CI/CD introduction
The development and release of Internet software has formed a set of standard procedures. If the development workflow is divided into the following stages:
Coding → Build → Integration → Test → Delivery → Deploy
As you can see in the figure above, continuous integration (Continuous Integration), continuous delivery (Continuous Delivery) and continuous deployment (Continuous Deployment) have different software automation delivery cycles.
Continuous Integration (CI)
The most important part of the entire process above is Continuous Integration (CI).
Continuous integration refers to the frequent (multiple times a day) integration of code into the backbone. Deliver the part of individual software development to the overall part of the software, and integrate frequently to find errors in it more quickly.
It has two main benefits:
\1. Find errors quickly. Every time a little update is completed, it is integrated into the backbone, and errors can be found quickly and it is easier to locate errors;
\2. Prevent the branch from greatly deviating from the main trunk. If it is not integrated frequently, and the backbone is constantly updated, it will become more difficult to integrate in the future, or even difficult to integrate.
Continuous integration does not eliminate bugs, but makes them very easy to find and correct. The purpose of continuous integration is to allow products to iterate quickly while maintaining high quality. Its core measure is that the code must pass automated testing before it is integrated into the backbone. As long as one test case fails, it cannot be integrated.
Continuous delivery
Continuous delivery refers to frequently delivering new versions of software to the quality team or users for review. If the review passes, the code enters the production stage.
On the basis of continuous integration, continuous delivery deploys the integrated code to "production-like environments" that are closer to the real operating environment. Continuous delivery takes precedence over software deployment throughout the product life cycle and is built on high-level automated continuous integration.
Continuous delivery can be seen as the next step in continuous integration. It emphasizes that no matter how it is updated, the software can be delivered anytime, anywhere.
Continuous deployment (CD)
Continuous deployment is the next step of continuous delivery, which refers to the automatic deployment of the code to the production environment after the code passes the review.
The goal of continuous deployment is that the code is deployable at any time and can enter the production phase.
The premise of continuous deployment is to automate the steps of testing, building, and deployment.
In general, continuous integration, continuous delivery, and continuous deployment provide an excellent DevOps environment. For the entire development team, it can greatly improve development efficiency, and benefits and challenges go hand in hand. In any case, frequent deployment, rapid delivery, and automation of development and testing processes will become an important part of future software engineering.
Introduction to Jenkins
Jenkins concepts
Jenkins is an open source and extensible continuous integration, delivery, and deployment (software/code compilation, packaging, and deployment) platform based on a web interface. Allow continuous integration and continuous delivery projects, no matter what platform is used, can handle any type of build or continuous integration.
Official website: https://jenkins.io/
Official document: https://jenkins.io/doc/
Download of Tsinghua source (recommended): https://mirrors.tuna.tsinghua.edu.cn/jenkins/redhat/
Jenkins features:
Open source java language development continuous integration tool, support CI, CD;
Easy to install, deploy and configure: install through yum, or download war package, and quickly install and deploy through docker container, which is convenient for web interface configuration management;
Message notification and test report: integrate RSS/E-mail to publish the build result through RSS or notify by e-mail when the build is completed, to generate JUnit/TestNG test report;
Distributed build: support Jenkins to allow multiple computers to build/test together;
File identification: Jenkins can track which build generates which jar, which build uses which version of jar, etc.;
Rich plug-in support: Support extension plug-ins, you can develop tools suitable for your team, such as git, svn, maven, docker, etc.
Jenkins installation
Installation minimum configuration: no less than 256M memory, no less than 1G disk, JDK version >=8 (openjdk is also possible).
According to the company's needs, install a suitable stable version of jenkins. There are many ways to install, yum, rpm, war, etc.
surroundings:
role: jenkins server
hostname:jinkai01 ip:192.168.186.140
role: deployment machine
hostname:jinkai02 ip:192.168.186.141
Install jenkins:
The jenkins home directory, stores all the data,
/var/lib/jenkins
The installation directory of jenkins, the war package is stored here,
/usr/lib/jenkins
Main configuration file,
/etc/sysconfig/jenkins
Log file,
/var/`log`/jenkins/jenkins.log
Install openjdk, jenkins is based on java development
[root@jinkai01 ~]# yum install -y java-1.8.0-openjdk
wget -O downloads the file and saves it with the specified file name
[root@jinkai01 ~]# wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat/jenkins.repo
[root@jinkai01 ~]# cat /etc/yum.repos.d/jenkins.repo
[jenkins]
name=Jenkins
baseurl=http://pkg.jenkins.io/redhat
gpgcheck=1 //1 will check, so the key is installed below
Install jenkins key
rpm --import https://pkg.jenkins.io/redhat/jenkins.io.key
[root@jinkai01 ~]# yum install -y jenkins
Start jenkins:
[root@jinkai01 ~]#systemctl start jenkins
Check whether the jenkins process exists after startup
[root @ jinkai01 ~] #ps aux | grep jenkins
View the jenkins log, intercept part
[root@jinkai01 ~]#less /var/log/jenkins/jenkins.log
Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation:
5efd1d813a5a44de96d4abb8b062e0b6 // admin password, which will be used during initial installation
This may also be found at:
/var/lib/jenkins/secrets/initialAdminPassword #admin password can also be found here
[root@jinkai01 ~]# cat /var/lib/jenkins/secrets/initialAdminPassword
5efd1d813a5a44de96d4abb8b062e0b6
Access installation :
Open the browser, visit ip:8080 to install, ip is the server ip
You are prompted to enter the administrator password, enter 5efd1d813a5a44de96d4abb8b062e0b6 (the admin password found above), click continue, and it will initialize for a short period of time
Here I choose to install the recommended plugin
The plug-in has already been installed here, and we will just wait for it to be installed.
After the above plug-in is installed, enter the following interface, prompting to create the first albert user, and set the user name and password
Click save and finish
Prompt to configure the jenkins URL, keep the default here, continue to click save and finish
Prompt that jenkins is ready, start using jenkins
View the configuration file of jenkins:
[root@jinkai01 ~]# cat /etc/sysconfig/jenkins
Check the configuration file of jenkins, define basic configuration such as home, JAVA_CMD, user, port, etc., just keep the default
## Path: Development/Jenkins
## Description: Jenkins Automation Server
## Type: string
## Default: "/var/lib/jenkins"
## ServiceRestart: jenkins
#
# Directory where Jenkins store its configuration and working
# files (checkouts, build reports, artifacts, ...).
#
JENKINS_HOME="/var/lib/jenkins"
## Type: string
## Default: ""
## ServiceRestart: jenkins
#
# Java executable to run Jenkins
# When left empty, we'll try to find the suitable Java.
#
JENKINS_JAVA_CMD=""
## Type: string
## Default: "jenkins"
## ServiceRestart: jenkins
#
# Unix user account that runs the Jenkins daemon
# Be careful when you change this, as you need to update
# permissions of $JENKINS_HOME and /var/log/jenkins.
#
JENKINS_USER="jenkins"
## Type: string
## Default: "false"
## ServiceRestart: jenkins
#
# Whether to skip potentially long-running chown at the
# $JENKINS_HOME location. Do not enable this, "true", unless
# you know what you're doing. See JENKINS-23273.
#
#JENKINS_INSTALL_SKIP_CHOWN="false"
## Type: string
## Default: "-Djava.awt.headless=true"
## ServiceRestart: jenkins
#
# Options to pass to java when running Jenkins.
#
JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true"
## Type: integer(0:65535)
## Default: 8080
## ServiceRestart: jenkins
#
# Port Jenkins is listening on.
# Set to -1 to disable
#
JENKINS_PORT="8080"
## Type: string
## Default: ""
## ServiceRestart: jenkins
#
# IP address Jenkins listens on for HTTP requests.
# Default is all interfaces (0.0.0.0).
#
JENKINS_LISTEN_ADDRESS=""
## Type: integer(0:65535)
## Default: ""
## ServiceRestart: jenkins
#
# HTTPS port Jenkins is listening on.
# Default is disabled.
#
JENKINS_HTTPS_PORT=""
## Type: string
## Default: ""
## ServiceRestart: jenkins
#
# Path to the keystore in JKS format (as created by the JDK 'keytool').
# Default is disabled.
#
JENKINS_HTTPS_KEYSTORE=""
## Type: string
## Default: ""
## ServiceRestart: jenkins
#
# Password to access the keystore defined in JENKINS_HTTPS_KEYSTORE.
# Default is disabled.
#
JENKINS_HTTPS_KEYSTORE_PASSWORD=""
## Type: string
## Default: ""
## ServiceRestart: jenkins
#
# IP address Jenkins listens on for HTTPS requests.
# Default is disabled.
#
JENKINS_HTTPS_LISTEN_ADDRESS=""
## Type: integer(0:65535)
## Default: ""
## ServiceRestart: jenkins
#
# HTTP2 port Jenkins is listening on.
# Default is disabled.
#
# Notice: HTTP2 support may require additional configuration, see Winstone
# documentation for more information.
#
JENKINS_HTTP2_PORT=""
## Type: string
## Default: ""
## ServiceRestart: jenkins
#
# IP address Jenkins listens on for HTTP2 requests.
# Default is disabled.
#
# Notice: HTTP2 support may require additional configuration, see Winstone
# documentation for more information.
#
JENKINS_HTTP2_LISTEN_ADDRESS=""
## Type: integer(1:9)
## Default: 5
## ServiceRestart: jenkins
#
# Debug level for logs -- the higher the value, the more verbose.
# 5 is INFO.
#
JENKINS_DEBUG_LEVEL="5"
## Type: yesno
## Default: no
## ServiceRestart: jenkins
#
# Whether to enable access logging or not.
#
JENKINS_ENABLE_ACCESS_LOG="no"
## Type: integer
## Default: 100
## ServiceRestart: jenkins
#
# Maximum number of HTTP worker threads.
#
JENKINS_HANDLER_MAX="100"
## Type: integer
## Default: 20
## ServiceRestart: jenkins
#
# Maximum number of idle HTTP worker threads.
#
JENKINS_HANDLER_IDLE="20"
## Type: string
## Default: ""
## ServiceRestart: jenkins
#
# Folder for additional jar files to add to the Jetty class loader.
# See Winstone documentation for more information.
# Default is disabled.
#
JENKINS_EXTRA_LIB_FOLDER=""
## Type: string
## Default: ""
## ServiceRestart: jenkins
#
# Pass arbitrary arguments to Jenkins.
# Full option list: java -jar jenkins.war --help
#
JENKINS_ARGS=""
View the main directory of the program:
[root @ jinkai01 ~] # ls / var / lib / jenkins /
config.xml nodeMonitors.xml
hudson.model.UpdateCenter.xml nodes
hudson.plugins.git.GitTool.xml plugins
identity.key.enc secret.key
jenkins.install.InstallUtil.installingPlugins secret.key.not-so-secret
jenkins.install.InstallUtil.lastExecVersion secrets
jenkins.install.UpgradeWizard.state updates
jenkins.model.JenkinsLocationConfiguration.xml userContent
jenkins.telemetry.Correlator.xml users
jobs workflow-libs
Logs
Above,
Jobs created on the browser will be stored here
logs store logs related to jenkins
Nodes are used when multiple nodes
plugins Directory where plugins are located
secrets The directory where the password secret key is located #jobs and plugins directories are more important
Jenkins does not rely on the database to store data, so you only need to copy the entire program home directory during migration.
Publish PHP code
View the plug-in:
System Management -> Plug-in Management, "optional plug-ins" are plug-ins that are not installed, "installed" are plug-ins that have been installed, and the ones that are checked in gray are non-uninstallable plug-ins.
Check if there are two plug-ins, "Git plugin" and "Publish over SSH", if not, install them in "Optional Plugins". Found that "Publish over SSH" does not, install it
After installing the plug-in, restart the jenkins service directly on the linux machine instead of checking restart when idle
[root@jinkai01 ~]# systemctl restart jenkins
Log in to jenkins on the browser again, and generate a pair of secret keys on the linux machine
[root@jinkai01 ~]# ssh-keygen -f ~/.ssh/jenkins
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/jenkins.
Your public key has been saved in /root/.ssh/jenkins.pub.
The key fingerprint is:
SHA256:/RMwhSYwDkCyRq+8N2EsmIt2nWPtbAIyZhKNviGReUk root@jinkai01
The key's randomart image is:
+ --- [RSA 2048] ---- +
| .oo .. o. .. |
| .oE o .. o. |
| .B o. oo |
|X.* . o |
|+B + S . . |
| + O + .oo. . |
| Bo = +. =. about |
| ..o o. +. . |
| oo |
+----[SHA256]-----+
[root@jinkai01 ~]#
[root @ jinkai01 ~] # ls /root/.ssh/
authorized_keys jenkins jenkins.pub
[root@jinkai01 ~]# cat /root/.ssh/jenkins //View the private key
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAqQRAj90eqFfP/Fq66IgH9DpUaNaomRhXYlLcpxDQ0ZZk4swG
unmLpfYOrfuD6iIgWMLw4E0QUUNH/ETRl9x1aOsTJltowWmu/+4dcxpGB4ECZFT+
V1rIrGhcpvGVoGbGzPXR33L6NYRNAeJAHy37ZhJMU8uy86UKYYayPeu/3FhcvK2M
fRtvHfvU92NRYFQ1s9WAc0k5mQn2j + oLTOaF + fjmeAt8ZQznIK2k33EuK79PSRYg
d8rp1vKUXUy1bAhi5hfi5+whXXy1c/gn/4ZUohKRnUlxp3PoVt3MHe0O4p6e6Lm+
lrREqNtkjFtrtpsj5xMoDbP3wBzAj2Z9C4IIAQIDAQABAoIBAE8ik4wIbxtJCjPQ
02SelILQcMcpgoUz9W4u9+stH2iSbygVeS0ETdNl0te5RLlyQwzsMVYEHxi9VM4T
9sKQ0VRPhIbYE8NDVVG1ToqfCZzn1ZPei7ug4QaAUqlDwdf5Zyl+C0cBEY/PIzM3
mOhAYk4XUS+G14Hmi2bAZ2JAqHNlFR3OX3cNgH+Qh2zSAbbfPjzvXgKqhy2OJPFr
06eX ++ UrOFX / S7KC42ZN3jm5hYKp77W6En0ZbTBH2TnYWB2S / JBRO + 2 + yaU + Z3Ax
ci5/C48Rj5cI5w8z18CayT5XGihVjs1OXmWQoqNdMdvbQtgS7GchQmzL9vtTLo72
pX14LIUCgYEA1neL1H9No72T6HZe6ylKEuiwBipQ6GN/8OWYY+ADiYwj467oZQrb
fXlbxgXRElQF10MJvQ8X4jHNt3uB9Yhgdd5WbAKT2ThHgePX5y+C1sPebGIBmUg/
3XiTVRpDJEMKf3UZa3BsDK8Ko6ERM+lC0Vc8X2Rmna6fvB7sNMSNFosCgYEAyb9z
SM2IUauzKN6turqdZxyPIcAkmA5Kr/8PIKjzJF1rtjJVwoP+fR/JxPUTUkc0w7iU
H99NRRWOGn8VRsbn2x2dmthoUEEbGW2hGu2e19x5yTSAjPoON2YOyBBd82eb30m8
Rpo7CQfbmxNXxxADuwFjSg7sSwg31MaIRx/5OSMCgYEAwIxN7zdoJkTzQTbdGzZT
ucxNFQvy3eFPIaGQgsLBikFWi3kiTm1ECE/ntE7OmSz0nYIjgSjG4Z6jOkNZt258
Y / Z9ErXxtYkQsi40TexbBKSP0jDfjJXQOO + jHznX4 / uItkwUyWACshSJccUO49Nd
2QMAQgirFJCN+uCsYufAX+cCgYAytQPs0HvqyxUEuLNBs5XMTMlM2lZYQX9ULO9I
bi5ufWyNJqmXckWMfWjhMBfjHjKM3t+cAywQqRJGZpqaZ3PvBsqOGMZfJX4CLiPH
+OFrr+aMQ73rsQ3Rrr0YW8TBYNE0lfvUYv9jja4MlBgD2GqXngmum4GYekBOIngu
KEMjsQKBgESIkvYkQdfznp + K8bbg4ZK7C6YA9H84c + E7g381F7aytZpH98Eoab94
0KyFKkP5Lt5UAwIx/iCXlLkNoxNtxA9s6S0FJrfirZLwRCVAiGx1eULrJ1XWFadU
QRNV6PlQpQc4bSFi388NPzg + fEKvvtO4c8Sq / j36SKV49tIoL1 / v
-----END RSA PRIVATE KEY-----
Manage jenkins -> configure the system, find the Publish over SSH plug-in installed previously, fill in the password set when generating the secret key in Passphrase, leave it blank if not, leave the Path to key blank, and paste the contents of the /root/.ssh/jenkins file in the Key.
Then add SSH Servers, fill in the corresponding hostname, this is the machine where the PHP code will be released
Next, you need to copy the public key to the corresponding hostname machine (jinkai02)
[root@jinkai01 ~]# cat /root/.ssh/jenkins.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCpBECP3R6oV8/8WrroiAf0OlRo1qiZGFdiUtynENDRlmTizAa6eYul9g6t+4PqIiBYwvDgTRBRQ0f8RNGX3HVo6xMmW2jBaa7/7h1zGkYHgQJkVP5XWsisaFym8ZWgZsbM9dHfcvo1hE0B4kAfLftmEkxTy7LzpQphhrI967/cWFy8rYx9G28d+9T3Y1FgVDWz1YBzSTmZCfaP6gtM5oX5+OZ4C3xlDOcgraTfcS4rv09JFiB3yunW8pRdTLVsCGLmF+Ln7CFdfLVz+Cf/hlSiEpGdSXGnc+hW3cwd7Q7inp7oub6WtESo22SMW2u2myPnEygNs/fAHMCPZn0LgggB root@jinkai01
Paste jenkins.pub on jinkai02
[root @ jinkai02 ~] # vim /root/.ssh/authorized_keys
#####jinkai01 pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCpBECP3R6oV8/8WrroiAf0OlRo1qiZGFdiUtynENDRlmTizAa6eYul9g6t+4PqIiBYwvDgTRBRQ0f8RNGX3HVo6xMmW2jBaa7/7h1zGkYHgQJkVP5XWsisaFym8ZWgZsbM9dHfcvo1hE0B4kAfLftmEkxTy7LzpQphhrI967/cWFy8rYx9G28d+9T3Y1FgVDWz1YBzSTmZCfaP6gtM5oX5+OZ4C3xlDOcgraTfcS4rv09JFiB3yunW8pRdTLVsCGLmF+Ln7CFdfLVz+Cf/hlSiEpGdSXGnc+hW3cwd7Q7inp7oub6WtESo22SMW2u2myPnEygNs/fAHMCPZn0LgggB root@jinkai01
Login jinkai02 test on Jinkai01
[root@jinkai01 .ssh]# ssh 192.168.186.141
[email protected]'s password:
There will be situations where you need to enter a password
Need to change the Jenkins and jenkins.pub in the /root/.ssh directory of jinkai01 to:
[root@jinkai01 .ssh]# mv jenkins.pub id_rsa.pub
[root@jinkai01 .ssh]# mv jenkins id_rsa
You do not need to enter a password when logging in again:
[root@jinkai01 .ssh]# ssh 192.168.186.141
Last login: Wed Dec 16 15:45:48 2020 from 192.168.186.140
If there is any problem with the test connection on the browser, click Test Configuration, if there is no problem, Success will be displayed on the left, as shown in the figure below
This shows that our previous configuration is no problem. Click Apply, "Saved" appears
If there are multiple web servers, you can continue to add them, repeat the above operations, and finally click Save.
New task:
Go back to the homepage, click to create a new task, customize the task name, and choose to build a free-style software project
Click ok
Describe customization; source code management chooses Git (if you use SVN, choose Subversion); Repository URL chooses the address of your own public warehouse; Branches to build defaults to */master, which means that the branch that releases the code is the master branch; build triggers and builds Leave the environment blank; select Send files or execute commands over SSH to build, select the corresponding server for Name, fill in Source files with / to indicate that the code to be published is all files, and fill in /tmp/jenkins_test for Remote directory (customize one to store PHP code Folder name), Remove prefix and Exec command can be left blank
Click Add Server to add more servers. In a production environment, multiple servers usually release code together. Click save
Click on the left to build immediately, the build history will appear, where #1 means the first build
Click #1, click the console output
Build failed
Solution:
Originally this place defaulted to /master, now it is set to empty or /main, and then the application is saved, and then rebuilt.
If you fail to build with your own github repository, usually after the build is completed, there will be an email notification for success or failure. Because there is no mail configured here, there is no way to receive mail.
If the build is normal, check /tmp/jenkins_test on jinkai02 and there should be published code, because I used the github built by myself and there are only two self-built files on it.
[root@localhost jenkins_test]# ls
a.txt README.md
If you have made changes to the source, continue to click Build Now. If the build is successful, you can also see the changed content on the target machine. Next, create a new file on github
Rebuild on jenkins
After the build is complete, check the file again on jinkai02 and there is one more file under
[root@localhost jenkins_test]# ls
a.txt README.md wowowowowo