安装部署:
为了8080端口不冲突我们布置了两台虚拟机通过url-API Token SSH HTTPS等多种方式建立连接
Server1-------->gitlab物理内存2G
Server2--------->jenkins物理内存1G
GitLab 是一个用于仓库管理系统的开源项目,使用Git作为代码管理工具,并在此基础上搭建起来的web服务。安装方法是参考GitLab在GitHub上的Wiki页面。
yum install mailx #发送邮件
yum install net-tools #查看端口添加网关
netstat -antlp #邮件端口25
yum install gitlab-ce-11.2.0-ce.0.el7.x86_64.rpm
systemctl status postfix
vi /etc/gitlab/gitlab.rb #修改ip
external_url 'http://172.25.64.2'
gitlab-ctl reconfigure #重新编译
gitlab-ctl restart #编辑配置文件要重启服务:
修改密码:
登陆默认root用户:
建立项目demo通过ssh和jenkins建立连接:
[root@foundation30 ~]# git clone [email protected]:demo/demo.git #最初我们用的是ssh建立对接因此clone代码是不需要密码的
Cloning into 'demo'...
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done
[root@foundation30 ~]# cd demo/
[root@foundation30 demo]# ls
README.md
[root@foundation30 demo]# vim README.md
# DEMO
# HELLO WORLD
[root@foundation30 demo]# git add README.md
[root@foundation30 demo]# git commit -m " update README.md "
[master 89c67ec] update README.md
1 file changed, 1 insertion(+)
[root@foundation30 demo]# git remote add origin [email protected]:root/demo.git #本地上传
[root@foundation30 demo]# git remote -v
origin [email protected]:demo/demo.git (fetch)
origin [email protected]:demo/demo.git (push)
[root@foundation30 demo]# git push origin master
Counting objects: 5, done.
Writing objects: 100% (3/3), 264 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To [email protected]:demo/demo.git
23fe147..89c67ec master -> master
Jenkins是一个开源软件项目,是基于Java开发的一种持续集成工具,用于监控持续重复的工作,旨在提供一个开放易用的软件平台,使软件的持续集成变成可能。
Jenkins功能包括:
1、持续的软件版本发布/测试项目。
2、监控外部调用执行的工作。
yum install jdk-8u171-linux-x64.rpm jenkins-2.121.3-1.1.noarch.rpm
yum install git -y #安装git
systemctl start jenkins
cat /var/lib/jenkins/secrets/initialAdminPassword #查看初始密码
4bc8abd16b8a46a3a3817a8770c05936
登陆jenkins:
在线安装插件:
创建用户:
安装gitlab插件:
在控制台创建项目test:
URL:[email protected]:demo/demo.git
Credentials:root;将id_rsa公钥粘贴在认证信息里面
[root@foundation30 ~]# cd .ssh
[root@foundation30 .ssh]# ls
authorized_keys id_rsa id_rsa.pub known_hosts
[root@foundation30 .ssh]# cat id_rsa
-----BEGIN RSA PRIVATE KEY-----
步骤:
shell---->ls -a 应用保存
在真机推送文件到控制台
[root@foundation30 .ssh]# cd
[root@foundation30 ~]# cd demo/
[root@foundation30 demo]# ls
README.md
[root@foundation30 demo]# vim test.txt
[root@foundation30 demo]# git add test.txt
[root@foundation30 demo]# git commit -m "add test.txt"
[master cfeb949] add test.txt
1 file changed, 1 insertion(+)
create mode 100644 test.txt
[root@foundation30 demo]# git push origin master
Counting objects: 4, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 278 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To [email protected]:demo/demo.git
89c67ec..cfeb949 master -> master
在jenkins上允许gitlab访问;push events
在jenkins上创建用户生成一个临时的token允许gitlab连接
[root@server2 ~]# curl -X PUT --header "PRIVATE-TOKEN:6va1AMvKgGyiyjYDPazx" 'http://172.25.30.1/api/v4/application/setting?allow_local_requests_from_hooks_and_services=true'
# 允许gitlab建立api端口连接
push event:Enable SSL verification
建立
gitlab上面Integrations :
URL:http://172.25.30.2:8080/project/test
Secret Token:390ac7a2309d1b7cd047b2981526ebda(advanced generate)
test:successfully----->200
在物理机push一个hello触发gitlab的项目就会返回给jenkins监控;只要提交就会在jenkins端看到
[root@foundation30 demo]# vim hello.txt
[root@foundation30 demo]# git add hello.txt
[root@foundation30 demo]# git commit -m "add hello.txt"
# On branch master
nothing to commit, working directory clean
[root@foundation30 demo]# git status -s
[root@foundation30 demo]# git push origin master
Everything up-to-date
git -> Dockerfile -> gitlab -> jenkins -> docker plugin -> build image -> push registry -> docker run
测试一:开启一个nginx容器做测试,测试是否可以通过jenkins关闭nginx容器,作为综合案例运行docker用
1. jenkins安装docker插件
2. 物理机上安装docker软件
docker-engine-17.03.1.ce-1.el7.centos.x86_64.rpm container-selinux-2.9-4.el7.noarch.rpm
3. 导入rhel7.tar,nginx.tar
docker load -i rhel7.tar
docker load -i nginx.tar
开启一个nginx容器
4. 注意必须给jenkins权限执行docker
visudo
5. 创建一个dockerjob
如果在控制自台出现如下报错
sudo: sorry, you must have a tty to run sudo
在visudo时注释 Default requiretty 一行
6. 点击开始构建,构建成功,查看nginx的状态
[root@server2 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4338fdd3e9b3 nginx "nginx -g 'daemon ..." About a minute ago Exited (0) 10 seconds ago vm1
测试二:提交Dockerfile后自动构建镜像
1. testjob在之前的测试中已经做好了即使触发,现在添加docker构建功能
2. 修改/var/run/docker.sock的权限为777
3. 提交Dockerfile和编译所需文件
[root@foundation30 demo]# cat Dockerfile
FROM rhel7
EXPOSE 80
COPY dvd.repo /etc/yum.repos.d/dvd.repo
RUN rpmdb --rebuilddb && yum install -y httpd && yum clean all
COPY index.html /var/www/html
CMD ["/usr/sbin/httpd","-D","FOREGROUND"]
[root@foundation30 demo]# cat dvd.repo
[dvd]
name=dvd
baseurl=http://172.25.30.250/source7.3
gpgcheck=0
[root@foundation30 demo]# cat index.html
www.westos.org
www.westos.org
(经过测试可以构建出新的镜像)
[root@foundation30 demo]# git add Dockerfile dvd.repo index.html
[root@foundation30 demo]# git commit -m "add Dockerfile&dvd.repo$index.html"
[root@foundation30 demo]# git push origin master
4. 产生触发#11
Jenkins构建成功
查看镜像,TAG就是我们之前定义的${BUILD_NUMBER},并且rhel7镜像的版本标记为11和lastest实际上是一样的,会自动修改标签
[root@server2 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 11 709915d668ec About a minute ago 169 MB
rhel7 latest 709915d668ec About a minute ago 169 MB
5. 测试构建的镜像
[root@server2 ~]# docker run -d --name vm1 rhel7
5e29d5f9ec7b693f3d72bc777f924c53be599c2ec460442659f2674f69f4fa07
[root@server2 ~]# curl 172.17.0.2 (没有做端口映射)
成功!!!
测试三:整合dockerjob和testjob
1. dockerjob
只要testjob(即时检测)检测到提交了代码,就开始创建一个镜像,dockerjob就触发创建并且运行一个容器实例
2. 测试,修改index.html,提交触发testjob和dockerjob
[root@foundation30 demo]# vim index.html
[root@foundation30 demo]# git add index.html
[root@foundation30 demo]# git commit -m "update index.html"
[master 2780ef2] update index.html
1 file changed, 2 insertions(+)
[root@foundation30 demo]# git push origin master
成功!!!
3. 查看触发结果
[root@server2 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 13 5d363e4a028c 8 minutes ago 185 MB
rhel7 latest 5d363e4a028c 8 minutes ago 185 MB
[root@server2 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f64ee098da00 rhel7 "/usr/sbin/httpd -..." 8 minutes ago Up 8 minutes
综合案例:
1. 修改dockerjob
2. 修改本地代码提交触发
[root@foundation30 demo]# vim index.html
[root@foundation30 demo]# git add index.html
[root@foundation30 demo]# git commit -m "update index.html"
[master 7134c17] update index.html
1 file changed, 3 insertions(+), 3 deletions(-)
[root@foundation30 demo]# git push origin master
3. 创建本地仓库,push镜像测试
[root@server2 ~]# docker load -i registry-2.3.1.tar
# 如果没有tar包,可以用pull在网上拉取
[root@server2 ~]# docker run -d --name registry -p 5000:5000 registry:2.3.1
34fc5afff47f2f38917f010496d50e640554c6403cf77a5c5da1ff49fc91df24
[root@server2 ~]# docker tag nginx:latest localhost:5000/nginx
[root@server2 ~]# docker push localhost:5000/nginx
成功!!!
3. 添加仓库到testjob,开启自动push镜像功能
4. 修改本地文件,提交触发
[root@foundation28 demo]# vim index.html
[root@foundation28 demo]# git add index.html
[root@foundation28 demo]# git commit -m "update index.html"
[master b19408f] update index.html
1 file changed, 4 insertions(+)
[root@foundation28 demo]# git push origin master
JenKins成功检测并触发!!!
5. 查看镜像
[root@server2 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost:5000/rhel7 16 56f85075bee2 4 minutes ago 208 MB
localhost:5000/rhel7 latest 56f85075bee2 4 minutes ago 208 MB
6. 修改dockerjob
上传到本地仓库之后,会自动修改名字为localhost:5000/rhel7,所以在执行的shell里面也要进行修改,否则rhel7是本地镜像,而不是本地仓库的镜像。
至此,从编写Dockerfile,提交文件到gitlab上,然后gitlab被jenkins的testjob源码管理模板即时检测到,然后通过jenkins的docker插件构建已上传到gitlab的代码为为一个镜像,同时上传到本地仓库,dockerjob在testjob完成之后触发,开始执行shell,创建一个容器实例就结束啦.