Docker-compose安装Gitlab和Gitlab-runner(CI/CD)

1、创建docker-compose.yml

version: '3.5'
services:
  gitlab:
    image: gitlab/gitlab-ce:latest
    hostname: xxx.xxx.xxx
    restart: unless-stopped
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        gitlab_rails['gitlab_shell_ssh_port'] = 22
    ports:
      - "8000:80"
      - "8822:22"
    volumes:
      - ./config/gitlab:/etc/gitlab
      - ./data/gitlab:/var/opt/gitlab
      - ./logs:/var/log/gitlab
    networks:
      - gitlab

  gitlab-runner:
    image: gitlab/gitlab-runner:alpine
    restart: unless-stopped
    depends_on:
      - gitlab
    privileged: true
    volumes:
      - ./config/gitlab-runner:/etc/gitlab-runner
      - /var/run/docker.sock:/var/run/docker.sock
      - /bin/docker:/bin/docker
    networks:
      - gitlab

networks:
  gitlab:

解决:docker命令找不到问题。 

在编写gitlab-runner的docker-compose.yml时候加上 挂载宿主机docker命令

 # 开启授权访问
 privileged: true
    volumes:
      # 映射宿主机的docker命令给Gitlab-runner
      - /var/run/docker.sock:/var/run/docker.sock
      - /bin/docker:/bin/docker

注:宿主机文件/var/run/docker.sock权限666

解决 ERROR:Docker Got permission denied while trying to connect to the Docker daemon socket at unix://

chmod 666 /var/run/docker.sock

把当前用户加入docker组 

sudo usermod -aG docker $USER 

修改docker服务配置/usr/lib/systemd/system/docker.service

#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375

 

2、注册runner到Gitlab

docker exec -it gitlab-runner gitlab-runner register

Running in system-mode.
 
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
http://xxx.xxx.xxx
Please enter the gitlab-ci token for this runner:
xxxxxxxxxxxxxxxx
Please enter the gitlab-ci description for this runner:
[1233412312]:xxxxxxxxx
Please enter the gitlab-ci tags for this runner (comma separated):
xxxxxxxxx
Whether to run untagged builds [true/false]:
[false]: true
Whether to lock the Runner to current project [true/false]:
[true]: true
Registering runner... succeeded                     runner=Fx1jQzBW
Please enter the executor: docker-ssh+machine, kubernetes, docker-ssh, shell, virtualbox, docker+machine, docker, parallels, ssh:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!

3、配置项目Gitlab变量

Docker-compose安装Gitlab和Gitlab-runner(CI/CD)_第1张图片

4、进入Gitlab-runner容器,生成远程部署服务器免密登录私钥和公钥。

参考《ssh-keygen制作免密登录,避免那些坑!》

5、在第三步中新增变量SSH_PRIVATE_KEY,它的值是第四步中生成的私钥。(~/.ssh/id_rsa

4、配置项目.gitlab-ci.yml文件


# This file is a template, and might need editing before it works on your project.
# Official docker image.
 
stages:
  - build_image
  - push_image
  - deploy
 
before_script:
  # Setup SSH deploy keys
  - eval $(ssh-agent -s)
  - ssh-add <(echo "$SSH_PRIVATE_KEY")
  - mkdir -p ~/.ssh
  - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'

  - docker info
  - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
 
build_image:
  stage: build_image
  script:
    - docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" .
 
push_image:
  stage: push_image
  script:
    - docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
    - docker rmi "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"

deploy_image:
  stage: deploy
  script:
    - ssh USER@IP "/home/XXX/项目名-deploy.sh"

5、配置项目Dockerfile 

FROM maven:3-jdk-8-alpine

WORKDIR /usr/src/app

COPY . /usr/src/app
RUN mvn package

ENV PORT 5000
EXPOSE $PORT
CMD [ "sh", "-c", "mvn -Dserver.port=${PORT} spring-boot:run" ]

6、配置远程部署服务器当前用户的部署脚本(deploy.sh)

#! /bin/bash

TAG=私仓镜像(不含tag)
IMAGE=私仓镜像:latest
PORTS=宿主机端口:容器端口
UUID=$(uuidgen |sed 's/-//g')
UUID="DEV-$UUID"
echo "=======================Generate UUID = ${UUID}"
echo "=======================Docker logining..."
docker login -u 用户名 -p 密码  私仓
echo "=======================Docker old tag $TAG:$UUID"
docker tag $IMAGE $TAG:$UUID || true
echo "=======================Docker old push $TAG:$UUID"
docker push $TAG:$UUID || true
echo "=======================Docker old delete $TAG:$UUID"
docker rmi $TAG:$UUID || true
echo "======================Docker replace new image..."
docker stop 服务容器 || true
docker rm 服务容器 || true
docker rmi $IMAGE || true
docker pull $IMAGE
docker run -d -p $PORTS --restart=always --name 服务容器 $IMAGE

先备份旧版镜像,然后再更新新版镜像。

旧版镜像命名规则=镜像名+:前缀(DEV-)+UUID

新版镜像命名规则=镜像名+:latest

7、配置远程部署服务器docker私仓地址

vim /etc/docker/daemon.json

{
  "insecure-registries":["私仓地址"]
}

# 重启daemon程序
systemctl daemon-reload

# 重启docker服务
systemctl restart docker

 

你可能感兴趣的:(服务器)