最近因公司发展需要,增加了一些go语言开发,对项目要求使用jenkins+go+docker自动部署上线。6.12更新了使用nginx负载均衡,以及docker-compose文件。
一、安装jenkins
1、安装Jenkins,详情见centos使用docker搭建jenkins,jenkins使用方法见jenkins的安装和使用
2、jenkins安装go插件,Go plugin
安装该插件,点击 “系统管理” -> “管理插件” -> “可选插件” -> 选择 “Go Plugin” -> 点击最下边 “直接安装” 即可完成安装。
3、配置go插件
系统管理” -> “Global Tool Configuration” -> “Go” -> “新增 Go”
image.png
二、在搭建jenkins的服务器和要构建上传的应用服务器均安装go环境
1、下载安装包
wget [https://dl.google.com/go/go1.12.4.linux-amd64.tar.gz](https://dl.google.com/go/go1.12.4.linux-amd64.tar.gz)
2、解压缩安装
tar -C /home/service -zxvf go1.12.4.linux-amd64.tar.gz
3、配置环境变量
vim /etc/profile
export GOROOT=/home/service/go
export PATH=$PATH:$GOROOT/bin
source /etc/profile
4、测试
[root@bogon /]# go version
go version go1.12.4 linux/amd64
三、jenkins配置
1、新建任务go选择构建一个自由风格的软件项目,java选择构建一个maven项目
image.png
2、配置git路径和git账号密码和分支,或者git密钥
image.png
3、构建环境选择
image.png
4、构建执行shell,先选择执行shell,再选择ssh。
image.png
image.png
# 配置 GOPATH
export GOPATH="$JENKINS_HOME/golang_workspace"
export GOBINPATH="$GOPATH/bin"
export PATH="$PATH:$GOBINPATH"
export GO111MODULE=on
export GOPROXY=https://goproxy.io
#export GOPROXY="https://athens.azurefd.net"
# 执行 go get & build 命令
#创建 $GOPATH目录
mkdir -p $GOPATH
# 输出当前时间
date
#构建可执行二进制文件
CGO_ENABLED=0 GOARCH=amd64 go build -o bh-go-server-user server.go
#将可执行二进制文件传输到应用服务器
#ssh root@172.16.3.41 'bash -x -s' < /home/golang/bh-go-server-user/run.sh
rsync server root@172.16.3.41:/home/golang/bh-go-server-user/
rsync config/server.pem root@172.16.3.41:/home/golang/bh-go-server-user/config
rsync config/server.key root@172.16.3.41:/home/golang/bh-go-server-user/config
image.png
四、应用服务器配置
1、在上传到服务器的路径下创建config目录
[root@bogon bh-go-server-user]# tree
.
├── config
│ ├── config.env #配置启动可执行二进制文件的配置文件
│ ├── server.key #openssl
│ └── server.pem #openssl
├── run.sh #运行脚本
└── server #可执行二进制文件
1 directory, 5 files
2、配置config.env
image.png
3、在shell出已经用rsync将二进制文件server和pem和key传输到了应用服务器,为什么用rsync而不用scp,因为rsync覆盖已存在文件速度上有优势,最重要的是rsync可以覆盖正在运行的二进制文件,而scp不行。
4、执行二进制文件
./server
5、利用run.sh脚本执行二进制文件
6、run.sh脚本编写
DATE=$(date +%Y%m%d%H%M%S)
DIR=/home/golang/bh-go-server-user
JARFILE=server
if [ ! -d $DIR/backup ];then
mkdir -p $DIR/backup
fi
cd $DIR
pid=`ps -ef | grep ./server | grep -v grep | awk '{print $2}'`
echo "---------------"
for id in $pid
do
kill -9 $id
echo "killed $id"
done
echo "---------------"
echo "授予当前用户权限"
echo "执行....."
cp $JARFILE backup/$DATE$JARFILE
cd $DIR
nohup ./$JARFILE > run.log &
if [ $? = 0 ];then
sleep 20
tail -n 50 /home/golang/bh-go-server-user/run.log &
fi
cd backup/
ls -lt|awk 'NR>5{print $NF}'|xargs rm -rf
echo "执行成功"
7、后面我又更改了启动方式,使用dockerfile创建镜像,并利用docker-compose启动。
脚本yun.sh
#DATE=$(date +%Y%m%d%H%M%S)
DATE=$(date +%Y%m%d%H)
DIR=/home/golang/bh-go-server-user
JARFILE=bh-go-server-user
logfile=/home/log/bh/bh-go-server-user
log=bh-go-server-user.log
if [ ! -d $DIR/backup ];then
mkdir -p $DIR/backup
fi
cd $DIR
# pid=`ps -ef |grep ./bh-go-server-user | grep -v grep | awk '{print $2}'`
# echo "---------------"
# for id in $pid
# do
# kill -9 $id
# echo "killed $id"
# break
# done
echo "---------------"
echo "授予当前用户权限"
echo "执行....."
cp $JARFILE backup/$DATE$JARFILE
cd $DIR
docker build --rm -t bh-go-server-user .
cd $logfile
cp $log backup/$DATE$log
cd $DIR
docker-compose up > /home/log/bh/bh-go-server-user/bh-go-server-user.log &
if [ $? = 0 ];then
sleep 20
tail -n 50 /home/log/bh/bh-go-server-user/bh-go-server-user.log
fi
cd /home/log/bh/bh-go-duoduoke/backup/
ls -lt|awk 'NR>7{print $NF}'|xargs rm -f
cd $DIR/backup/
ls -lt|awk 'NR>5{print $NF}'|xargs rm -f
echo "执行成功"
8、dockerfile文件
之前我是用busybox作为基础镜像的,因为busybox镜像只有十几k大小,后面发现可能有些依赖没有有些接口不行就换成centos镜像了。
FROM centos
LABEL RoES roes@163.com
WORKDIR /root
ADD ./bh-go-server-user ./bh-go-server-user
ADD ./config ./config
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
RUN echo 'Asia/Shanghai' >/etc/timezone
EXPOSE 51003
ENTRYPOINT ["./bh-go-server-user"]
9、使用docker-compose启动,docker-compose.yml配置文件如下:
version: "3"
services:
server1:
image: bh-go-duoduoke
hostname: server1
restart: on-failure
volumes:
- "./config/config.env:/root/config/config.env"
ports:
- "8097:8097"
server2:
image: bh-go-duoduoke
hostname: server2
restart: on-failure
volumes:
- "./config/config1.env:/root/config/config.env"
ports:
- "18097:8097"
server3:
image: bh-go-duoduoke
hostname: server3
restart: on-failure
volumes:
- "./config/config1.env:/root/config/config.env"
ports:
- "28097:8097"
10、nginx负载均衡
根据自己nginx版本判断ssl on是否需要开启
upstream duomaike {
server 127.0.0.1:8097 weight=3;
server 127.0.0.1:18097;
server 127.0.0.1:28097;
#server 127.0.0.1:38097;
}
server
{
listen 80;
#listen [::]:80;
server_name api.example.com;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/api.example.com;
#return 301 https://api.example.com$request_uri;
include rewrite/other.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log /home/wwwlogs/api.example.com.log;
# api网关
location /V1 {
#add_header Access-Control-Allow-Origin admin.duomaike.top;
#add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept";
#add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
proxy_http_version 1.1;
# 开启对http1.1支持
proxy_set_header Connection "";
# 设置Connection为空串,以禁止传递头部到后端
proxy_connect_timeout 600s;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_buffer_size 512k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
proxy_temp_file_write_size 512k;
proxy_pass http://duomaike;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server
{
listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name api.example.com localhost;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/api.example.com;
# ssl on;
ssl_certificate /usr/local/nginx/conf/go_ssl/api.example.com.pem;
ssl_certificate_key /usr/local/nginx/conf/go_ssl/api.example.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
#ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
include rewrite/other.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log /home/wwwlogs/api.example.com.log;
# api网关
location / {
proxy_http_version 1.1;
# 开启对http1.1支持
proxy_set_header Connection "";
# 设置Connection为空串,以禁止传递头部到后端
proxy_connect_timeout 600s;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_buffer_size 512k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
proxy_temp_file_write_size 512k;
proxy_pass http://duomaike;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
