基于ubuntu制作带docker的jenkins镜像
docker run -itd --privileged --name ubuntu ubuntu:18.04
docker exec -it ubuntu bash
基础容器安装配置
cp -a /etc/apt/sources.list /etc/apt/sources.list.bak
sed -i "s@http://.*archive.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list
sed -i "s@http://.*security.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list
apt-get update
apt-get install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
apt-get update && apt-get install -y docker-ce
apt install openjdk-8-jre-headless
apt-get install nodejs npm maven
apt-get clean && apt-get autoclean
mkdir -p /etc/docker && tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://epsax6ut.mirror.aliyuncs.com"],
"log-driver":"json-file",
"log-opts": {"max-size":"10m", "max-file":"3"}
}
EOF
#不要启动docker,产生的runtimes目录没办法更改,将导致镜像无法启动docker,原因未找到
构建准备
[root@vm ~]# docker commit ubuntu ubuntu:java
[root@vm ~]# cat Dockerfile
FROM ubuntu:java
ADD jenkins.war /mnt
ADD start.sh /
RUN chmod +x start.sh && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone
ENTRYPOINT ["sh", "/start.sh"]
[root@vm ~]# cat start.sh
service docker start && java -jar /mnt/jenkins.war
[root@vm ~]# docker build -t ubuntu:jenkins .
[root@vm ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
jenkins v1 a1778309c63e 6 seconds ago 1.19GB
[root@vm ~]# docker run -itd --privileged --name jenkins -p 8080:8080 ubuntu:jenkins
验证
[root@vm ~]# docker exec -it ubuntu:jenkins bash
root@c84409b8954e:/# cat /root/.jenkins/secrets/initialAdminPassword
ed0b08c14a27430389b696ed512bea92
root@c84409b8954e:/# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
#使用时注意目录映射如 npm、maven、 jenkins家目录
基于centos制作jenkins镜像
docker run -itd --privileged --name centos centos:7.6.1810
docker cp /etc/yum.repos.d/CentOS-Base.repo centos:/root/
docker exec -it centos bash
安装java maven
[root@1234 ~]# rm -rf /etc/yum.repos.d/*
[root@1234 ~]# mv /root/CentOS-Base.repo /etc/yum.repos.d/
[root@1234 ~]# yum update
[root@1234 ~]# yum install maven
[root@1234 ~]# mvn -v
Apache Maven 3.0.5 (Red Hat 3.0.5-17)
[root@1234 ~]# java -version
openjdk version "1.8.0_352"
安装node
curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
curl -sL https://dl.yarnpkg.com/rpm/yarn.repo | tee /etc/yum.repos.d/yarn.repo
yum install nodejs gcc-c++ make yarn git zip unzip ant git wget
升级node
[root@1234 ~]# cd ; wget https://github.com/nvm-sh/nvm/archive/refs/tags/v0.38.0.tar.gz
[root@1234 ~]# mkdir .nvm
[root@1234 ~]# tar xf v0.38.0.tar.gz --strip-components 1 -C /root/.nvm && rm -rf v0.38.0.tar.gz
[root@1234 ~]# source .nvm/nvm.sh
[root@1234 ~]# nvm -v
0.38.0
[root@1234 ~]# nvm install 14
Downloading and installing node v14.21.2...
Downloading https://nodejs.org/dist/v14.21.2/node-v14.21.2-linux-x64.tar.xz...
############################# 40.8%
[root@1234 ~]# node -v
v14.21.2
升级npm
[root@1234 ~]# nvm use 14
[root@1234 .nvm]# npm set registry https://registry.npmmirror.com/
[root@1234 .nvm]# npm get registry
https://registry.npmmirror.com/
[root@1234 ~]# npm install -g npm
[root@1234 ~]# npm -v
9.2.0
[root@1234 ~]# yum clean all && history -c
[root@1234 ~]# exit
构建镜像
[root@vm ~]# docker commit centos centos:base
[root@vm ~]# cat Dockerfile
FROM centos:base
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone
ADD jenkins.war /mnt
ENTRYPOINT ["java","-jar","/mnt/jenkins.war"]
[root@vm ~]# docker build -t jenkins:v1 .
[root@vm jenkins]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
jenkins v1 e71489d5dd58 42 minutes ago 915MB
[root@vm ~]# docker run -itd --name jenkins -p 8080:8080 jenkins:v1
#值得注意的是需要对以下几个目录做数据持久映射
jenkins目录 /root/.jenkins
maven目录: /root/.m2/repository
maven配置: /etc/maven
nvm目录: /root/.nvm/
centos容器不能使用docker,原因说的比较多,如果需要实现构建镜像。你可以使用jenkins的Publish Over SSH相关插件,在构建是增加步骤,来远程宿主机执行。
SSH Server
name 要ssh的主机信息,配置账户自己搜索
Transfers
Source files 可不填,默认为当前workspace下
Remove prefix 可不填,需要去掉的前缀,按上面的路径截取
Remote directory 可不填,传输的ssh机器的目录root目录
Exec command 要执行的shell
基于docker:dind镜像做jenkins
可以实现容器里构建容器。
FROM docker.io/docker:dind
#使用阿里仓库地址
RUN echo -e "http://mirrors.aliyun.com/alpine/latest-stable/main\n\
http://mirrors.aliyun.com/alpine/latest-stable/community" > /etc/apk/repositories
#增加不安全链接地址,本地注册中心地址。
RUN mkdir -p /etc/docker && echo -e '{"insecure-registries": ["192.168.1.11:5000"]}' > /etc/docker/daemon.json
RUN apk update && apk add tzdata vim openjdk8 libstdc++ curl ca-certificates bash && \
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
echo "Asia/Shanghai" > /etc/timezone && \
rm -rf /root/.cache
#设置环境变量
ENV JAVA_HOME /usr/lib/jvm/default-jvm
ENV PATH $PATH:$JAVA_HOME/jre/bin:$JAVA_HOME/bin
#安装字体 Jenkins 需要,git,ssh,修改root主目录
RUN apk update && apk add ttf-dejavu git openssh && \
sed -i -e 's/root:\/root/root:\/var\/jenkins_home/g' /etc/passwd
#设置jenkins 主目录
ENV JENKINS_HOME /var/jenkins_home
#设置maven目录
ENV MAVEN_HOME /var/jenkins_home/tools/maven3
ENV PATH $PATH:$MAVEN_HOME/bin
WORKDIR /var/jenkins_home
#添加启动脚本和 war 文件从Jenkins 下载。
ADD jenkins_run.sh /jenkins_run.sh
ADD jenkins.war /usr/share/jenkins/jenkins.war
RUN chmod +x /jenkins_run.sh
EXPOSE 8080
ENTRYPOINT ["/jenkins_run.sh"]
cat jenkins_run.sh
#!/bin/sh
nohup java -Duser.home=/var/jenkins_home -jar /usr/share/jenkins/jenkins.war --httpPort=8080 >> /var/log/jenkins.log &
sh /usr/local/bin/dind dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375
docker run –privileged -v /jenkins-data:/var/jenkins_home -d -p 8080:8080myhub/jenkins:latest
https://blog.csdn.net/freewebsys/article/details/79756488
https://blog.csdn.net/u014776211/article/details/125581725 漏洞
############################################
###### docker in dokcer ############
############################################
docker run --name ubuntu --privileged=true -itd ubuntu:18.04
cp -a /etc/apt/sources.list /etc/apt/sources.list.bak
sed -i "s@http://.*archive.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list
sed -i "s@http://.*security.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list
apt-get install tzdata ntpdate
Geographic area: 6
Time zone: 70
ntpdate ntp1.aliyun.com
apt-get update && apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL https://repo.huaweicloud.com/docker-ce/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] https://repo.huaweicloud.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
apt-get install docker-ce docker-ce-cli containerd.io -y
root@ffb189f2eebc:/# service docker start
* Starting Docker: docker [ OK ]
root@ffb189f2eebc:/# service docker status
* Docker is running
cat /etc/docker/daemon.json
{
"registry-mirrors": [
"http://hub-mirror.c.163.com",
"https://docker.mirrors.ustc.edu.cn",
"https://registry.docker-cn.com"
]
}
service docker restart
docker pull nginx
docker run -itd -p 80:80 nginx
curl localhost:80