使用Mattermost、Gitlab和Jenkins在本地环境中自动构建ChatOps！的环境

1 年 ago

韵, 科

6 minutes

使用On-Premise平台进行ChatOps！环境的自动构建（包括Mattermost、Gitlab和Jenkins）。

首先

CentOS6にJenkins2.2をAnsibleでインストールしてブラウザからJenkins2にログインするまで

另外，全部源代码已上传至以下的GitHub地址：https://github.com/tbuchi888/vagrant-ansible-gitlab-mattermost-jenkins-for-chatops

1. 环境

在连接到互联网的以下环境中进行了验证。
由于每个版本是在验证时（2016/09/01）的版本，所以可能不是最新的。

サーバー種別項目詳細NoteHOST　ServerOSOSX Yosemite

HypervisorVirtualbox5.14

building toolVagrant1.8.5

Ansible 2.1.0 update:2016/04/20yum_repositoryモジュールを使うため2.1以降のバージョンを利用Gitlab / Mattermost ServerOSCentOS6.8The Box of Vagrant is geerlingguy/centos6(*1)
Host namemygitlabChange your environment(*2)
IPaddress192.168.33.131Change your environment(*2)
Code managemnt toolGitlabCE ver.8.11.2

Chat toolMattermost ver.3.30on GitlabCEJenkins2 ServerOSCentOS6.8The Box of Vagrant is geerlingguy/centos6(*1)
Host namemyjenkinsChange your environment(*2)
IPaddress192.168.33.132Change your environment(*2)
CI ToolJenkins ver.2.19

注意事项！
– *1：Vagrant安装方案使用atlas.hashicorp.com上的geerlingguy/centos6的Box文件，但请根据您自己的环境适当修改conf-vbox-guestvm.yml中的Box名称。
– *2：请根据您自己的环境适当修改conf-vbox-guestvm.yml和/etc/hosts中的主机名和IP地址。
如果不使用Vagrant（通过Ansible provisioner），也请同样修改Ansible的主机清单文件hosts.yml。

2. 使用方法 (shǐ fǎ)

2.1 共同之处

为了能够通过名称解析解决，我们将为当前要创建的两个VM（或目标服务器）的主机名进行设置。例如，可以使用sudo vi /etc/hosts等方式。

192.168.33.131  mygitlab
192.168.33.132  myjenkins

另外，在主机服务器或Ansible执行服务器上的适当目录中，从GitHub上克隆全部代码。
（或者，根据第3条的各种代码说明，新建文件。）

git clone https://github.com/tbuchi888/vagrant-ansible-gitlab-mattermost-jenkins-for-chatops.git
cd vagrant-ansible-gitlab-mattermost-jenkins-for-chatops

若要使用Vagrant完整構建整個虛擬機器的場合

如果作为VM的主机环境，可以使用Vagrant、Virtualbox和Ansible（2.1版本及以上），并且可以使用Ansible provisioner（例如OSX和Linux等系统）。

vagrant up

如果只需要在Ansible中构建开源软件的一部分。

使用已安装Ansible的机器执行以下操作。

ansible-playbook -i hosts.yml -l gitlab install_gitlab_mattermost_without_proxy.yml -v
ansible-playbook -i hosts.yml -l jenkins install_jenkins_without_proxy.yml -v

3. 不同类型的代码

这是与github上面相同的东西。
https://github.com/tbuchi888/vagrant-ansible-gitlab-mattermost-jenkins-for-chatops

種別ファイル名内容Vagrantconf-vbox-guestvm.ymlVM情報やプロビジョニング情報を外部YMLファイルとして定義したもの
VagrantfileVM情報やプロビジョニング情報を外部YMLファイルから取込む形へVagrantfileをカスタマイズしたものAnsiblehosts.ymlインベントリファイル Vagrant(Ansible provisioner)を利用する場合は不要
install_gitlab_mattermost_without_proxy.ymlGitlab及びMattermostをインストールするプレイブック
install_jenkins_without_proxy.ymlJenkins2をインストールするプレイブック

3.1. Vagrant相关

将VM信息和配置信息作为外部YML文件进行定义

---
centos_base: &CENT_BASE
    box:                     geerlingguy/centos6
    os_type:                 linux

guestvm:
  - name:                    mygitlab
    ipaddress:               192.168.33.131
    ansible_playbook:        install_gitlab_mattermost_without_proxy.yml
    << : *CENT_BASE

  - name:                    myjenkins
    ipaddress:               192.168.33.132
    ansible_playbook:        install_jenkins_without_proxy.yml
    << : *CENT_BASE

自定义了一个Vagrantfile (用于导入上述YML文件)

# -*- mode: ruby -*-
# vi: set ft=ruby :

require 'yaml'

# Rreading of guestVM configuration for the YML format file.
setting = YAML.load_file('conf-vbox-guestvm.yml')

# Set the hash variable
arr_guestvm_h = setting['guestvm']

# Define Vagrant ver.
VAGRANTFILE_API_VERSION = '2'

# Define Vagrantfile
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|

  # Use host's(macbook) proxy and dns   
  config.vm.provider "virtualbox" do |vb|
    vb.customize ["modifyvm", :id, "--natdnsproxy1", "on"]
    vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
  end

  # Define the settings for each guest OS and VM
  arr_guestvm_h.each do |guestvm|

    config.vm.define guestvm['name'] do |server|

      # Define guest OS setting
      server.vm.hostname              = guestvm['name']

      # Define box for vsphere
      server.vm.box                   = guestvm['box']

      if guestvm.has_key?('box_url') && !guestvm['box_url'].nil?
        server.vm.box_url             = guestvm['box_url']
      end

      if guestvm.has_key?('ipaddress') && !guestvm['ipaddress'].nil?
        server.vm.network               'private_network', ip: guestvm['ipaddress']
      end

      if guestvm.has_key?('os_type') && guestvm['os_type'] == 'linux'
#        server.vm.communicator        = :ssh
#        server.ssh.insert_key         = false
#        server.ssh.private_key_path   = '~/.ssh/id_rsa'
        if guestvm.has_key?('os_username') && !guestvm['os_username'] .nil?
          server.ssh.username         = guestvm['os_username']
          if guestvm.has_key?('os_password') && !guestvm['os_password']
            server.ssh.password       = guestvm['os_password']
          end
        end
      end
      if guestvm.has_key?('os_type') && guestvm['os_type'] == 'windows'
        server.vm.communicator        = :winrm
        server.vm.guest               = :windows
        if guestvm.has_key?('os_username') && !guestvm['os_username'].nil? 
          server.winrm.username       = guestvm['os_username']
          if guestvm.has_key?('os_password') && !guestvm['os_password'].nil?
            server.winrm.password     = guestvm['os_password']
          else
            puts "Input  #{guestvm['name']} #{guestvm['os_username']} ospassword:\n"
            server.winrm.password     = STDIN.noecho(&:gets).chop
          end
        end
      end

      # provisioning guest vm with ansible
      if guestvm.has_key?('ansible_playbook') && !guestvm['ansible_playbook'].nil?
        server.vm.provision "ansible" do |ansible|
          ansible.playbook            = guestvm['ansible_playbook']
          if guestvm.has_key?('ansible_inventory_path')  && !guestvm['ansible_inventory_path'].nil?
            ansible.inventory_path    = guestvm['ansible_inventory_path']
            ansible.limit             = guestvm['name']
          end
        end
      end
    end
  end
end

3.2.与Ansible相关

如果使用Vagrant的Ansible provisioner，则不需要“inventory”文件。

[gitlab]
mygitlab
[jenkins]
myjenkins

[all:vars]
ansible_user=vagrant
ansible_password=vagrant

GitLab和Mattermost

---
# Setting the destination inventory host
- hosts: all
  become: yes
  become_method: sudo
  become_user: root

# Don't gather hosts facts for performance
  gather_facts: no

# Setting the task
  tasks:
    - name: yum install
      yum: name={{item.name}} state={{item.state}}
      register: yum_result
      with_items:
        - name: '*' 
          state: latest
        - name: openssh-server 
          state: latest
        - name: curl 
          state: latest
        - name: postfix 
          state: latest
    - debug: var=yum_result.results

    - name: postfix        should have been running
      service: name=postfix state=started enabled=yes 

    - name: lokkit -s http -s ssh 
      command: lokkit -s http -s ssh -p 8080:tcp
      register: cmd_result
    - name: command STDOUT 
      debug: var=cmd_result.stdout_lines

    - name: shell curl gitlab script.rpm.sh
      shell: curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
      register: shell_result
    - name: command STDOUT 
      debug: var=shell_result.stdout_lines

    - name: gitlab-ce      should have been installed(latest)
      yum: name=gitlab-ce state=latest

    - name: command gitlab-ctl
      shell: gitlab-ctl reconfigure
      register: cmd_result
    - name: command STDOUT 
      debug: var=cmd_result.stdout_lines

# for Mattermost 
# mattermost_external_url 'http://mattermost.example.com'
    - name: enable mattermost on port 9999
      replace: dest=/etc/gitlab/gitlab.rb regexp='^# mattermost_external_url \'http\://mattermost\.example\.com\'$' replace='mattermost_external_url \'http://{{inventory_hostname}}:9999\''

    - name: command gitlab-ctl
      shell: gitlab-ctl reconfigure
      register: cmd_result
    - name: command STDOUT 
      debug: var=cmd_result.stdout_lines

    - name: lokkit -p 9999:tcp for mattermost
      command: lokkit -p 9999:tcp
      register: cmd_result
    - debug: var=cmd_result.stdout_lines

# Reference information
    - name: This is initial Password for root of Gitlab
      debug: msg="The initial password of the root account is `5iveL!fe`."

Jenkins 只需要一种选项，请用中文进行改写。

---
# Please use the OS of centOS6 and RHEL6. Also, please use in an environment that does not care about the HTTP_PROXY.
# yum_repository module you can use in Ansible version 2.1 or higher. 
# In the case of Ansible version 2.0 or less, and then comment out the yumrepo block, 
# please remove the comment "download jenkins.repo" and "rpm import jenkins-ci.org.key".

- hosts: all
  become: yes
  become_method: sudo
  become_user: root
  gather_facts: no

# Setting the task
  tasks:
    - name: Add jenkins repo
      yum_repository: 
        name: jenkins
        description: jenkins yum repo
        baseurl: http://pkg.jenkins-ci.org/redhat
        gpgcheck: yes
        gpgkey: http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key

#      - name: download jenkins.repo
#        get_url: url=http://pkg.jenkins-ci.org/redhat/jenkins.repo dest=/etc/yum.repos.d/jenkins.repo
#
#      - name: rpm import jenkins-ci.org.key
#        command: rpm --import http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key
#        register: raw_result
#      - debug: var=raw_result.stdout_lines

    - name: yum install
      yum: name={{item.name}} state={{item.state}}
      register: yum_result
      with_items:
        - name: '*' 
          state: latest
        - name: openssh-server 
          state: latest
        - name: java-1.8.0-openjdk 
          state: latest
        - name: jenkins
          state: latest
    - debug: var=yum_result.results

    - name: jenkins should have been running
      service: name=jenkins state=started enabled=yes

    - name: lokkit -p 8080:tcp
      command: lokkit -p 8080:tcp
      register: cmd_result
    - debug: var=cmd_result.stdout_lines

#    - name: cat initialAdminPassword for Unlock Jenkins
#      command: cat /var/lib/jenkins/secrets/initialAdminPassword
#      register: cmd_result
#    - name: this is initialAdminPassword for Unlock Jenkins
#      debug: var=cmd_result.stdout_lines

以上