Jenkins+Gitlab+Docker 联动

Jenkins+Gitlab+Docker 联动

一、基本环境

角色	主机地址	软件
gitlab	192.168.119.128:8081	gitlab 13.10.3
jenkins	192.168.119.148:8080	jenkins 2.277.2
docker registry	192.168.119.128:5000	v2
deploy host	192.168.119.128	docker-ce 20.10.6

1. 关闭主机SElinux

$ setenforce 0
$ sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

2. 配置静态IP

# 固定IP
$ nmcli connection modify ens33 ipv4.method manual ipv4.address 192.168.119.128/24 ipv4.gateway 192.168.119.2 autoconnect yes
$ nmcli connection modify ens33 ipv4.method manual ipv4.address 192.168.119.148/24 ipv4.gateway 192.168.119.2 autoconnect yes
$ nmcli con up ens33
# 通过修改网卡配置文件修改也可以

3. 防火墙

# 关闭（实验环境）
$ systemctl stop firewalld
$ systemctl disable firewalld

4. docker-ce环境

二、服务器部署

1. gitlab

# Jenkins+gitlab已创建

2. Jenkins

# Jenkins+gitlab已创建

3. registry

# 拉取镜像
$ docker pull registry

# 启动容器
$ docker run -d -p 5000:5000 --restart always --privileged \
> -v registry:/var/lib/registry \
> --name registry-server registry:latest

3.1 配置信任私有仓库

# Jenkins、gitlab均要添加
$ cat /etc/docker/daemon.json 
{
  "registry-mirrors": ["https://ogeydad1.mirror.aliyuncs.com"],
  "insecure-registries": ["192.168.119.128:5000"]
}

三、配置gitlab

1. gitlab上创建项目

# gitlab上创建项目python-dev，属于development组，并建立develop分支。（之前已经创建了）

2. 开发人员将代码上传到仓库

2.1 克隆仓库

# 克隆仓库
$ git clone http://192.168.119.128:8081/development/python-dev.git

# 切换分支
$ git checkout develop
$ git branch
* develop
  master

2.2 Pipeline的Jenkinsfile文件

# 创建Jenkinsfile
cat Jenkinsfile 
node {
   stage('Build') {
      checkout scm
      docker.withRegistry('http://192.168.119.128:5000') {

      def customImage = docker.build("bzx/lamp:latest", "./lamp")

      customImage.push()
      }
   }
  stage('depoly') {
    sh '''
       ssh root@192.168.119.128 'docker stop web | true'
       ssh root@192.168.119.128 'docker rm web -f | true'
       ssh root@192.168.119.128 'docker rmi 192.168.119.128:5000/bzx/lamp:latest -f | true'
       ssh root@192.168.119.128 'docker pull 192.168.119.128:5000/bzx/lamp:latest | true'
       ssh root@192.168.119.128 'docker run -itd --name web -p 32768:80 192.168.119.128:5000/bzx/lamp:latest'
    '''
  }
}

2.3 lamp目录

$ tree -c lamp/
lamp/
├── index.html
├── CentOS-Base.repo
├── Dockerfile
├── epel.repo
└── run.sh

# Dockerfile文件内容：
FROM centos:7.8.2003
MAINTAINER bzx

RUN rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
RUN rpm -ivh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm --force

ADD CentOS-Base.repo /etc/yum.repos.d/
ADD epel.repo /etc/yum.repos.d/

RUN yum install -y  httpd httpd-devel
RUN yum install -y  php70w php70w-mysql php70w-mbstring php70w-mcrypt php70w-gd php70w-imap 
RUN yum install -y  php70w-ldap php70w-odbc php70w-pear php70w-xml php70w-xmlrpc php70w-pdo
RUN sed -ri 's/#ServerName www.example.com:80/ServerName www.cloud.com/g' /etc/httpd/conf/httpd.conf

ADD index.html /var/www/html/

ADD run.sh /run.sh
RUN chmod 775 /run.sh

EXPOSE 80
CMD ["/run.sh"]

# Centos-Base.repo文件内容如下：
[base]
name=CentOS-$releasever - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-$releasever - Updates - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

# epel.repo文件如下：
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://mirrors.aliyun.com/epel/7/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

# index.html是默认首页内容如下：
<h1>this is docker test!</h1>

# run.sh镜像默认启动脚本如下：
#!/bin/sh
/usr/sbin/httpd -D DFOREGROUND
/bin/bash

2.4 上传到gitlab

$ git add .
$ git commit -m "lamp&jenkinsfile"
$ git push -u origin develop

四、Jenkins

1. 创建流水线

# 新建任务–> 选择多分支流水线–>确定

2. 配置python-dev流水线

2.1 配置分支源

2.2 配置构建配置及触发器

3. 配置SSH 部署主机

# 在jenkins上通过ssh-keygen命令生成一对秘钥(我这里用的root用户)
# 然后将公钥通过ssh-copy-id将公钥拷贝到部署主机，务必能免密登录到192.168.119.128

$ docker exec -it jenkins-server /bin/bash
$ ssh-keygen
$ ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.119.128

# 访问
bash-5.0# ssh 192.168.119.128
Last login: Mon Apr 19 20:12:36 2021 from 192.168.119.1
Welcome to fish, the friendly interactive shell
root@git ~# 

3.1 添加全局凭证

3.2 添加SSH remote hosts

# 系统管理 ————> 插件管理 ————> 可选插件 ————> 安装SSH插件

3.3 No such property: docker for class: groovy.lang.Binding

3.3.1 解决方法

# 缺少Jenkins的插件
# 系统管理-->管理插件-->可选插件中搜索CloudBees Docker Pipeline，直接安装即可

五、测试

• 更新仓库代码，比如更新new.py文件的内容；
• Jenkins在轮训间隔到期后，自会自动构建，并按照Jenkinsfile的流水线执行

1. 配置完毕之后自动构建镜像

bash-5.0# docker images
REPOSITORY                      TAG        IMAGE ID       CREATED         SIZE
192.168.119.128:5000/bzx/lamp   latest     514a2a8fde7a   13 hours ago    832MB
bzx/lamp                        latest     514a2a8fde7a   13 hours ago    832MB
192.168.119.128:5000/bzx/lamp   <none>     2aafb0c7df1d   13 hours ago    832MB
jenkinsci/blueocean             latest     c56b701dbca2   4 days ago      745MB
centos                          7.8.2003   afb6fca791e0   11 months ago   203MB

2. gitlab主机上已经下载了刚构建的镜像

# Jenkinsfile内有删除镜像命令，如果gitlab上有则会删除重新拉取
$ ssh root@192.168.119.128 'docker stop web | true'
$ ssh root@192.168.119.128 'docker rm web -f | true'
$ ssh root@192.168.119.128 'docker rmi 192.168.119.128:5000/bzx/lamp:latest -f | true'

# 查看gitlab上的images
$ docker images
REPOSITORY                      TAG        IMAGE ID       CREATED         SIZE
192.168.119.128:5000/bzx/lamp   latest     514a2a8fde7a   13 hours ago    832MB
bzx/lamp                        latest     2a299c22b094   14 hours ago    832MB
registry                        latest     1fd8e1b0bb7e   4 days ago      26.2MB
gitlab/gitlab-ce                latest     e5894d9173ec   6 days ago      2.21GB
centos                          7.8.2003   afb6fca791e0   11 months ago   203MB

3. gitlab已经启动了容器

# Jenkinsfile 内添加了启动容器命令
$ ssh root@192.168.119.128 'docker run -itd --name web -p 32768:80 192.168.119.128:5000/bzx/lamp:latest'

# 查看容器
$ docker ps | grep web
06ab7e499e4b   192.168.119.128:5000/bzx/lamp:latest   "/run.sh"                About a minute ago   Up About a minute            0.0.0.0:32768->80/tcp, :::32768->80/tcp                                       web
$ docker port web
80/tcp -> 0.0.0.0:32768
80/tcp -> :::32768

4. 浏览器访问web容器

六、配置代码更新自动触发

1. 配置 WebHOOK

http://my-jenkins-host/git/notifyCommit?url=git@gitlab.example.com:group/repository.git&delay=0sec

# my-jenkins-host：Jenkins主机地址及端口
# git@gitlab.example.com:group/repository.git 这个是你Jenkins流水线上的仓库地址

2. 更新代码自会自动触发构建

# 进入本地代码仓库
$ cd /root/python-dev
$ ls
Jenkinsfile  lamp/  new.py  README.md
$ cd lamp/
$ ls
CentOS-Base.repo  Dockerfile  epel.repo  index.html  run.sh

# 修改index.html文件内容并提交到gitlab代码仓库
$ echo "<h1>this is docker test!</h1>" >> index.html
$ echo "<h1>this is docker test!</h1>" >> index.html

# 提交到jitlab
$ cd ..
$ git  add .
$ git commit -m "auto push"
[develop 38d9cc0] auto push
 1 file changed, 2 insertions(+)
$ git push origin develop
Username for 'http://192.168.119.128:8081': root
Password for 'http://root@192.168.119.128:8081': 
Counting objects: 3, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 264 bytes | 0 bytes/s, done.
Total 3 (delta 1), reused 0 (delta 0)
remote: 
remote: To create a merge request for develop, visit:
remote:   http://192.168.119.128:8081/development/python-dev/-/merge_requests/new?merge_request%5Bsource_branch%5D=develo
remote: 
To http://192.168.119.128:8081/development/python-dev.git
   f449f2a..295be57  develop -> develop
Branch develop set up to track remote branch develop from origin.

3. Jenkins上的流水线python-dev会自动构建