZzkxZozNrNq7wtIuuJo0WTDFzDdPcJyAGlRWLuwct7y4p4UApVz www@deploy-server

[www@deploy-server ~]$ ssh-copy-id www@192.168.56.13
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/www/.ssh/id_rsa.pub"
The authenticity of host '192.168.56.13 (192.168.56.13)' can't be established.
ECDSA key fingerprint is SHA256:ahG6dBy/Z1nUIUWhQQrylsiwBlnDKC/jz8rnaPU2eF0.
ECDSA key fingerprint is MD5:6e:58:0b:02:1c:a4:41:51:e8:7d:33:4d:46:bb:a0:68.
Are you sure you want to continue connecting (yes/no)? yes
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
www@192.168.56.13's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'www@192.168.56.13'"
and check to make sure that only the key(s) you wanted were added.

[www@deploy-server ~]$ ssh 192.168.56.13
Last login: Fri Nov  2 18:01:02 2018
[www@web ~]$ 
e.将ssh公钥复制到github或gitlab

(2)web服务器准备

a.部署NFS服务器
[root@web ~]# yum install -y nfs-utils rpcbind
[root@web ~]# vim /etc/exports
/nas/www 192.168.56.0/24(rw,sync,no_root_squash)
/nas/jxs 192.168.56.0/24(rw,sync,no_root_squash)
/nas/wap 192.168.56.0/24(rw,sync,no_root_squash)
/nas/glzx 192.168.56.0/24(rw,sync,no_root_squash)
/nas/yyzx 192.168.56.0/24(rw,sync,no_root_squash)
/nas/gys 192.168.56.0/24(rw,sync,no_root_squash)
[root@web ~]# systemctl start rpcbind
[root@web ~]# systemctl start nfs
[root@web ~]# showmount -e
Export list for web:
/nas/gys  192.168.56.0/24
/nas/yyzx 192.168.56.0/24
/nas/glzx 192.168.56.0/24
/nas/wap  192.168.56.0/24
/nas/jxs  192.168.56.0/24
/nas/www  192.168.56.0/24
b.挂载共享目录
[root@web ~]# mkdir /webroot/{www,jxs,wap,gys,glzx,yyzx}
[root@web ~]# chown -R www.www /webroot
[root@web ~]# mount -f nfs 192.168.56.13:/nas/www /webroot/www
[root@web ~]# df -h
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/centos-root   18G  1.7G   16G  10% /
devtmpfs                 482M     0  482M   0% /dev
tmpfs                    493M     0  493M   0% /dev/shm
tmpfs                    493M  6.8M  486M   2% /run
tmpfs                    493M     0  493M   0% /sys/fs/cgroup
/dev/sda1                497M  171M  326M  35% /boot
tmpfs                     99M     0   99M   0% /run/user/0
192.168.56.13:/nas/www    18G  1.7G   16G  10% /webroot/www
c.部署nginx+php
[root@web ~]# useradd www
[root@web ~]# passwd www
[root@web ~]# yum install -y nginx php php-fpm
[root@web ~]# vim /etc/nginx/nginx.conf
user www;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;


}
[root@web ~]# mkdir /data/web -pv && chown -R www.www /data
[root@web ~]# vim /etc/nginx/nginx.conf
server {
        listen 80;
        server_name  localhost;

        root /data/web/www;
        index index.php index.htm index.html;
        client_max_body_size 20m;
        location / {
                proxy_read_timeout 150;
                try_files $uri $uri/ /index.php;
        }

        location ~* .*\.php$ {
                #try_files     $uri =404;
                include fastcgi_params;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_split_path_info       ^(.+\.php)(/.+)$;
                fastcgi_param PATH_INFO       $fastcgi_path_info;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }
}
[root@web ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web ~]# systemctl start nginx
[root@web ~]# vim /etc/php-fpm.d/www.conf 
user www
group www
....
[root@web ~]# php-fpm -t
[03-Nov-2018 10:16:18] NOTICE: configuration file /etc/php-fpm.conf test is successful
[root@web ~]# systemctl start php-fpm
[root@web ~]# curl localhost -I
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sat, 03 Nov 2018 02:16:36 GMT
Content-Type: text/html
Content-Length: 35
Last-Modified: Sat, 03 Nov 2018 02:07:00 GMT
Connection: keep-alive
ETag: "5bdd02c4-23"
Accept-Ranges: bytes

二、发布脚本编写

1、自动化部署流程设计

  1. 发布机获取代码(直接拉取),从svn或git仓库进行拉取
  2. 发布机编译代码(可选,java语言需要编译,PHP无需编译)
  3. 将配置文件拷贝到代码文件(由于配置文件有数据库等机密信息,需要独立处理)
  4. 代码打包(将代码进行压缩打包)
  5. SCP到目标服务器目录
  6. 将目标服务器移除集群
  7. 在目标服务器上进行解压传过来的代码
  8. 解压后,对代码根目录进行软链接到刚才的目录文件,实现版本链接
  9. 重启(可选,tomcat需要重启)
  10. 测试
  11. 加入集群

2、自动化部署脚本编写

#!/bin/bash

#deploy-server create dir as root
#[ -d /deploy ] && mkdir -pv /deploy/{code/web-demo,config,tar,tmp} && chown -R www.www /deploy

#node-server create dir as root
#[ -d /data ] && mkdir -pv /data/web && chown -R www.www /data
#nfs dir /nas/www mount to /webroot

#Node List
NODE="192.168.56.13"

#Shell ENV
SHELL_NAME="deploy.sh"
SHELL_DIR="/home/www"
SHELL_LOG="${SHELL_DIR}/${SHELL_NAME}.log"

#Code ENV
PRO_NAME="www"
CODE_DIR="/deploy/code/www"
CONFIG_DIR="/deploy/config"
TMP_DIR="/deploy/tmp"
TAR_DIR="deploy/tar"
LOCK_FILE="/tmp/deploy.lock"

#Date/Time ENV
LOG_DATE='date "+%Y-%m-%d"'
LOG_TIME='date "+%H-%M-%S"'

CDATE=$(date "+%Y-%m-%d")
CTIME=$(date "+%H-%M-%S")

useage(){
    echo $"Useage: $0 { deploy |rollback [ list | version ] }"
}

url_test(){
    URL=$1
    curl -s --head $URL |grep '200 OK'
    if [ $? -ne 0 ];then
    	shell_unlock;
    	writelog "test error" && exit;
    fi
}

writelog(){
    LOGINFO=$1
    echo "${CDATE} ${CTIME}: ${SHELL_NAME} : ${LOGINFO} " >> ${SHELL_LOG}
}

code_get(){
	writelog "code_get";
	cd ${CODE_DIR} && git pull git@github.com:kin08200/learngit.git
	cp -r ${CODE_DIR} ${TMP_DIR}
	API_VERL=$(git show |grep commit |cut -d ' ' -f2 )
    	API_VER=$(echo ${API_VERL:0:6})
	echo $API_VER
}

code_config(){
	writelog "code_config"
	/bin/cp -r ${CONFIG_DIR}/* ${TMP_DIR}/${PRO_NAME}
    	PKG_NAME=${PRO_NAME}_"${API_VER}"_"${CDATE}-${CTIME}"
    	cd ${TMP_DIR} && mv ${PRO_NAME} ${PKG_NAME}
}

code_tar(){
	writelog "code_tar"
	cd ${TMP_DIR} && tar -czf ${PKG_NAME}.tar.gz ${PKG_NAME}
    	writelog "${PKG_NAME}.tar.gz"
}

code_scp(){
	writelog "code_scp"
	scp ${TMP_DIR}/${PKG_NAME}.tar.gz $NODE:/webroot/www
}

code_deploy(){
	writelog "code_deploy"
	ssh $NODE "cd /webroot/www && tar -zxf ${PKG_NAME}.tar.gz"
	ssh $NODE "rm -rf /data/web/www && ln -s /webroot/www/${PKG_NAME} /data/web/www"
}

code_test(){
	url_test "http://192.168.56.13"
}

rollback_fun(){
	ssh $NODE "rm -rf /data/web/www && ln -s /webroot/www/$1 /data/web/www"   
}

rollback(){
	if [ -z $1 ];then
    	shell_unlock;
        echo "Please input rollback version." && exit;
    	fi
    	case $1 in 
    	    list)
    		ls -l /deploy/tmp/*.tar.gz
    		;;
    	    *)
    		rollback_fun $1
         	;;
        esac
}


shell_lock(){
	touch ${LOCK_FILE}
}

shell_unlock(){
	rm -f ${LOCK_FILE}
}

main(){
    if [ -f ${LOCK_FILE} ];then
        echo "Deploy is running" && exit
    fi
    DEPLOY_METHOD=$1
    ROLLBACK_VER=$2
    case $DEPLOY_METHOD in
        deploy)
            shell_lock;
	    code_get;
  	    code_config;
	    code_tar;
    	    code_scp;
	    code_deploy;
	    code_test;
	    shell_unlock;
	    ;;
	rollback)
	    shell_lock;
	    rollback $ROLLBACK_VER;
	    shell_unlock;
	    ;;
   	*)
	    useage;
	    ;;
    esac
}

main $1 $2

三、发布测试

1、开发机和github添加ssh信任

[www@localhost ~]$ cat .ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+ta7tkljnIgqvgEugQvIfVxH/a+geX250ZhOpe+14Q8EBQSI+qGyXCeihln+0aQpzIERvNBZ7JjWCg5XeQlgPBgCmqoQKNTWl/NUBT+uY/NY9fIGdRCVBvVcDC554Be48zB57mtapKQEkqm/8kmq7sPRQDv98l5wvFvYOPxocmjnioDZr3GeYmgdFPNJ5WGg6yY29IHXgh2v3eCXLwX2Z2eUdKCpV1LS42wdAN8TqHFCEmthREIq2r86ZKPOovD6Micq7wa2yJqtA/hkv+DvEhRzOIVznfW5EptOyKYcittGu63JGMSbCr1uCdW7PLUQ8aIWDDlip+/EcIt0KkuJJ www@localhost.localdomain

2、克隆项目到开发机进行开发测试

[www@localhost ~]$ mkdir dev && cd dev
[www@localhost dev]$ git clone git@github.com:kin08200/learngit.git
[www@localhost dev]$ ll
total 4
drwxrwxr-x 3 www www 4096 Nov  2 22:02 learngit
[www@localhost dev]$ cd learngit

3、修改index.html文件

[www@localhost learngit]$ ll
total 8
-rw-rw-r-- 1 www www  0 Nov  2 04:31 123
-rw-rw-r-- 1 www www 35 Nov  2 22:02 index.html
-rw-rw-r-- 1 www www 80 Nov  2 04:31 readme.txt
[www@localhost learngit]$ echo "<h1> welcome to Beijing </h1>" > index.html

4、提交代码

[www@localhost learngit]$ git add .
[www@localhost learngit]$ git commit -m "modify index.html"
[www@localhost learngit]$ git push origin master

5、发布代码

[www@deploy-server ~]$ ./deploy.sh deploy
remote: Enumerating objects: 5, done.
remote: Counting objects: 100% (5/5), done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 3 (delta 0), pack-reused 0
Unpacking objects: 100% (3/3), done.
From github.com:kin08200/learngit
 * branch            HEAD       -> FETCH_HEAD
Updating 9a781b2..683a440
Fast-forward
 index.html | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
683a44
www_683a44_2018-11-03-10-06-56.tar.gz                                                                                                                      100%   22KB   9.3MB/s   00:00    
HTTP/1.1 200 OK

6、测试访问

[www@deploy-server ~]$ curl 192.168.56.13
<h1>
	welcome to Beijing!!!!
</h1>

7、回滚测试

[root@web ~]# ll /data/web/
total 0
lrwxrwxrwx 1 www www 43 Nov  3 10:46 www -> /webroot/www/www_683a44_2018-11-03-10-06-56

测试访问如下,下面进行查看版本列表,并选择回滚到www_9a781b_2018-11-03-09-59-44版本

[www@deploy-server ~]$ ./deploy.sh rollback list
-rw-rw-r-- 1 www www 22686 Nov  3 10:07 /deploy/tmp/www_683a44_2018-11-03-10-06-56.tar.gz
-rw-rw-r-- 1 www www 22685 Nov  3 10:44 /deploy/tmp/www_683a44_2018-11-03-10-43-55.tar.gz
-rw-rw-r-- 1 www www 22222 Nov  3 09:48 /deploy/tmp/www_9a781b_2018-11-03-09-48-36.tar.gz
-rw-rw-r-- 1 www www 22231 Nov  3 09:52 /deploy/tmp/www_9a781b_2018-11-03-09-52-32.tar.gz
-rw-rw-r-- 1 www www 22228 Nov  3 09:58 /deploy/tmp/www_9a781b_2018-11-03-09-58-15.tar.gz
-rw-rw-r-- 1 www www 22234 Nov  3 09:59 /deploy/tmp/www_9a781b_2018-11-03-09-59-44.tar.gz

[www@deploy-server ~]$ ./deploy.sh rollback www_9a781b_2018-11-03-09-59-44
[root@web ~]# ll /data/web/
total 0
lrwxrwxrwx 1 www www 43 Nov  3 10:48 www -> /webroot/www/www_9a781b_2018-11-03-09-59-44

再进行访问测试:

posted @ 2018-11-03 11:41  烟雨浮华  阅读(3182)  评论(8编辑  收藏  举报