决战！！（2）--Jenkins+ansible+gitlab

pipeline job实现

nginx+mysql+PHP+wordpress自动化部署交付

三剑客平台初始环境构建编写ansible-playbook脚本实现wordpress远程部署将wordpress源码与playbook部署脚本提交到gitlab仓库本地编写pipeline job脚本实现Jenkins流水线持续交付流程Jenkins集成ansible与gitlab实现wordpress的自动化部署 su - deploy source /home/deploy/.py3-a2.5-env/bin/activate source /home/deploy/.py3-a2.5-env/ansible/hacking/env-setup -q ansible-playbook --version ssh root@test.example.com #远程免秘钥登录目标主机 cp -a nginx_playbook-repo wordpress_playbooks git --global http.sslVerify false cd wordpress_playbooks/ [root@jenkins wordpress_playbooks]# ll 总用量 4 -rw-r--r-- 1 root root 0 11月 3 23:47 deploy.retry -rw-r--r-- 1 root root 76 11月 3 23:47 deploy.yml drwxr-xr-x 2 root root 27 11月 3 23:47 inventory drwxr-xr-x 3 root root 18 11月 3 23:47 roles vim deploy.yml hosts: "wordpress" #获取目标主机相关信息 gather_facts: true remount_user: root roles: #引入playbook的任务列表roles - wordpress #详细任务名称 [root@jenkins wordpress_playbooks]# cd inventory/ [root@jenkins inventory]# ll 总用量 8 -rw-r--r-- 1 root root 136 11月 3 23:47 dev -rw-r--r-- 1 root root 136 11月 3 23:47 prod [root@jenkins inventory]# vim dev [wordpress] test.example.com [wordpress:vars] server_name=test.example.com port=80 user=deploy worker_processes=4 max_open_file=65505 root=/data/www [root@jenkins inventory]# cp -rf dev prod #也可以根据实际环境修改 cp：是否覆盖"prod"？ y [wordpress] test.example.com [wordpress:vars] server_name=test.example.com port=80 user=deploy worker_processes=4 max_open_file=65505 root=/data/www gitlab_user='root' gitlab_pass='12345678' #为了在主任务文件做git clone操作 [root@jenkins inventory]# cp -a prod dev cp：是否覆盖"dev"？ y 区分dev和prod： [root@jenkins inventory]# vim dev [wordpress] test.example.com [wordpress:vars] server_name=test.example.com port=8080 user=deploy worker_processes=2 max_open_file=30000 root=/data/www gitlab_user='root' gitlab_pass='12345678' [root@jenkins wordpress_playbooks]# cd roles/ [root@jenkins roles]# ll 总用量 0 drwxr-xr-x 5 root root 46 11月 3 23:47 nginx [root@jenkins roles]# mv nginx wordpress [root@jenkins roles]# cd wordpress/ [root@jenkins wordpress]# ll 总用量 0 drwxr-xr-x 2 root root 45 11月 3 23:47 files drwxr-xr-x 2 root root 21 11月 3 23:47 tasks drwxr-xr-x 2 root root 26 11月 3 23:47 templates [root@jenkins files]# vim health_check.sh #!/bin/sh URL=$1 PORT=$2 curl -Is http://$URL:$PORT/info.php >/dev/null && echo "The remote side is healthy" || echo "The remote side is failed,please check" [root@jenkins files]# vim index.php <?php phpinfo(); ?> [root@jenkins files]# vim www.conf #php-fpm文件 user= deploy group = deploy ;listen=[::]]:9000 listen= /var/run/php-fpm/php-fpm.sock listen.owner = deploy listen.group = deploy ;listen. allowed clients =127.0.0.1 ;pm.max children =51 [root@jenkins files]# ll 总用量 12 -rw-r--r-- 1 root root 158 11月 4 00:04 health_check.sh -rw-r--r-- 1 root root 20 11月 4 00:05 index.php -rw-r--r-- 1 root root 190 11月 4 00:20 www.conf php-fpm.conf 去掉注释的文件 [root@moban etc]# cat php-fpm.conf.bak | egrep -v ';|^$' [global] [www] user = deploy group = deploy listen= /var/run/php-fpm/php-fpm.sock listen.owner = deploy listen.group = deploy pm = dynamic pm.max_children = 51 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 [root@jenkins wordpress]# cd templates/ [root@jenkins templates]# ll 总用量 4 -rw-r--r-- 1 root root 560 11月 3 23:47 nginx.conf.j2 [root@jenkins templates]# >nginx.conf.j2 [root@jenkins templates]# vim nginx.conf.j2 user {{ user }}; worker_processes {{ worker_processes }}; events { worker_connections {{ max_open_file }}; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main 'remote_addr - $remote_user [$time_local] "request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for" '; access_log /var/log/nginx/access.log main; sendfile on; sendfile on; keepalive_timeout 65; server { listen {{ port }} default_server; server_name {{ server_name }}; location / { root {{ root }}; index index.html index.htm index.php; } location ~ \.php${ try_files $uri =404; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; #引入php-fpm.sock文件 fastcgi_index index.php; #指定当前主业文件为index.php fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; #引入相关参数 include fastcgi_params; #引入fastcgi_params所有配置 } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } [root@jenkins wordpress]# cd tasks/ [root@jenkins tasks]# ls main.yml [root@jenkins tasks]# ll 总用量 4 -rw-r--r-- 1 root root 822 11月 3 23:47 main.yml [root@jenkins tasks]# cat main.yml - name: update yum dependency shell: 'yum update -y warn=False' - name: Disable system firewall service: name=firewall state=stopped - name: Disable SELINUX selinux: state=disabled - name: setup nginx yum source yum: pkg=epel-release state=latest - name: setup webtatic yum source for php-fpm yum: name=https://mirror.webtatic.com/yum/e17/webtatic-release.rpm - name: Ensure nginx is at the latest version yum: pkg=nginx state=latest - name: write then nginx config file template: src=roles/wordpress/templates/nginx.conf.j2 dest=/etc/nginx/nginx.conf - name: create nginx root folder file: 'path={{ root }} state=directory owner={{ user }} group={{ user }} mode=0755' - name: copy info.php to remote copy: 'remote_src=no src=roles/wordpress/files/info.php dest=/www/info.php mode=0755' - name: restart nginx service service: name=nginx state=restarted - name: setup php-fpm command: 'yum install -y php70w php70w-fpm php70w-common php70w-mysql php70w-gd php70w-xml php70w-mbstring php70w-mcrypt warn=False' - name: restart php-fpm service service: name=php-fpm state=restarted - name: copy php-fpm config file to remote copy: 'remote_src=no src=roles/wordpress/files/www.conf dest=/etc/php-fpm.d/www.conf mode=0755 owner={{ user }} group={{ user }} force=yes' - name: restart php-fpm service service: name=php-fpm state=restarted - name: run the health check locally shell: "sh roles/wordpress/files/health_check.sh {{ server_name }} {{ port }}" delegate_to: localhost register: health_status - debug: msg="{{ health_status.stdout }}" [root@jenkins ansible-playbook-repo]# git add . [root@jenkins ansible-playbook-repo]# git commit -m"first commit" [root@jenkins ansible-playbook-repo]# git push origin master Username for 'https://gitee.com': yourname Password for 'https://yihutu@gitee.com': yourpassword pipeline语法构建 #!groovy pipeline{ agent {node {label 'master'}} environment { PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin" } parameters { choice( choices: 'dev\nprod', description: 'choose deploy environment', name: 'deploy_env' ) string(name: 'branch',defaultValue: 'master', description: 'Fill in your ansible rebo branch') } stages{ stage("pull deploy code"){ steps{ sh 'git config --global http.sslVerify false' dir ("${env.WORKSPACE}"){ git branch: 'master',credentiasID:"ac34fe61-e627-47b2-a396-32db431e91e7", url:"https://gitee.com/yihutu/ansible-playbook-repo.git" } } } stage("check env"){ steps{ sh """ set +x user=`whoami` if [$user == deploy] then echo "[INFO] current deployment user is $user" source /home/deploy/.py3-a2.5-env/bin/activate source /home/deploy/.py3-a2.5-env/ansible/hacking/env-setup -q echo "[INFO] current python version" python --version echo "[INFO] current ansible version" ansible-playbook --version echo "[INFO] Remote system disk space" ssh root@test.example.com df -h echo "[INFO] Remote system RAM" ssh root@test.example.com free -m else echo "Deployment user is incorrect,please check" fi set -x """ } } stage("Ansible deployment"){ steps{ input "Do you approve the deployment?" dir("${env.WORKSPACE}/wordpress_playbooks"){ echo "[INFO] start deployment" sh """ set +x source /home/deploy/.py3-a2.5-env/bin/activate source /home/deploy/.py3-a2.5-env/ansible/hacking/env-setup -q ansible-playbook -i inventory/$deploy_env ./deploy.yml -e project=wordpress -e branch=$branch -e env=$deploy_env set -x """ echo "[INFO] Deployment finished..." } } } } } 第一次构建找不到deploy_env,因为第一次构建没有识别参数配置参数选择dev master选择procced ssh root@test.example.com #一路y mysql -uroot -p123456 #登录已创建好的mysql数据库 create databases wordpress character set utf8; 浏览数输入：test.example.com:8080 #wordpress初始化配置