4.Jenkins&Docker联合使用
目的
通过Jenkins服务器拉取git仓库代码,进行编译打包后,生成Docker镜像,然后上传至Docker镜像仓库,最后发布到指定的服务器中
修改项目POM
添加maven插件
<plugin>
<groupId>com.spotify</groupId>
<artifactId>dockerfile-maven-plugin</artifactId>
<version>1.3.6</version>
<configuration>
<!--repository为生成的镜像名字-->
<repository>${project.artifactId}</repository>
<buildArgs>
<!--生成的jar路径,用于后面Docker生成镜像拷贝jar到容器-->
<JAR_FILE>target/${project.build.finalName}.jar</JAR_FILE>
</buildArgs>
</configuration>
</plugin>
pom.xml同级目录
新增Dockerfile
# 使用 java8的环境,这里镜像已经配置好了jdk等环境
FROM java:8
#定义变量,就是上面pom中的<JAR_FILE>
ARG JAR_FILE
#将生成好的jar包复制到镜像根目录
#将dockerfile(就是这个文件)同级目录的所有jar包复制到容器根目录一份,*可以换成具体的jar包名,我这就一个jar包
COPY ${JAR_FILE} /demo.jar
# 指定容器内要暴露的端口
EXPOSE 8080
ENTRYPOINT ["java","-jar","/demo.jar"]
pipeline脚本
pipeline {
agent any
stages {
stage('拉取代码' ) {
steps {
checkout([$class: 'GitSCM', branches: [[name: '*/master1']], extensions: [], userRemoteConfigs: [[credentialsId: '538da12e-f04b-41f2-adc3-7e1728a5bd1e', url: 'https://gitee.com/RollBack2010/jekins-study.git']]])
}
}
stage('编译代码,创建镜像 ') {
steps {
sh 'mvn clean install dockerfile:build'
sh "docker tag project_demo registry.cn-beijing.aliyuncs.com/rb2010/my_storage"
withCredentials([usernamePassword(credentialsId: 'd2b9c415-996e-4cf7-ba27-5a79b2675816', passwordVariable: 'password', usernameVariable: 'username')]) {
// some block
sh "docker login -u ${username} -p ${password} registry.cn-beijing.aliyuncs.com"
sh "docker push registry.cn-beijing.aliyuncs.com/rb2010/my_storage"
}
}
}
stage('给指定服务器发送命令,拉取&启动镜像') {
steps {
withCredentials([usernamePassword(credentialsId: 'd2b9c415-996e-4cf7-ba27-5a79b2675816', passwordVariable: 'password', usernameVariable: 'username')]) {
sshPublisher(publishers: [sshPublisherDesc(configName: 'DockerService', transfers: [sshTransfer(cleanRemote: false, excludes: '', execCommand: '/usr/local/config/deploy.sh $docker_storage_url $docker_storage_project_name $project_name $tag $port ${password} ${username}', execTimeout: 120000, flatten: false, makeEmptyDirs: false, noDefaultExcludes: false, patternSeparator: '[, ]+', remoteDirectory: '', remoteDirectorySDF: false, removePrefix: '', sourceFiles: '')], usePromotionTimestamp: false, useWorkspaceInPromotion: false, verbose: false)])
}
}
}
}
}
- Docker命令详见此处
- /usr/local/config/deploy.sh 内容本页搜索‘创建部署脚本’
- withCredentials是在“流水线语法”中生成的
- 脚本中sshPublisher本页搜索‘配置Publish over SSH’
- 脚本中withCredentials用于登录Docker镜像仓库,是在“流水线语法”中生成的
配置Publish over SSH
目的是可以让jenkins服务器向指定服务器发送命令
密码授权模式就是配置下图中的“Passphrase”
-
在Jenkins服务器上上传密钥
ssh-keygen -t rsa -b 4096 -C "***@**.com" -
将密钥上传到指定要连接的服务器
假设jenkins服务器要向192.168.0.103发送命令,就要将jenkins服务器的密钥传给103
#在jenkins服务器上执行 ssh-copy-id 192.168.0.103 -
Jenkins控制台->Manages Jenkins->Publish over SSH配置如下
没有这个需要安装插件“Publish Over SSH”
创建部署脚本
放到要发布的服务器上,并且给执行权限
#! /bin/sh
#接收外部参数
docker_storage_url=$1
docker_storage_project_name=$2
project_name=$3
tag=$4
port=$5
docker_storage_user_name=$6
docker_storage_pass_word=$7
imageName=$docker_storage_url/$docker_storage_project_name/$project_name:$tag
echo "$imageName"
#查询容器是否存在,存在则删除
containerId=`docker ps -a | grep -w ${project_name}:${tag} | awk '{print $1}'`
if [ "$containerId" != "" ] ; then
#停掉容器
docker stop $containerId
#删除容器
docker rm $containerId
echo "成功删除容器"
fi
#查询镜像是否存在,存在则删除
imageId=`docker images | grep -w $project_name | awk '{print $3}'`
if [ "$imageId" != "" ] ; then
#删除镜像
docker rmi -f $imageId
echo "成功删除镜像"
fi
# 登录Docker仓库
docker login -u $docker_storage_user_name -p $docker_storage_pass_word $docker_storage_url
# 下载镜像
docker pull $imageName
# 启动容器
docker run -di -p $port:$port $imageName
echo "容器启动成功"
此Jenkins项目全部配置如下
