GitLab Runner是一个开源项目,用于运行您的作业并将结果发送回GitLab。它与GitLab CI一起使用,GitLab CI是GitLab随附的开源持续集成服务,用于协调作业。
1.从远程clone项目到本地
接着在本地创建新的gitlab项目
然后删除项目的.git,上传项目即可
2.docker搭建gitlab-runner
$mkdir -p docker/gitlab/runner && cd docker/gitlab/runner
$docker run -d --rm --name gitlab-runner gitlab/gitlab-runner:v10.5.0
$docker cp gitlab-runner:/etc/gitlab-runner && mv gitlab-runner config
$docker stop gitlab-runner
$docker run -d --name gitlab-runner --restart=always -v /home/ydt/docker/gitlab/runner/config/:/etc/gitlab-runner -v /home/ydt/docker/gitlab/runner/scripts/:/home/gitlab-runner/scripts -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-runner:v10.5.4
映射目录说明:
- scripts脚本目录映射:添加一些脚本供运行runner时使用,可以根据需要自行定义
- config配置文件映射:便于修改config.toml文件,对不同注册的runner做一些配置修改
- docker.sock:Docker守护进程默认监听的Unix域套接字,容器中的进程可以通过它与Docker守护进程进行通信
3.集成gitlab CI/CD流水线
(1)注册runner到gitlab服务器
maven:用于java程序打包、跑单元测试、代码审核(sonarqube)
$ docker exec -it gitlab-runner gitlab-runner register
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
http://192.168.10.171/
Please enter the gitlab-ci token for this runner:
AikhZrKTwQqY-2TQyWEA
Please enter the gitlab-ci description for this runner:
[cfb1f6f983f3]: maven-java
Please enter the gitlab-ci tags for this runner (comma separated):
maven
Registering runner... succeeded runner=maGJhGKD
Please enter the executor: kubernetes, docker, virtualbox, docker+machine, ssh, docker-ssh+machine, docker-ssh, parallels, shell:
docker
Please enter the default Docker image (e.g. ruby:2.1):
镜像名
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
docker:用于构建服务镜像、推送镜像到远程仓库
$ docker exec -it gitlab-runner gitlab-runner register
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
http://192.168.10.171/
Please enter the gitlab-ci token for this runner:
AikhZrKTwQqY-2TQyWEA
Please enter the gitlab-ci description for this runner:
[cfb1f6f983f3]: docker-run
Please enter the gitlab-ci tags for this runner (comma separated):
docker
Registering runner... succeeded runner=maGJhGKD
Please enter the executor: parallels, virtualbox, docker+machine, kubernetes, docker-ssh, shell, ssh, docker-ssh+machine, docker:
docker
Please enter the default Docker image (e.g. ruby:2.1):
镜像名
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
ssh:用于登录、部署服务到远程docker主机
$ docker exec -it gitlab-runner gitlab-runner register
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
http://192.168.10.171 /
Please enter the gitlab-ci token for this runner:
AikhZrKTwQqY-2TQyWEA
Please enter the gitlab-ci description for this runner:
[cfb1f6f983f3]: ssh-localhost
Please enter the gitlab-ci tags for this runner (comma separated):
ssh
Registering runner... succeeded runner=maGJhGKD
Please enter the executor: ssh, docker+machine, docker-ssh+machine, kubernetes, parallels, shell, virtualbox, docker, docker-ssh:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
4.注册结果如下图
5.注册完config.toml配置如下
concurrent = 1
check_interval = 0
[[runners]]
name = "just for test"
url = "http://192.168.10.171/"
token = "d8af9b38c095ed6a041c21ab5ecd1e"
executor = "docker"
[runners.docker]
tls_verify = false
image = "registry.cn-beijing.aliyuncs.com/qianjia2018/qianjia_prod"
privileged = false
disable_cache = false
volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]
shm_size = 0
[runners.cache]
[[runners]]
name = "maven;docker-run;shell-200;shell-prod"
url = "http://192.168.10.171/"
token = "00253c847518c7de419dcb06a7b173"
executor = "docker"
[runners.docker]
tls_verify = false
image = "registry.cn-beijing.aliyuncs.com/qianjia2018/qianjia_prod:maven3-jdk8"
privileged = false
disable_cache = false
volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]
shm_size = 0
[runners.cache]
[[runners]]
name = "docker"
url = "http://192.168.10.171/"
token = "6380a613ab80d78cee40e120f0f175"
executor = "docker"
[runners.docker]
tls_verify = false
image = "registry.cn-beijing.aliyuncs.com/qianjia2018/qianjia_prod"
privileged = false
disable_cache = false
volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]
shm_size = 0
[runners.cache]
[[runners]]
name = "docker"
url = "http://192.168.10.171/"
token = "032c2ad094645654242e10fa6bd028"
executor = "docker"
[runners.docker]
tls_verify = false
image = "registry.cn-beijing.aliyuncs.com/qianjia2018/qianjia_prod:docker"
privileged = false
disable_cache = false
6.config-toml配置简介
7.[[runners]]部分
8.[runners.docker]部分
9.使用gitlab-runner部署项目
(1).上传项目到gitlab(使用一个特殊方法)
在gitlab上新建一个eureka项目,拉去github上的eureka项目到本地,然后推送到gitlab上
$ git clone http://192.168.10.171/root/eureka.git
$ git clone https://github.com/github-ydt/eureka_server.git
$ mv eureka_server/* eureka
$ mv eureka_server/.* eureka
$ cd eureka_server/
$ git add .
$ git commit -m "上传eureka项目"
$ git push
(2).上传.gitlab-ci.yml文件到项目/目录,配置如下:
stages:
- test
- build
- deploy
cache:
paths:
- .m2/
variables:
MAVEN_OPTS: "-Dmaven.repo.local=.m2"
MAVEN_IMAGE:镜像名
CONTAINER_NAME: eureka-ydt
PROD_REPO: registry.cn-beijing.aliyuncs.com/ydt/all
build image:
image: $MAVEN_IMAGE
stage: test
script:
- mvn package docker:build -q -Dmaven.test.skip=false
tags:
- maven
only:
- master
push image prod:
stage: build
before_script:
- docker login --username=$USERNAME --password=$PASSWORD registry.cn-beijing.aliyuncs.com
script:
- docker tag $DEV_REPO:$CONTAINER_NAME $PROD_REPO:$CONTAINER_NAME
- docker push $PROD_REPO:$CONTAINER_NAME
tags:
- docker
only:
- master
when: on_success
ssh run on remote machine prod:
stage: deploy
script:
- bash ~/scripts/ssh-deploy.sh $CONTAINER_NAME 1025 1025 $PROD_REPO:$CONTAINER_NAME ydt 192.168.10.171
tags:
- ssh
only:
- master
when: on_success
注意:
10.ssh-deploy.sh此脚本在容器内部的/home/gitlab-runner/scripts目录下,内容如下:
#!/bin/bash
ssh -p 2022 $5@$6 <<EOF
cd;bash ~/docker/gitlab/runner/run.sh $1 $2 $3 $4
EOF
11.run.sh此脚本在远程部署主机~/docker/gitlab/runner/目录下,内容如下:
#!/bin/bash
conName=$1
eonPort=$2
conPort=$3
images=$4
count=`docker ps -a |grep "$conName"|wc -l `
if [ $count -eq 0 ];then
echo "$conName container is not exit"
else
id=$(docker ps -a |grep "$conName" |awk '{print $1}')
for i in $id
do
docker stop $i
docker rm $i
done
fi
docker rmi $images
docker run --restart=always -d --name $conName -p $eonPort:$conPort $images
12.ssh登录远程主机,需要配置ssh公钥,配置过程如下:
ydt@KobeBryant:~$ docker exec -it gitlab-runner bash
root@6af0ce3a3254:/# su gitlab-runner
gitlab-runner@6af0ce3a3254:/$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/gitlab-runner/.ssh/id_rsa):
Created directory '/home/gitlab-runner/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/gitlab-runner/.ssh/id_rsa.
Your public key has been saved in /home/gitlab-runner/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:0ZzqZODcTcUhmHBC+lE71BmBz0UTOAh3Gck+xl4QIcg gitlab-runner@6af0ce3a3254
The key's randomart image is:
+---[RSA 2048]----+
| o=+*BO&*o |
| .E*=*X+o. |
| . o +==+ |
| + + *B . |
| + So.o |
| + . |
| . |
| |
| |
+----[SHA256]-----+
gitlab-runner@6af0ce3a3254:/$ ssh-copy-id -i ~/.ssh/id_rsa.pub -p24 cyf@192.168.10.24
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/gitlab-runner/.ssh/id_rsa.pub"
The authenticity of host '[192.168.10.24]:24 ([192.168.10.24]:24)' can't be established.
ECDSA key fingerprint is SHA256:vPilmOy8x6qiFv6zfl47vD2st2gI6sIkHXdijb2qAu0.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
cyf@192.168.10.24's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -p '2022' 'ydt@192.168.10.171'"
and check to make sure that only the key(s) you wanted were added.
13.运行流水线(添加.gitlab-ci.yml将会自动运行)
首次运行test阶段时遇到了一个docker守护进程的问题,问题如下:
14.修改gitlab-runner配置文件,volumes字段配置,配置如下
volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]
当所有阶段均通过即部署完毕如下图:
15.搭建gitlab-runner-docker-cleanup,自动清理缓存和映像,
docker run -d \
-e LOW_FREE_SPACE=10G \
-e EXPECTED_FREE_SPACE=20G \
-e LOW_FREE_FILES_COUNT=1048576 \
-e EXPECTED_FREE_FILES_COUNT=2097152 \
-e DEFAULT_TTL=10m \
-e USE_DF=1 \
--restart always \
-v /var/run/docker.sock:/var/run/docker.sock \
--name=gitlab-runner-docker-cleanup \
quay.io/gitlab/gitlab-runner-docker-cleanup
16.各个环境变量介绍:
17.设置定时任务清理
设置每天0时0分清理一下悬挂镜像和无用存储卷,0 0 */1 * * /bin/bash /home/cyf/scripts/clean-docker.sh,简单脚本如下:
#!/bin/bash
docker image prune -f && docker volume prune -f