Jenkins+Gitlab+Docker联动案例
| 角色 | 主机地址 | 软件 |
|---|---|---|
| gitlab | 192.168.136.136:8080 | gitlab 12.9 |
| jenkins | 192.168.136.140:8080 | jenkins 2.204.3 |
| dcoker registry | 192.168.136.136:5050 | v2 |
| deploy host | 192.168.136.136 | dcoker-ce 19.03.6 |
##基本环境部署
关闭主机的selinux
配置静态ip地址
安装docker-ce环境
##192.168.136.136上使用docker安装gitlab(之前gitlab篇已经安装并且正在运行中)
#gitlab容器启动的时候,映射主机端口8080到容器80,8443到容器443,2222到容器22端口
##192.168.136.136上使用容器仓库registry
[root@yulong-git ~]# docker run -d -p 5000:5000 --restart always --privileged -v /opt/registry:/var/lib/registry --name registry-server registry:latest
##192.168.136.136上放行端口
[root@yulong-git ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33
sources:
services: ssh dhcpv6-client http snmp
ports: 8443/tcp 2222/tcp 8080/tcp 5000/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
##192.168.136.140上使用docker安装jenkins(之前jinkens持续集成篇已经安装并且正在运行中)
#Jenkins容器启动的时候,映射主机端口8080到容器8080,50000到容器50000
##192.168.136.140放行端口
[root@yulong-jenkins ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33
sources:
services: ssh dhcpv6-client
ports: 8080/tcp 50000/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
##gitlab上创建项目python-dev,属于development组,并建立develop分支。(之前已经创建了)
##开发人员将代码上传到仓库(Pipeline的Jenkinsfile文件)(192.168.136.136)
[root@yulong-git ~]# mkdir long
[root@yulong-git long]# git init
初始化空的 Git 版本库于 /root/ss/.git/
[root@yulong-git long]# git remote add origin http://192.168.136.136:8080/root/python-dev.git
[root@yulong-git long]# git pull origin
Username for 'http://192.168.136.136:8080': root
Password for 'http://root@192.168.136.136:8080':
remote: Enumerating objects: 9, done.
remote: Counting objects: 100% (9/9), done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 9 (delta 0), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (9/9), done.
来自 http://192.168.136.136:8080/root/python-dev
* [新分支] develop -> origin/develop
* [新分支] master -> origin/master
[root@yulong-git ss]# git checkout develop
分支 develop 设置为跟踪来自 origin 的远程分支 develop。
onfig --global push.default matching
[root@yulong-git long]# vim Jinkensfile
文件内容:
node {
stage('Build') {
checkout scm
docker.withRegistry('http://192.168.136.136:5000') {
def customImage = docker.build("yulong/lamp:latest", "./lamp")
customImage.push()
}
}
stage('depoly') {
sh '''
ssh root@192.168.136.136 'docker stop web | true' #第一次构建的时候不要写
ssh root@192.168.136.136 'docker rm web -f | true'#第一次构建的时候不要写
ssh root@192.168.136.136 'docker rmi #第一次构建的时候不要写192.168.154.50:5000/yulong/lamp:latest -f | true'#第一次构建的时候不要写
ssh root@192.168.136.136 'docker pull 192.168.136.136:5000/yulong/lamp:latest | true'
ssh root@192.168.136.136 'docker run -itd --name web -p 32768:80 192.168.136.136:5000/liyi888/lamp:latest'
'''
}
}
[root@yulong-git long]# git add Jinkensfile
[root@yulong-git long]# git commit -m "Jinkensfile"
[develop a2f8227] Jinkensfile
1 file changed, 1 insertion(+)
create mode 100644 Jinkensfile
[root@yulong-git long]# git push -u origin develop
##然后创建lamp目录,也上传到gitlab
[root@yulong-git long]# tree -c lamp/
lamp/
├── Dockerfile
├── run.sh
├── index.html
├── epel.repo
└── Centos-Base.repo
0 directories, 5 files
##Dockerfile文件内容:
FROM centos:7.7.1908
MAINTAINER yulong
RUN rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest7.noarch.rpm
RUN rpm -ivh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm --force
ADD CentOS-Base.repo /etc/yum.repos.d/
ADD epel.repo /etc/yum.repos.d/
RUN yum install -y httpd httpd-devel
RUN yum install -y php70w php70w-mysql php70w-mbstring php70w-mcrypt php70w-gd php70w-imap
RUN yum install -y php70w-ldap php70w-odbc php70w-pear php70w-xml php70w-xmlrpc php70w-pdo
RUN sed -ri 's/#ServerName www.example.com:80/ServerName www.yulong.com/g' /etc/httpd/conf/httpd.conf
ADD index.html /var/www/html/
ADD run.sh /run.sh
RUN chmod 775 /run.sh
EXPOSE 80
CMD ["/run.sh"]
##Centos-Base.repo文件内容如下:
[base]
name=CentOS-$releasever - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-$releasever - Updates - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
##epel.repo文件如下:
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://mirrors.aliyun.com/epel/7/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
##index.html是默认首页内容如下:
<h1>this is docker test!</h1>
##run.sh镜像默认启动脚本如下:
#!/bin/sh
/usr/sbin/httpd -D DFOREGROUND
/bin/bash
##上传到gitlab
[root@yulong-git long]# git pull origin
[root@yulong-git long]# git add lamp/
[root@yulong-git long]# git commit -m "lamp"
[root@yulong-git long]# git push origin develop
##192.168.136.140(jinkens上配置流水线)
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-DWnjHGv2-1595134274500)(https://s1.ax1x.com/2020/04/23/JwMe4x.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-GIBc8o8y-1595134274501)(https://s1.ax1x.com/2020/04/23/JwMKgO.png)]
##配置ssh部署主机,在jinkens上生成一对密钥,然后将公钥通过ssh-copy-id将公钥拷贝到部署主机,务必能免密登录到192.168.154.136
[root@yulong-jenkins ~]# ssh-keygen
[root@yulong-jenkins ~]# ssh-copy-id -i ./.ssh/id_rsa.pub root@192.168.136.136 -f
##添加全局凭证(首先安装一下ssh.hpi插件,要是配置中有ssh-remote就不需要了)
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-6HGJ9plU-1595134274502)(https://s1.ax1x.com/2020/04/23/JwQo6S.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Wi2Ifwim-1595134274503)(https://s1.ax1x.com/2020/04/23/JwQXYq.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-KwUfatlS-1595134274504)(https://s1.ax1x.com/2020/04/24/J0ACQA.png)]
##配置私有仓库客户端
两台主机上机均要配置信任私有仓库
[root@yulong-git long]# vim /etc/docker/daemon.json
内容如下:
{
"registry-mirrors": ["https://vohzpl6l.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.136.136:5000"]
}
[root@yulong-git long]# systemctl daemon-reload
[root@yulong-git long]# systemctl restart docker
##更新代码仓库,随便更新一个index.html文件的内容
#我先找到映射的逻辑卷
[root@yulong-jenkins var]# docker volume inspect jenkins-data
[
{
"CreatedAt": "2020-04-23T20:22:00+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/jenkins-data/_data",
"Name": "jenkins-data",
"Options": null,
"Scope": "local"
}
]
[root@yulong-jenkins test-dev]# pwd
/var/lib/docker/volumes/jenkins-data/_data/workspace/test-dev
[root@yulong-jenkins test-dev]# ls
123 file1.md Jinkensfile lamp
##查看1
[root@yulong-jenkins .ssh]# docker exec -it jenkins-server /bin/bash
bash-4.4# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
yulong/lamp latest 2847fb7d7757 2 hours ago 834MB
192.168.136.136:5000/yulong/lamp latest 2847fb7d7757 2 hours ago 834MB
<none> <none> e8ed8243873b 3 hours ago 252MB
<none> <none> dac8438efed5 3 hours ago 252MB
jenkinsci/blueocean 1.22.0 cab59b2e05dc 3 days ago 566MB
centos latest 470671670cac 3 months ago 237MB
centos 7.7.1908 08d05d1d5859 5 months ago 204MB
##查看2
[root@yulong-git .ssh]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.136.136:5000/yulong/lamp latest 2847fb7d7757 2 hours ago 834MB
jenkinsci/blueocean 1.22.0 cab59b2e05dc 3 days ago 566MB
gitlab/gitlab-ce latest 6597e56a80f3 6 days ago 1.92GB
registry latest 708bc6af7e5e 3 months ago 25.8MB
hello-world latest bf756fb1ae65 3 months ago 13.3kB
###注意防火墙放行32768
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-FfDkFRsy-1595134274505)(https://s1.ax1x.com/2020/04/24/J0iO61.png)]
##创建webhook,这是其固定语法
http://my-jenkins-host/git/notifyCommit?url=git@gitlab.example.com:group/repository.git&delay=0sec
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-6YMGisCA-1595134274505)(https://s1.ax1x.com/2020/04/24/J0EQ9e.png)]
##更新代码会自动触发构建
[root@yulong-git long]# pwd
/root/long
[root@yulong-git long]# ls
123 file1.md Jinkensfile lamp
[root@yulong-git long]# vim lamp/index.html
[root@yulong-git long]# cat lamp/index.html
<h1>this is docker test!</h1>
<h1>this is docker test!</h1>
<h1>this is docker test!</h1>
<h1>this is docker test!</h1>
<h1>this is docker test!</h1>
<h1>this is docker test!</h1>
[root@yulong-git long]# git commit -m "auto push"
[develop 362b526] auto push
[root@yulong-git long]# git push origin develop
Username for 'http://192.168.136.136:8080': root
Password for 'http://root@192.168.136.136:8080':
Counting objects: 14, done.
Compressing objects: 100% (8/8), done.
Writing objects: 100% (8/8), 700 bytes | 0 bytes/s, done.
Total 8 (delta 5), reused 0 (delta 0)
remote:
remote: To create a merge request for develop, visit:
remote: http://192.168.136.136:8080/root/python-dev/-/merge_requests/new?merge_request%5Bsource_branch%5D=develop
remote:
To http://192.168.136.136:8080/root/python-dev.git
e5fe2a2..362b526 develop -> develop
##去Jenkins流水线查看
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-FDXNuw62-1595134274506)(https://s1.ax1x.com/2020/04/24/J0VtM9.png)]
To create a merge request for develop, visit:
remote: http://192.168.136.136:8080/root/python-dev/-/merge_requests/new?merge_request%5Bsource_branch%5D=develop
remote:
To http://192.168.136.136:8080/root/python-dev.git
e5fe2a2…362b526 develop -> develop
##去Jenkins流水线查看
[外链图片转存中...(img-FDXNuw62-1595134274506)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-UsTzLA2h-1595134274506)(https://s1.ax1x.com/2020/04/24/J0VdVx.png)]
936
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
