基于docker容器实现devops应用

文章目录

  • 基于docker容器实现devops应用
    • 1. 部署Gitlab并上传一个项目
    • 2. 基于tomcat部署jenkins
      • 2.1 部署tomcat
      • 2.2 部署Jenkins
    • 3. 部署harbor仓库
      • 3.1 在其它需要用到私有仓库的主机修改映射文件
      • 3.2 部署harbor仓库
    • 4. 部署docker
    • 5. 制作tomcat镜像上传到harbor仓库
    • 6. 在developer上传一个项目到Gitlab,并设置sshkey免密登录
      • 6.1 上传项目
      • 6.2 设置sshkey免密登录
    • 7. 在jenkins主机上将项目打包成war包并传到docker主机,然后再用tomcat镜像上线项目
      • 7.1 创建流水线

基于docker容器实现devops应用

主机名 ip 角色 系统版本
Gitlab 192.168.234.22 Gitlab CentOS-8
Jenkins 192.168.234.33 Jenkins CentOS-8
harbor 192.168.234.111 harbor CentOS-8
docker 192.168.234.123 docker CentOS-8
developer(开发者) 192.168.234.100 developer CentOS-8

1. 部署Gitlab并上传一个项目

部署Gitlab详细介绍可参考博客 《GitLab》

//先关闭防火墙与SElinux
[root@Gitlab ~]# systemctl disable --now firewalld
[root@Gitlab ~]# sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@Gitlab ~]# setenforce 0


//安装Gitlab环境依赖
[root@Gitlab ~]# yum install -y git perl curl openssh-server openssh-clients postfix cronie
//用源码包的方式安装一个依赖
[root@Gitlab ~]# wget http://mirror.centos.org/centos/7/os/x86_64/Packages/policycoreutils-python-2.5-34.el7.x86_64.rpm
[root@Gitlab ~]# rpm -ivh --nodeps --force policycoreutils-python-2.5-34.el7.x86_64.rpm


//下载gitlab的rpm包
[root@Gitlab ~]# wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-16.4.1-ce.0.el7.x86_64.rpm


//安装gitlab
[root@Gitlab ~]# rpm -ivh gitlab-ce-16.4.1-ce.0.el7.x86_64.rpm 


//修改gitlab的配置文件
[root@Gitlab ~]# vim /etc/gitlab/gitlab.rb 
## 修改一下两行
external_url 'http://192.168.234.33'     ## 添加
gitlab_workhorse['auth_backend'] = "http://localhost:8080"  ## 去掉注释


//开启邮箱服务
[root@Gitlab ~]# systemctl enable --now postfix


//重新加载gitlab配置文件并重启服务
[root@Gitlab ~]# gitlab-ctl reconfigure


//重新加载gitlab
[root@Gitlab ~]# gitlab-ctl restart

2. 基于tomcat部署jenkins

部署tomcat与Jenkins详细介绍可参考博客 《Jenkins》与《Tomcat》

2.1 部署tomcat

//关闭防火墙与selinux
[root@Jenkins ~]# systemctl disable --now firewalld
[root@Jenkins ~]# setenforce 0
[root@Jenkins ~]# sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config


//安装Java包
[root@Jenkins ~]# yum -y install java-1.8.0-openjdk java-1.8.0-openjdk-devel

//获取tomcat包
[root@Jenkins ~]# wget https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.80/bin/apache-tomcat-9.0.80.tar.gz


//解压tomcat包
[root@Jenkins ~]# tar xf apache-tomcat-9.0.80.tar.gz -C /usr/local/


//创建软连接
[root@Jenkins ~]# cd /usr/local/
[root@Jenkins local]# ln -s apache-tomcat-9.0.80/ tomcat


//启动tomcat
[root@Jenkins ~]# /usr/local/tomcat/bin/catalina.sh start

2.2 部署Jenkins

//安装依赖环境
[root@Jenkins ~]# yum install -y java-17-openjdk-devel java-17-openjdk


//获取Jenkins的war包
[root@Jenkins ~]# wget https://get.jenkins.io/war-stable/2.414.2/jenkins.war


//如果后面maven冲突的话可以选择一下系统的Java版本
[root@Jenkins ~]# alternatives --config java

There are 2 programs which provide 'java'.

  Selection    Command
-----------------------------------------------
*+ 1           java-1.8.0-openjdk.x86_64 (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.312.b07-2.el8_5.x86_64/jre/bin/java)
   2           java-17-openjdk.x86_64 (/usr/lib/jvm/java-17-openjdk-17.0.1.0.12-2.el8_5.x86_64/bin/java)

Enter to keep the current selection[+], or type selection number: 2  ## 选择17的版本


//运行war包
[root@Jenkins ~]# java -jar jenkins.war


//将运行后的war包复制到webapps下
[root@Jenkins ~]# cp jenkins.war /usr/local/tomcat/webapps/


//重启tomcat服务
[root@Jenkins ~]# /usr/local/tomcat/bin/catalina.sh stop
[root@Jenkins ~]# /usr/local/tomcat/bin/catalina.sh start
//访问的时候ip地址后面要加上8080端口
//后面web界面安装省略,具体步骤可参考另外一篇博客


//安装git与maven
[root@Jenkins ~]# yum install -y git maven

3. 部署harbor仓库

3.1 在其它需要用到私有仓库的主机修改映射文件

//在docker主机上添加一个映射
[root@docker ~]# vim /etc/hosts
192.168.234.111 harbor


//在harbor主机上添加一个映射
[root@harbor ~]# vim /etc/hosts
192.168.234.111 harbor

3.2 部署harbor仓库

//关闭防火墙以及selinux
[root@harbor ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@harbor ~]# setenforce 0
[root@harbor ~]# sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config


//安装docker服务
[root@harbor ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Adding repo from: https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@harbor ~]# sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
[root@harbor ~]# yum makecache
[root@harbor ~]# yum -y install docker-ce
[root@harbor ~]# systemctl enable --now docker


//安装docker-compose
[root@harbor ~]# curl -SL https://github.com/docker/compose/releases/download/v2.23.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose

//给执行权限
[root@harbor bin]# chmod +x docker-compose 

//创建软连接
[root@harbor bin]# ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose


//安装harbor
//获取harbor包
[root@harbor ~]# wget https://github.com/goharbor/harbor/releases/download/v2.9.1/harbor-offline-installer-v2.9.1.tgz

//解压harbor包
[root@harbor ~]# tar xf harbor-offline-installer-v2.9.1.tgz -C /usr/local/

//修改harbor.yml文件
[root@harbor ~]# cd /usr/local/harbor/
[root@harbor harbor]# cp harbor.yml.tmpl harbor.yml
[root@harbor harbor]# vim harbor.yml

······················略

hostname: harbor

······················略
# 如果不需要https可将https进行注释
# https related config
#https:
  # https port for harbor, default is 443
  # port: 443
  # The path of cert and key files for nginx
  #certificate: /your/certificate/path
  #private_key: /your/private/key/path
  
//执行安装脚本
[root@harbor harbor]# ./install.sh


//启动命令与停止命令,必须在/usr/local/harbor/目录执行
[root@harbor harbor]# docker-compose start
[root@harbor harbor]# docker-compose stop


//设置开机自启
[root@harbor harbor]# vim /etc/rc.local
## 添加这一行
cd /usr/local/harbor/ && docker-compose start
//添加执行权限
[root@harbor harbor]# chmod +x /etc/rc.d/rc.local 

在web端查看是否安装成功

基于docker容器实现devops应用_第1张图片

基于docker容器实现devops应用_第2张图片

4. 部署docker

//关闭防火墙与selinux
[root@docker ~]# systemctl disable --now firewalld
[root@docker ~]# setenforce 0
[root@docker ~]# sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config


//安装docker
[root@docker ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@docker ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@docker ~]# sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo


//更新并安装docker
[root@docker ~]# yum makecache
[root@docker ~]# yum -y install docker-ce


//启动服务并设置开机自启
[root@docker ~]# systemctl enable --now docker


//启用阿里云容器镜像加速服务
[root@docker ~]#  mkdir -p /etc/docker
[root@docker ~]# tee /etc/docker/daemon.json <<-'EOF'
> {
>   "registry-mirrors": ["https://ye25aygs.mirror.aliyuncs.com"]
> }
> EOF
{
  "registry-mirrors": ["https://ye25aygs.mirror.aliyuncs.com"]
}
[root@docker ~]# systemctl daemon-reload
[root@docker ~]# systemctl restart docker

5. 制作tomcat镜像上传到harbor仓库

//在/etc/docker/daemon.json配置文件里配置insecure-registries参数
[root@docker ~]# vim /etc/docker/daemon.json 
{
## 添加下面这行
  "insecure-registries": ["192.168.234.111"],
  "registry-mirrors": ["https://ye25aygs.mirror.aliyuncs.com"]
}


//重启docker服务
[root@docker ~]# systemctl restart docker

//登陆到私有仓库
[root@docker ~]# docker login harbor
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@docker ~]# 

//制作tomcat镜像
//获取tomcat包
[root@Jenkins ~]# scp apache-tomcat-9.0.80.tar.gz [email protected]:/root


//写一个dockerfile
[root@docker ~]# cat dockerfile 
FROM centos

RUN rm -rf /etc/yum.repos.d/* && \
    curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo && \
    sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \
    yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm && \
    sed -i 's|^#baseurl=https://download.example/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel* && \
    sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel* 

RUN yum -y install java-1.8.0-openjdk java-1.8.0-openjdk-devel

COPY apache-tomcat-9.0.80.tar.gz /

RUN tar xf apache-tomcat-9.0.80.tar.gz -C /usr/local/ && \
    cd /usr/local/ && \
    ln -s apache-tomcat-9.0.80/ tomcat && \
    /usr/local/tomcat/bin/catalina.sh start
    
CMD ["/usr/local/tomcat/bin/catalina.sh","run"]

-----------------------------------------------------------------


//开始构建镜像
[root@docker ~]# docker build -t kiwi/tomcat .
[root@docker ~]# docker images
REPOSITORY      TAG       IMAGE ID       CREATED              SIZE
kiwi/tomcat     latest    675004d972f9   59a452cbfb05   About a minute ago   600MB
centos          latest    5d0da3dc9764   2 years ago          231MB
[root@docker ~]# 

//重新打标签
[root@docker ~]# docker tag harbor/tomcat 192.168.234.111/library/tomcat:alpine
[root@docker ~]# docker images
REPOSITORY              TAG       IMAGE ID       CREATED         SIZE
192.168.234.111/library/tomcat   alpine    59a452cbfb05   37 minutes ago   600MB

//上传镜像
[root@docker ~]# docker push 192.168.234.111/library/tomcat:alpine

在web界面查看是否有镜像

基于docker容器实现devops应用_第3张图片

6. 在developer上传一个项目到Gitlab,并设置sshkey免密登录

6.1 上传项目

//安装git
[root@developer ~]# yum install -y git 

//获取一个项目到本地
[root@Gitlab ~]# git clone https://gitee.com/forgotten/tomcat-java-demo.git

在web端新建一个项目

基于docker容器实现devops应用_第4张图片

基于docker容器实现devops应用_第5张图片

//获取项目目录
[root@Gitlab ~]# git config --global user.name "kiwi111"
[root@Gitlab ~]# git config --global user.email "[email protected]"
[root@Gitlab ~]# git clone http://192.168.234.22/root/tomcat.git


//添加项目
[root@Jenkins tomcat]# cp -r ../tomcat-java-demo/* .
[root@Gitlab ~]# cd tomcat
[root@Gitlab tomcat]# ls
db           Dockerfile   LICENSE  README.md
deploy.yaml  jenkinsfile  pom.xml  src


//提交项目
[root@Gitlab tomcat]# git add *
[root@Gitlab tomcat]# git commit -m "first commit"


//上传项目
[root@Gitlab tomcat]# git push --set-upstream origin 

在web端看是否上传成功

6.2 设置sshkey免密登录

//生成密钥
## 一直按回车即可
[root@Jenkins ~]# cat  .ssh/id_rsa.pub 


//复制密钥内容
[root@Jenkins ~]# cat  .ssh/id_rsa.pub 

在web端上登陆想要设置免密登录的账号

然后开始设置免密登录

基于docker容器实现devops应用_第6张图片

添加一个sshkey

基于docker容器实现devops应用_第7张图片

基于docker容器实现devops应用_第8张图片

基于docker容器实现devops应用_第9张图片

验证

[root@Jenkins ~]# ssh -T [email protected]
Welcome to GitLab, @root!

//这样表示免密登录成功
//尝试拉取,注意要用ssh的地址
[root@Jenkins ~]# git clone [email protected]:root/tomcat.git

7. 在jenkins主机上将项目打包成war包并传到docker主机,然后再用tomcat镜像上线项目

7.1 创建流水线

基于docker容器实现devops应用_第10张图片

基于docker容器实现devops应用_第11张图片

//给docker主机做免密登录
[root@Jenkins ~]# ssh-copy-id [email protected]



//在jenkins流水线写脚本,脚本如下
pipeline {
    agent any
    stages {
        stage("pull code"){
            steps {
                sh """
                mkdir /project
                git clone [email protected]:root/tomcat.git /project/tomcat
                cd
                """
            }
        }
        stage("mvn project"){
            steps {
                sh """
                cd /project/tomcat
                mvn package -Dmaven.test.skikp=true
                scp /root/tomcat/target/ly-simple-tomcat-0.0.1-SNAPSHOT.war [email protected]:/root/
                """
            }
        }
        stage("copy war project from make docker image"){
            steps {
                sh """
                ssh [email protected] "
                cd && 
                docker run -p 80:8080 --name tomcat -itd 192.168.234.111/library/tomcat:alpine && 
                docker cp /root/ly-simple-tomcat-0.0.1-SNAPSHOT.war tomcat:/usr/local/tomcat/webapps/ &&
                exit "
                """
            }
        }
        stage("write dockfile"){
            steps {
                sh """
                ssh [email protected] "cd
                echo "FROM 192.168.234.111/library/tomcat:alpine" > dockerfile && 
                echo "RUN rm -rf /usr/local/tomcat/webapps/ROOT" >> dockerfile && 
                echo "COPY ly-simple-tomcat-0.0.1-SNAPSHOT.war /usr/local/tomcat/webapps/ROOT.war" >> dockerfile &&
                docker build -t harbor/libary/tamcat:v0.1 ."
                """
            }
        }
    }
}

可以看到项目上线成功

你可能感兴趣的:(docker,devops,容器)