Jenkins+Gitlab+Docker 联动
一、基本环境
角色 主机地址 软件 gitlab 192.168.119.128:8081 gitlab 13.10.3 jenkins 192.168.119.148:8080 jenkins 2.277.2 docker registry 192.168.119.128:5000 v2 deploy host 192.168.119.128 docker-ce 20.10.6
1. 关闭主机SElinux
$ setenforce 0
$ sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
2. 配置静态IP
$ nmcli connection modify ens33 ipv4.method manual ipv4.address 192.168.119.128/24 ipv4.gateway 192.168.119.2 autoconnect yes
$ nmcli connection modify ens33 ipv4.method manual ipv4.address 192.168.119.148/24 ipv4.gateway 192.168.119.2 autoconnect yes
$ nmcli con up ens33
3. 防火墙
$ systemctl stop firewalld
$ systemctl disable firewalld
4. docker-ce环境
二、服务器部署
1. gitlab
2. Jenkins
3. registry
$ docker pull registry
$ docker run -d -p 5000:5000 --restart always --privileged \
> -v registry:/var/lib/registry \
> --name registry-server registry:latest
3.1 配置信任私有仓库
$ cat /etc/docker/daemon.json
{
"registry-mirrors" : [ "https://ogeydad1.mirror.aliyuncs.com" ] ,
"insecure-registries" : [ "192.168.119.128:5000" ]
}
三、配置gitlab
1. gitlab上创建项目
2. 开发人员将代码上传到仓库
2.1 克隆仓库
$ git clone http://192.168.119.128:8081/development/python-dev.git
$ git checkout develop
$ git branch
* develop
master
2.2 Pipeline的Jenkinsfile文件
cat Jenkinsfile
node {
stage( 'Build' ) {
checkout scm
docker.withRegistry( 'http://192.168.119.128:5000' ) {
def customImage = docker.build( "bzx/lamp:latest" , "./lamp" )
customImage.push( )
}
}
stage( 'depoly' ) {
sh '' '
ssh root@192.168.119.128 ' docker stop web | true '
ssh root@192.168.119.128 ' docker rm web -f | true '
ssh root@192.168.119.128 ' docker rmi 192.168.119.128:5000/bzx/lamp:latest -f | true '
ssh root@192.168.119.128 ' docker pull 192.168.119.128:5000/bzx/lamp:latest | true '
ssh root@192.168.119.128 ' docker run -itd --name web -p 32768:80 192.168.119.128:5000/bzx/lamp:latest'
' ''
}
}
2.3 lamp目录
$ tree -c lamp/
lamp/
├── index.html
├── CentOS-Base.repo
├── Dockerfile
├── epel.repo
└── run.sh
FROM centos:7.8.2003
MAINTAINER bzx
RUN rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
RUN rpm -ivh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm --force
ADD CentOS-Base.repo /etc/yum.repos.d/
ADD epel.repo /etc/yum.repos.d/
RUN yum install -y httpd httpd-devel
RUN yum install -y php70w php70w-mysql php70w-mbstring php70w-mcrypt php70w-gd php70w-imap
RUN yum install -y php70w-ldap php70w-odbc php70w-pear php70w-xml php70w-xmlrpc php70w-pdo
RUN sed -ri 's/#ServerName www.example.com:80/ServerName www.cloud.com/g' /etc/httpd/conf/httpd.conf
ADD index.html /var/www/html/
ADD run.sh /run.sh
RUN chmod 775 /run.sh
EXPOSE 80
CMD [ "/run.sh" ]
[ base]
name= CentOS-$releasever - Base - mirrors.aliyun.com
failovermethod= priority
baseurl= http://mirrors.aliyun.com/centos/$releasever /os/$basearch /
gpgcheck= 1
gpgkey= http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
[ updates]
name= CentOS-$releasever - Updates - mirrors.aliyun.com
failovermethod= priority
baseurl= http://mirrors.aliyun.com/centos/$releasever /updates/$basearch /
gpgcheck= 1
gpgkey= http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
[ extras]
name= CentOS-$releasever - Extras - mirrors.aliyun.com
failovermethod= priority
baseurl= http://mirrors.aliyun.com/centos/$releasever /extras/$basearch /
gpgcheck= 1
gpgkey= http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
[ epel]
name= Extra Packages for Enterprise Linux 7 - $basearch
baseurl= http://mirrors.aliyun.com/epel/7/$basearch
failovermethod= priority
enabled= 1
gpgcheck= 0
gpgkey= file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
< h1> this is docker test! < /h1>
/usr/sbin/httpd -D DFOREGROUND
/bin/bash
2.4 上传到gitlab
$ git add .
$ git commit -m "lamp&jenkinsfile"
$ git push -u origin develop
四、Jenkins
1. 创建流水线
2. 配置python-dev流水线
2.1 配置分支源
2.2 配置构建配置及触发器
3. 配置SSH 部署主机
$ docker exec -it jenkins-server /bin/bash
$ ssh-keygen
$ ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.119.128
bash-5.0
Last login: Mon Apr 19 20:12:36 2021 from 192.168.119.1
Welcome to fish, the friendly interactive shell
root@git ~
3.1 添加全局凭证
3.2 添加SSH remote hosts
3.3 No such property: docker for class: groovy.lang.Binding
3.3.1 解决方法
五、测试
更新仓库代码,比如更新new.py 文件的内容; Jenkins在轮训间隔到期后,自会自动构建,并按照Jenkinsfile的流水线执行
1. 配置完毕之后自动构建镜像
bash-5.0
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.119.128:5000/bzx/lamp latest 514a2a8fde7a 13 hours ago 832MB
bzx/lamp latest 514a2a8fde7a 13 hours ago 832MB
192.168.119.128:5000/bzx/lamp < none> 2aafb0c7df1d 13 hours ago 832MB
jenkinsci/blueocean latest c56b701dbca2 4 days ago 745MB
centos 7.8.2003 afb6fca791e0 11 months ago 203MB
2. gitlab主机上已经下载了刚构建的镜像
$ ssh root@192.168.119.128 'docker stop web | true'
$ ssh root@192.168.119.128 'docker rm web -f | true'
$ ssh root@192.168.119.128 'docker rmi 192.168.119.128:5000/bzx/lamp:latest -f | true'
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.119.128:5000/bzx/lamp latest 514a2a8fde7a 13 hours ago 832MB
bzx/lamp latest 2a299c22b094 14 hours ago 832MB
registry latest 1fd8e1b0bb7e 4 days ago 26.2MB
gitlab/gitlab-ce latest e5894d9173ec 6 days ago 2.21GB
centos 7.8.2003 afb6fca791e0 11 months ago 203MB
3. gitlab已经启动了容器
$ ssh root@192.168.119.128 'docker run -itd --name web -p 32768:80 192.168.119.128:5000/bzx/lamp:latest'
$ docker ps | grep web
06ab7e499e4b 192.168.119.128:5000/bzx/lamp:latest "/run.sh" About a minute ago Up About a minute 0.0.0.0:32768-> 80/tcp, :::32768-> 80/tcp web
$ docker port web
80/tcp -> 0.0.0.0:32768
80/tcp -> :::32768
4. 浏览器访问web容器
六、配置代码更新自动触发
1. 配置 WebHOOK
http://my-jenkins-host/git/notifyCommit?url= git@gitlab.example.com:group/repository.git& delay= 0sec
2. 更新代码自会自动触发构建
$ cd /root/python-dev
$ ls
Jenkinsfile lamp/ new.py README.md
$ cd lamp/
$ ls
CentOS-Base.repo Dockerfile epel.repo index.html run.sh
$ echo "<h1>this is docker test!</h1>" >> index.html
$ echo "<h1>this is docker test!</h1>" >> index.html
$ cd ..
$ git add .
$ git commit -m "auto push"
[ develop 38d9cc0] auto push
1 file changed, 2 insertions( +)
$ git push origin develop
Username for 'http://192.168.119.128:8081' : root
Password for 'http://root@192.168.119.128:8081' :
Counting objects: 3, done.
Delta compression using up to 2 threads.
Compressing objects: 100% ( 2/2) , done.
Writing objects: 100% ( 3/3) , 264 bytes | 0 bytes/s, done.
Total 3 ( delta 1) , reused 0 ( delta 0)
remote:
remote: To create a merge request for develop, visit:
remote: http://192.168.119.128:8081/development/python-dev/-/merge_requests/new?merge_request%5Bsource_branch%5D= develo
remote:
To http://192.168.119.128:8081/development/python-dev.git
f449f2a.. 295be57 develop -> develop
Branch develop set up to track remote branch develop from origin.
3. Jenkins上的流水线python-dev会自动构建