網(wǎng)站首頁 編程語言 正文
文章目錄
- 一、實驗環(huán)境
- 二、實驗步驟
- 三、docker-compose目錄內(nèi)容
一、實驗環(huán)境
| 系統(tǒng) | 主機名 | ip地址 | 所用軟件 | 扮演角色 |
|---|---|---|---|---|
| Centos7.4 | gitlab | 192.168.100.202 | gitlab | Gitlab倉庫 |
| Centos7.4 | jenkins | 192.168.100.203 | jenkins、docker、docker-compose | Jenkins |
| Centos7.4 | test | 192.168.100.204 | docker、docker-compose | 測試環(huán)境 |
| Centos7.4 | true | 192.168.100.205 | docker、docker-compose | 生產(chǎn)環(huán)境 |
| Centos7.4 | harbor | 192.168.100.206 | harbor、docker、docker-compose | harbor鏡像倉庫 |
二、實驗步驟
-目的
Jenkins+gitlab配合發(fā)布docker容器項目
-思路:
- 構建gitlab倉庫,創(chuàng)建新項目
- 構建jenkins,把密鑰傳給其他的主機
- 構建harbor倉庫,上傳mysql、php、nginx的鏡像
- 在測試主機、生產(chǎn)主機安裝docker與docker-compose
- 使用jenkins登錄git復制倉庫,然后把compose-lnmp傳到倉庫
- 在jenkins創(chuàng)建流水線項目,使用流水線腳本,創(chuàng)建腳本先拉gitlab倉庫的內(nèi)容,在測試環(huán)境拉取harbor倉庫的鏡像,然后把jenkins拉取的gitlab數(shù)據(jù)scp到測試主機,然后在測試主機執(zhí)行docker-compose up -d 命令構建lnmp,要記得scp的路徑要和docker-compose.yml文件中掛載的目錄相同
- 在測試主機測試成功后,再次創(chuàng)建一個流水線項目,這次寫的流水線腳本是scp到生產(chǎn)主機,其他不變即可
(1)搭建Gitlab倉庫,創(chuàng)建新項目
******(1)先做基礎配置
[root@Centos7 ~]# hostnamectl set-hostname gitlab
[root@Centos7 ~]# su
[root@gitlab ~]# systemctl stop firewalld
[root@gitlab ~]# setenforce 0
setenforce: SELinux is disabled
[root@gitlab ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 寫保護,將以只讀方式掛載
mount: /dev/sr0 已經(jīng)掛載或 /mnt 忙
/dev/sr0 已經(jīng)掛載到 /mnt 上
******(2)安裝依賴包,安裝gitlab
[root@gitlab ~]# yum install -y curl policycoreutils openssh-server openssh-clients postfix policycoreutils-python
。。。。。。
完畢!
[root@gitlab ~]# systemctl enable postfix #開啟郵件服務
[root@gitlab ~]# systemctl start postfix
[root@gitlab ~]# ll #上傳gitlab軟件包
總用量 625204
-rw-------. 1 root root 1264 1月 12 2021 anaconda-ks.cfg
-rw-r--r-- 1 root root 640204790 6月 29 18:41 gitlab-ce-12.0.2-ce.0.el7.x86_64.rpm
[root@gitlab ~]# yum -y install gitlab-ce-12.0.2-ce.0.el7.x86_64.rpm #安裝gitlab-ce
。。。。。。
完畢!
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
12 ##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
13 external_url 'http://192.168.100.202' #修改為本機ip地址
14
15 ## Ro
#保存退出
[root@gitlab ~]# gitlab-ctl reconfigure #修改完配置文件需要重置,等待重置完成
Running handlers:
Running handlers complete
Chef Client finished, 509/1343 resources updated in 02 minutes 39 seconds
gitlab Reconfigured! #重置完成
[root@gitlab ~]# netstat -anpt | grep 80 #驗證端口
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 2027/unicorn master
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2091/nginx: master
tcp 0 0 127.0.0.1:8082 0.0.0.0:* LISTEN 2047/sidekiq 5.2.7
tcp 0 0 0.0.0.0:8060 0.0.0.0:* LISTEN 2091/nginx: master
tcp 0 0 127.0.0.1:50362 127.0.0.1:8082 ESTABLISHED 2537/prometheus
tcp 0 0 127.0.0.1:8060 127.0.0.1:49838 ESTABLISHED 2092/nginx: worker
tcp 0 0 127.0.0.1:8082 127.0.0.1:50362 ESTABLISHED 2047/sidekiq 5.2.7
tcp 0 0 127.0.0.1:8080 127.0.0.1:35318 TIME_WAIT -
tcp 0 0 127.0.0.1:8080 127.0.0.1:35326 TIME_WAIT -
tcp 0 0 127.0.0.1:49838 127.0.0.1:8060 ESTABLISHED 2537/prometheus
tcp 0 0 127.0.0.1:8080 127.0.0.1:35320 TIME_WAIT -
(3)過一兩分鐘后訪問gitlab,直接訪問80端口即可,因為gitlab默認使用nginx作為web
成功訪問!!!
******(4)漢化gitlab
[root@gitlab ~]# ll
總用量 699968
-rw-------. 1 root root 1264 1月 12 2021 anaconda-ks.cfg
-rw-r--r-- 1 root root 76557595 6月 29 17:01 gitlab-12-0-stable-zh.tar.gz #上傳漢化包
-rw-r--r-- 1 root root 640204790 6月 29 18:41 gitlab-ce-12.0.2-ce.0.el7.x86_64.rpm
[root@gitlab ~]# tar xf gitlab-12-0-stable-zh.tar.gz
[root@gitlab ~]# cat gitlab-12-0-stable-zh/VERSION #確認版本
12.0.3
[root@gitlab ~]# gitlab-ctl stop #先停止gitlab
ok: down: alertmanager: 1s, normally up
ok: down: gitaly: 0s, normally up
ok: down: gitlab-monitor: 1s, normally up
ok: down: gitlab-workhorse: 0s, normally up
ok: down: grafana: 1s, normally up
ok: down: logrotate: 0s, normally up
ok: down: nginx: 1s, normally up
ok: down: node-exporter: 0s, normally up
ok: down: postgres-exporter: 0s, normally up
ok: down: postgresql: 1s, normally up
ok: down: prometheus: 0s, normally up
ok: down: redis: 1s, normally up
ok: down: redis-exporter: 0s, normally up
ok: down: sidekiq: 0s, normally up
ok: down: unicorn: 0s, normally up
[root@gitlab ~]# unalias cp #刪除cp別名
[root@gitlab ~]# cp -rf gitlab-12-0-stable-zh/* /opt/gitlab/embedded/service/gitlab-rails/
cp: 無法以目錄"gitlab-12-0-stable-zh/log" 來覆蓋非目錄"/opt/gitlab/embedded/service/gitlab-rails/log" #報錯不用管
cp: 無法以目錄"gitlab-12-0-stable-zh/tmp" 來覆蓋非目錄"/opt/gitlab/embedded/service/gitlab-rails/tmp"
[root@gitlab ~]# gitlab-ctl start #開啟gilab
ok: run: alertmanager: (pid 3470) 0s
ok: run: gitaly: (pid 3478) 1s
ok: run: gitlab-monitor: (pid 3498) 0s
ok: run: gitlab-workhorse: (pid 3502) 1s
ok: run: grafana: (pid 3510) 0s
ok: run: logrotate: (pid 3523) 1s
ok: run: nginx: (pid 3529) 0s
ok: run: node-exporter: (pid 3534) 1s
ok: run: postgres-exporter: (pid 3538) 0s
ok: run: postgresql: (pid 3619) 0s
ok: run: prometheus: (pid 3628) 1s
ok: run: redis: (pid 3637) 0s
ok: run: redis-exporter: (pid 3641) 1s
ok: run: sidekiq: (pid 3646) 0s
ok: run: unicorn: (pid 3652) 1s
同樣過一兩分鐘再訪問
Gitlan倉庫搭建完成!!!
(5)創(chuàng)建一個新項目
成功創(chuàng)建項目!
(6)生成ssh密鑰,因為是要配合jenkins,所有這里使用的密鑰直接在jenkins主機上操作即可
[root@jenkins ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:e1olz2v3yPkgpuuP+C9bLRj5vDsRup46cH13uQq51y8 root@jenkins
The key's randomart image is:
+---[RSA 2048]----+
| |
| |
| |
| .. |
| S.+... .|
| . ..oX+....|
| o. +=Xo+..|
| .=o*=BE* |
| +*XOB==+=|
+----[SHA256]-----+
[root@jenkins ~]# cat .ssh/id_rsa.pub #查看公鑰,復制公鑰
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClc2b0yoL8i4O2TTO+n9w0EslQ3S5ekealEeMRnYxbWIDqW+d4X3SP2HacJWlkDl7unVNegzTrrXrzy4UWU1qgDI8C+94yVqKD2zF0PMZPO8e5ORD5N7gy5CIjEupbWHA2Xg7Hl8VX1h99VZcoERk1mnAtnZtSZyFtdGbg8QsX5PzW+mvHWwvilXJpXQHXeVHlPATGcObsVM5vkKxHajbYq1LZtYRA51J2jkKeUqPohqmYZZ+re9MXhVJl7uL+NgutxN+LcwpesH7Er7hF+iUD6JVrBKW7HkmZHZZpIllAMQI7aa9nqOWGkXIKr1jTDuiQIN+akPGfUEbWd5dxyC37 root@jenkins
(2)搭建Jenkins主機,把密鑰傳給其他的主機,把root用戶的私鑰放到自己上,方便拉取gitlab倉庫的數(shù)據(jù)
這里做的時候直接把插件包上傳了,然后重啟jenkins就可以了
******(1)先做基礎配置
[root@Centos7 ~]# hostnamectl set-hostname jenkins
[root@Centos7 ~]# su
[root@jenkins ~]# systemctl stop firewalld
[root@jenkins ~]# setenforce 0
setenforce: SELinux is disabled
[root@jenkins ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 寫保護,將以只讀方式掛載
mount: /dev/sr0 已經(jīng)掛載或 /mnt 忙
/dev/sr0 已經(jīng)掛載到 /mnt 上
******(2)安裝JDK環(huán)境
[root@jenkins ~]# ll
總用量 177124
-rw-------. 1 root root 1264 1月 12 2021 anaconda-ks.cfg
-rw-r--r-- 1 root root 181367942 6月 30 2017 jdk-8u91-linux-x64.tar.gz
[root@jenkins ~]# tar xf jdk-8u91-linux-x64.tar.gz -C /usr/local/
[root@jenkins ~]# mv /usr/local/jdk1.8.0_91 /usr/local/java
[root@jenkins ~]# ls /usr/local/
bin etc games include java lib lib64 libexec sbin share src
[root@jenkins ~]# vim /etc/profile
。。。。。。最后一行添加
JAVA_HOME=/usr/local/java
PATH=$JAVA_HOME/bin:$PATH
CLASSPATH=$JAVA_HOME/jre/lib/ext:$JAVA_HOME/lib/tools.jar
export PATH JAVA_HOME CLASSPATH
#保存退出
[root@jenkins ~]# vim /etc/profile
[root@jenkins ~]# source /etc/profile #使配置生效
[root@jenkins ~]# java -version #查看java版本,確認jdk環(huán)境
java version "1.8.0_91"
Java(TM) SE Runtime Environment (build 1.8.0_91-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.91-b14, mixed mode)
******(3)上傳Jenkins軟件包,安裝、配置
[root@jenkins ~]# ll
總用量 241624
-rw-------. 1 root root 1264 1月 12 2021 anaconda-ks.cfg
-rw-r--r-- 1 root root 181367942 6月 30 2017 jdk-8u91-linux-x64.tar.gz
-rw-r--r-- 1 root root 66044542 6月 29 17:03 jenkins-2.222.4-1.1.noarch.rpm
[root@jenkins ~]# yum -y install jenkins-2.222.4-1.1.noarch.rpm
。。。。。。
完畢!
[root@jenkins ~]# vim /etc/sysconfig/jenkins #修改配置文件
28 #
29 JENKINS_USER="root" #待會需要使用root傳輸密鑰,所以這里要改一下
30
#保存退出
[root@jenkins ~]# ln -s /usr/local/java/bin/java /usr/bin/ #優(yōu)化命令執(zhí)行路徑
[root@jenkins ~]# /etc/init.d/jenkins start #開啟jenkins
Starting jenkins (via systemctl): [ 確定 ]
[root@jenkins ~]# netstat -anpt | grep 8080 #驗證端口
tcp6 0 0 :::8080 :::* LISTEN 1241/java
[root@jenkins ~]# chkconfig jenkins on
(4)使用瀏覽器訪問8080端口,解鎖jenkins
提前獲得密碼
[root@jenkins ~]# cat /var/lib/jenkins/secrets/initialAdminPassword
b90fe608d1024dd5ab9dd97b4251fdb0
這里如果機器是聯(lián)網(wǎng)的話需要先斷網(wǎng)再點擊繼續(xù),因為下一步是下載插件,如果使用jenkins官網(wǎng)的會下載的很慢,可以先跳過插件安裝
點擊跳過插件安裝
(5)升級jenkins(可以不升級)
[root@jenkins ~]# cd /usr/lib/jenkins/
[root@jenkins jenkins]# ll
總用量 64688
-rw-r--r-- 1 root root 66239216 5月 28 2020 jenkins.war
[root@jenkins jenkins]# mv jenkins.war jenkins.war.bak #把原來的包備份
[root@jenkins jenkins]# rz
z waiting to receive.**B0100000023be50
[root@jenkins jenkins]# ll
總用量 133996
-rw-r--r-- 1 root root 70969355 11月 30 2020 jenkins.war #上傳新的war包
-rw-r--r-- 1 root root 66239216 5月 28 2020 jenkins.war.bak
[root@jenkins jenkins]# systemctl restart jenkins #重啟jenkins
重新使用瀏覽器訪問jenkins
(6)修改jenkins插件下載地址
修改為http://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json
進入命令行修改配置文件重啟jenkins
[root@jenkins ~]# cd /var/lib/jenkins/updates/
[root@jenkins updates]# sed -i 's/http:\/\/updates.jenkins-ci.org\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json && sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
[root@jenkins updates]# systemctl restart jenkins
[root@jenkins updates]# cd
)]
點擊這個可以下載,但是如果下載無法成功的話,可以直接替換/var/lib/jenkins下的plugins插件包目錄,然后重啟即可,我這里直接俄上傳替換了
這里上傳后因為插件包的原因還變成了中文
至此成功搭建Jenkins
(7)上傳自己root賬戶的私鑰到jenkins上
[root@jenkins ~]# cat .ssh/id_rsa #復制私鑰
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEApXNm9MqC/IuDtk0zvp/cNBLJUN0uXpHmpRHjEZ2MW1iA6lvn
eF90j9h2nCVpZA5e7p1TXoM0661688uFFlNaoAyPAvveMlaig9sxdDzGTzvHuTkQ
+Te4MuQiIxLqW1hwNl4Ox5fFV9YffVWXKBEZNZpwLZ2bUmchbXRm4PELF+T81vpr
x1sL4pVyaV0B13lR5TwExnDm7FTOb5CsR2o22KtS2bWEQOdSdo5CnlKj6IapmGWf
q3vTF4VSZe7i/jYLrcTfi3MKXrB+xK+4RfolA+iVawSlux5JmR2WaSJZQDECO2mv
Z6jlhpFyCq9Y0w7okCDfmpDxn1BG1neXccgt+wIDAQABAoIBAEj7X+YJUsBuFlqb
MYEb6Tm7M7yM5IBo4ZHdEwnZMmm036EBi1ho2vT86k00n4m4YR3mnjjprbVsX/kc
xIc1m5tQDuGlEr2nw6ZgUS9SA7Q9zXsh9h/I+WLRiVFpbaF/oHgLA3/9rdpyJI/X
6oaNDE694k/s3u/5eCBdIWiGS3ttHHyqe3xRPRb3yLWmqb+a0uEeOFIVkfTAmMyv
GHpBuR9ohjPoKB/Ii/gVMIDVr0JJSMAjGdfdc8w2s2lrSg+3OhGyeAe8gDdgWMGg
rhj8h0RnjyxjhTYV76BYVlmi3mnSLSqZ1rUWn9+8BrYo0LGgZFBdSrBYmKFOTeJP
J3bHzXECgYEA1bkQmXE0lko7WC/elXtmCuiKUCdyuBD4rGLeClDVhdLLpG7dgRs+
tGngSeC4EAOqsPKIGKgPQn9Yn//KRTiAaVsACFagE2/JNA1fD/OlrPgO4Tz8or7l
GW9BOf+Tg8FL1Z/abD5+Y6zK5O/pG7CgmQp0LnFGEjKT5bRXKh3QnXMCgYEAxi3V
6dTkClrO6F1vO5c7pQgbnKfd8LT+V0JRaHiTcITsyCf2/zmGMJv3i7aLX0jSoOe3
GGIsiNuYUc2zTrqsVDg3OllrK9GPhmtSv/NgiVvwoBHY7B2Ersi1dAMbsipdjedT
fqSbZVeRKsOWq0YSsYbY06W3gHgtdft2uYUsi1kCgYEAmVtML+5tX5Iwdx0SSIzd
MeKerNlBlhaHeZsP3LMYJAiYG4t54dRc8DQwvpJDQSqAZqwBQEAHgx3ByD1RNM5Q
RkkIAvO1tXy3EWSu29FnBnCQrMqINXdpCREt6qIbhaVD9yvXHWjSZE9u30vPJxFc
i7RWnaSmNRSZz2/SQ+RU90UCgYBJufGTzSSNCZ1h6qif9bI1wh9rlzPFAcCBO+XH
RNwtBvaDvAJyjrbyTIO6UU3mQ9RAEhQWmSdSPsea3ziuuFm19zfsmCl7ormPW0vs
pyEp2K9bDWiy5oRe9cIzh5h9Hq+xQ/bW7Wv2Nq6Fxz+9NhNsQetWSZdLzumys7tG
Z1nb+QKBgCIgZ0bPnRl8Tv3KwCqYn5OAK0jnxwRU5LPkHKSr/3zLIPIALHHCSpgL
zep1WzlWb/FEsdb3xHD/n+MqHcGxLzly+OA3NAqr675aQC/qSQtqEPPL6LTawuOz
EkZzROrU03xGPRl0nJ1ikoqYfw9+pAm9fiH28BWWdWSOG4cBmIXU
-----END RSA PRIVATE KEY-----
(8)把Jenkins密鑰傳到其他主機上
在上面的gitlab生成ssh密鑰已經(jīng)生成過了,所以這里直接傳就行
[root@jenkins ~]# ssh-copy-id root@192.168.100.202
[root@jenkins ~]# ssh-copy-id root@192.168.100.203
[root@jenkins ~]# ssh-copy-id root@192.168.100.204
[root@jenkins ~]# ssh-copy-id root@192.168.100.205
[root@jenkins ~]# ssh-copy-id root@192.168.100.206
(3)搭建Harbor倉庫,上傳鏡像
******(1)先做基礎配置
[root@Centos7 ~]# hostnamectl set-hostname harbor
[root@Centos7 ~]# su
[root@harbor ~]# systemctl stop firewalld
[root@harbor ~]# setenforce 0
setenforce: SELinux is disabled
[root@harbor ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 寫保護,將以只讀方式掛載
mount: /dev/sr0 已經(jīng)掛載或 /mnt 忙
/dev/sr0 已經(jīng)掛載到 /mnt 上
******(2)安裝docker
[root@harbor ~]# yum install -y yum-utils device-mapper-persistent-data lvm2 #安裝依賴
。。。。。。
完畢!
[root@harbor ~]# ll
總用量 8
-rw-------. 1 root root 1264 1月 12 2021 anaconda-ks.cfg
drwxr-xr-x 3 root root 4096 8月 1 22:48 docker
[root@harbor ~]# vim /etc/yum.repos.d/centos.repo
[aaa]
name=aaa
baseurl=file:///mnt
enabled=1
gpgcheck=0
[docker]
name=docker
baseurl=file:///root/docker
enabled=1
gpgcheck=0
#保存退出
[root@harbor ~]# yum -y install docker-ce
。。。。。。
#保存退出
[root@harbor ~]# mkdir -p /etc/docker/
[root@harbor ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://w4uieobw.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.100.206"]
}
#保存退出
******(3)安裝Harbor,這里只搭建http協(xié)議的harbor
[root@harbor ~]# ll
總用量 614824
-rw-------. 1 root root 1264 1月 12 2021 anaconda-ks.cfg
drwxr-xr-x 3 root root 4096 8月 1 22:48 docker
-rw-r--r-- 1 root root 629571428 8月 1 22:52 harbor-offline-installer-v2.3.1.tgz #上傳安裝包
[root@harbor ~]# tar xf harbor-offline-installer-v2.3.1.tgz -C /usr/local/
[root@harbor ~]# cd /usr/bin
[root@harbor bin]# rz
z waiting to receive.**B0100000023be50
[root@harbor bin]# chmod a+x docker-compose
[root@harbor bin]# ll | grep docker-compose
-rwxr-xr-x 1 root root 11748168 7月 28 18:54 docker-compose
[root@harbor bin]# cd
[root@harbor ~]# vim /usr/local/harbor/harbor.yml.tmpl
1 # Configuration file of Harbor
2
3 # The IP address or hostname to access admin UI and registry service.
4 # DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
5 hostname: 192.168.100.206
6
7 # http related config
8 http:
9 # port for http, default is 80. If https enabled, this port will redirect to https port
10 port: 80
11
12 # https related config
13 #https:
14 # https port for harbor, default is 443
15 #port: 443
16 # The path of cert and key files for nginx
17 #certificate: /your/certificate/path
18 #private_key: /your/private/key/path
19
。。。。。。
#保存退出
[root@harbor ~]# cd /usr/local/harbor/
[root@harbor harbor]# cp harbor.yml.tmpl harbor.yml
[root@harbor harbor]# systemctl start docker #啟動docker
[root@harbor harbor]# sh install.sh #安裝harbor,第一次使用腳本安裝后續(xù)可使用“docker-compose up -d”命令啟動 Harbor,使用“docker-compose stop”命令關閉 Harbor
[root@harbor harbor]# echo $?
0
[root@harbor harbor]# ps aux | grep docker-compose #成功開啟
root 16980 0.0 0.0 112676 988 pts/0 R+ 23:00 0:00 grep --color=auto docker-compose
[root@harbor harbor]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
goharbor/harbor-exporter v2.3.1 719fd825651e 13 days ago 81MB
goharbor/chartmuseum-photon v2.3.1 3aba4510af16 13 days ago 178MB
goharbor/redis-photon v2.3.1 4a0d49a4ece0 13 days ago 191MB
goharbor/trivy-adapter-photon v2.3.1 a285847f857a 13 days ago 164MB
goharbor/notary-server-photon v2.3.1 87a2dbfd122e 13 days ago 110MB
goharbor/notary-signer-photon v2.3.1 7e29ff33ec85 13 days ago 107MB
goharbor/harbor-registryctl v2.3.1 91e798004920 13 days ago 132MB
goharbor/registry-photon v2.3.1 972ce19b1882 13 days ago 81.2MB
goharbor/nginx-photon v2.3.1 3b3ede1db494 13 days ago 44.3MB
goharbor/harbor-log v2.3.1 40a54594fe22 13 days ago 194MB
goharbor/harbor-jobservice v2.3.1 d6e174ae0a00 13 days ago 171MB
goharbor/harbor-core v2.3.1 f05acc3947d6 13 days ago 158MB
goharbor/harbor-portal v2.3.1 4a15c5622fda 13 days ago 57.6MB
goharbor/harbor-db v2.3.1 b16a9c81ef03 13 days ago 263MB
goharbor/prepare v2.3.1 4ce629d59c20 13 days ago 288MB
[root@harbor harbor]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5bf08af481aa goharbor/harbor-jobservice:v2.3.1 "/harbor/entrypoint.…" 34 seconds ago Up 30 seconds (healthy) harbor-jobservice
d38b62be5d2b goharbor/nginx-photon:v2.3.1 "nginx -g 'daemon of…" 34 seconds ago Up 30 seconds (healthy) 0.0.0.0:80->8080/tcp nginx
3d223a63d976 goharbor/harbor-core:v2.3.1 "/harbor/entrypoint.…" 37 seconds ago Up 33 seconds (healthy) harbor-core
964e5805fb81 goharbor/harbor-portal:v2.3.1 "nginx -g 'daemon of…" 39 seconds ago Up 36 seconds (healthy) harbor-portal
41038ff6f31e goharbor/harbor-db:v2.3.1 "/docker-entrypoint.…" 39 seconds ago Up 36 seconds (healthy) harbor-db
6b3503d1367e goharbor/redis-photon:v2.3.1 "redis-server /etc/r…" 39 seconds ago Up 36 seconds (healthy) redis
c059529f89f3 goharbor/harbor-registryctl:v2.3.1 "/home/harbor/start.…" 39 seconds ago Up 36 seconds (healthy) registryctl
55a65d22d7b3 goharbor/registry-photon:v2.3.1 "/home/harbor/entryp…" 39 seconds ago Up 36 seconds (healthy) registry
73f8185a516a goharbor/harbor-log:v2.3.1 "/bin/sh -c /usr/loc…" 41 seconds ago Up 39 seconds (healthy) 127.0.0.1:1514->10514/tcp harbor-log
[root@harbor harbor]# cd
(4)使用瀏覽器訪問harbor
記住這個項目
******(5)上傳鏡像,修改tag推送到鏡像倉庫
[root@harbor ~]# ll
總用量 2320516
-rw-------. 1 root root 1264 1月 12 2021 anaconda-ks.cfg
drwxr-xr-x 3 root root 4096 8月 1 22:48 docker
-rw-r--r-- 1 root root 629571428 8月 1 22:52 harbor-offline-installer-v2.3.1.tgz
-rw-r--r-- 1 root root 453615616 8月 1 23:04 mysql_5.7.tar.gz
-rw-r--r-- 1 root root 137441280 8月 1 23:04 nginx
-rw-r--r-- 1 root root 1155569664 8月 1 23:05 php_5.6
[root@harbor ~]# docker load -i nginx
[root@harbor ~]# docker load -i php_5.6
[root@harbor ~]# docker load -i mysql_5.7.tar.gz
[root@harbor ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7 8cf625070931 10 days ago 448MB
goharbor/harbor-exporter v2.3.1 719fd825651e 13 days ago 81MB
goharbor/chartmuseum-photon v2.3.1 3aba4510af16 13 days ago 178MB
goharbor/redis-photon v2.3.1 4a0d49a4ece0 13 days ago 191MB
goharbor/trivy-adapter-photon v2.3.1 a285847f857a 13 days ago 164MB
goharbor/notary-server-photon v2.3.1 87a2dbfd122e 13 days ago 110MB
goharbor/notary-signer-photon v2.3.1 7e29ff33ec85 13 days ago 107MB
goharbor/harbor-registryctl v2.3.1 91e798004920 13 days ago 132MB
goharbor/registry-photon v2.3.1 972ce19b1882 13 days ago 81.2MB
goharbor/nginx-photon v2.3.1 3b3ede1db494 13 days ago 44.3MB
goharbor/harbor-log v2.3.1 40a54594fe22 13 days ago 194MB
goharbor/harbor-jobservice v2.3.1 d6e174ae0a00 13 days ago 171MB
goharbor/harbor-core v2.3.1 f05acc3947d6 13 days ago 158MB
goharbor/harbor-portal v2.3.1 4a15c5622fda 13 days ago 57.6MB
goharbor/harbor-db v2.3.1 b16a9c81ef03 13 days ago 263MB
goharbor/prepare v2.3.1 4ce629d59c20 13 days ago 288MB
nginx latest 4cdc5dd7eaad 3 weeks ago 133MB
cytopia/php-fpm-5.6 latest 2943ebf1ef81 3 years ago 1.1GB
[root@harbor ~]# docker tag mysql:5.7 192.168.100.206/library/mysql:5.7
[root@harbor ~]# docker tag nginx:latest 192.168.100.206/library/nginx:latest
[root@harbor ~]# docker tag cytopia/php-fpm-5.6:latest 192.168.100.206/library/php:latest
[root@harbor ~]# docker login -u admin -p Harbor12345 192.168.100.206
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@harbor ~]# docker push 192.168.100.206/library/mysql:5.7
[root@harbor ~]# docker push 192.168.100.206/library/nginx:latest
[root@harbor ~]# docker push 192.168.100.206/library/php:latest
在瀏覽器查看
至此Harbor倉庫搭建完成,鏡像上傳完成
(4)在測試環(huán)境、生產(chǎn)環(huán)境上安裝Docker,從harbor鏡像倉庫拉取鏡像
******(1)先做基礎配置,兩臺主機配置相同
[root@Centos7 ~]# hostnamectl set-hostname test
[root@Centos7 ~]# su
[root@test ~]# systemctl stop firewalld
[root@test ~]# setenforce 0
setenforce: SELinux is disabled
[root@test ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 寫保護,將以只讀方式掛載
mount: /dev/sr0 已經(jīng)掛載或 /mnt 忙
/dev/sr0 已經(jīng)掛載到 /mnt 上
[root@Centos7 ~]# hostnamectl set-hostname true
[root@Centos7 ~]# su
[root@true ~]# systemctl stop firewalld
[root@true ~]# setenforce 0
setenforce: SELinux is disabled
[root@true ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 寫保護,將以只讀方式掛載
mount: /dev/sr0 已經(jīng)掛載或 /mnt 忙
/dev/sr0 已經(jīng)掛載到 /mnt 上
******(2)安裝Docker,上傳docker-compose
[root@test ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@test ~]# vim /etc/yum.repos.d/centos.repo
[aaa]
name=aaa
baseurl=file:///mnt
enabled=1
gpgcheck=0
[docker]
name=docker
baseurl=file:///root/docker
enabled=1
gpgcheck=0
#保存退出
[root@test ~]# ll
總用量 8
-rw-------. 1 root root 1264 1月 12 2021 anaconda-ks.cfg
drwxr-xr-x 3 root root 4096 8月 2 00:05 docker
[root@test ~]# yum -y install docker-ce
[root@test ~]# cd /usr/bin/
[root@test bin]# rz
z waiting to receive.**B0100000023be50
[root@test bin]# ll | grep docker-compose
-rw-r--r-- 1 root root 11748168 7月 28 18:54 docker-compose
[root@test bin]# chmod a+x docker-compose
[root@test bin]# cd
[root@test ~]# mkdir /etc/docker
[root@test ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://w4uieobw.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.100.206"]
}
#保存退出
[root@test ~]# systemctl start docker
[root@test ~]# docker login -u admin -p Harbor12345 192.168.100.206
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@test ~]# docker pull 192.168.100.206/library/nginx:latest
[root@test ~]# docker pull 192.168.100.206/library/php:latest
[root@test ~]# docker pull 192.168.100.206/library/mysql:5.7
[root@test ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.100.206/library/mysql 5.7 8cf625070931 10 days ago 448MB
192.168.100.206/library/nginx latest 4cdc5dd7eaad 3 weeks ago 133MB
192.168.100.206/library/php latest 2943ebf1ef81 3 years ago 1.1GB
[root@true ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@true ~]# vim /etc/yum.repos.d/centos.repo
[aaa]
name=aaa
baseurl=file:///mnt
enabled=1
gpgcheck=0
[docker]
name=docker
baseurl=file:///root/docker
enabled=1
gpgcheck=0
#保存退出
[root@true ~]# ll
總用量 8
-rw-------. 1 root root 1264 1月 12 2021 anaconda-ks.cfg
drwxr-xr-x 3 root root 4096 8月 2 00:06 docker
[root@true ~]# yum -y install docker-ce
[root@true ~]# cd /usr/bin/
[root@true bin]# rz
z waiting to receive.**B0100000023be50
[root@true bin]# ll | grep docker-compose
-rw-r--r-- 1 root root 11748168 7月 28 18:54 docker-compose
[root@true bin]# chmod a+x docker-compose
[root@true bin]# cd
[root@true ~]# mkdir /etc/docker
[root@true ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://w4uieobw.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.100.206"]
}
#保存退出
[root@true ~]# systemctl start docker
[root@true ~]# docker login -u admin -p Harbor12345 192.168.100.206
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@true ~]# docker pull 192.168.100.206/library/nginx:latest
[root@true ~]# docker pull 192.168.100.206/library/php:latest
[root@true ~]# docker pull 192.168.100.206/library/mysql:5.7
[root@true ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.100.206/library/mysql 5.7 8cf625070931 10 days ago 448MB
192.168.100.206/library/nginx latest 4cdc5dd7eaad 3 weeks ago 133MB
192.168.100.206/library/php latest 2943ebf1ef81 3 years ago 1.1GB
(5)使用jenkins登錄gitlab復制倉庫,然后把compose-lnmp傳到倉庫
[root@jenkins ~]# git config --global user.name "Administrator"
[root@jenkins ~]# git config --global user.email "admin@example.com"
[root@jenkins ~]# git clone git@192.168.100.202:root/lnmp.git
正克隆到 'lnmp'...
warning: 您似乎克隆了一個空版本庫。
[root@jenkins ~]# cd lnmp/
[root@jenkins lnmp]# yum -y install tree
[root@jenkins lnmp]# tree #上傳lnmp目錄
.
└── lnmp
├── conf
│ └── default.conf
├── docker-compose.yml
└── html
├── dbtest.php
├── index.html
└── test.php
3 directories, 5 files
[root@jenkins lnmp]# git add .
[root@jenkins lnmp]# git commit -m "add lnmp"
[master(根提交) ed73f9c] add lnmp
5 files changed, 74 insertions(+)
create mode 100644 lnmp/conf/default.conf
create mode 100644 lnmp/docker-compose.yml
create mode 100644 lnmp/html/dbtest.php
create mode 100644 lnmp/html/index.html
create mode 100644 lnmp/html/test.php
[root@jenkins lnmp]# git push origin master
Counting objects: 10, done.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (10/10), 1.30 KiB | 0 bytes/s, done.
Total 10 (delta 0), reused 0 (delta 0)
To git@192.168.100.202:root/lnmp.git
* [new branch] master -> master
在瀏覽器驗證
(6)在Jenkins創(chuàng)建并配置流水線項目
-先在測試環(huán)境進行項目部署
點擊這里去生產(chǎn)流水線語法
#語法(把剛才生成的git拉取數(shù)據(jù)的語句復制過來):
pipeline {
agent any
stages {
stage("gitlab") {
steps {
git credentialsId: '948ac17c-2c14-4a8d-9120-95eb8c2b86aa', url: 'git@192.168.100.202:root/lnmp.git'
}
}
}
}
在保存后可以先進行測試
測試成功!
[root@jenkins ~]# cd /var/lib/jenkins/workspace/
[root@jenkins workspace]# ll
總用量 0
drwxr-xr-x 4 root root 30 8月 1 16:45 docker-compose-lnmp
drwxr-xr-x 2 root root 6 8月 1 16:45 docker-compose-lnmp@tmp
[root@jenkins workspace]# cd docker-compose-lnmp
[root@jenkins docker-compose-lnmp]# pwd #數(shù)據(jù)被拉取到了這個目錄
/var/lib/jenkins/workspace/docker-compose-lnmp
[root@jenkins docker-compose-lnmp]# ll
總用量 0
drwxr-xr-x 4 root root 56 8月 1 16:45 lnmp #成功拉取compose的數(shù)據(jù)
現(xiàn)在再來繼續(xù)生成
#最終測試環(huán)境的流水線語法:
pipeline {
agent any
stages {
stage("gitlab") {
steps {
git credentialsId: '948ac17c-2c14-4a8d-9120-95eb8c2b86aa', url: 'git@192.168.100.202:root/lnmp.git'
}
}
stage("cd") {
steps {
sh label: '', script: 'scp /root/aaa.sh root@192.168.100.205:/root/'
}
}
stage("bash sh") {
steps {
sh label: '', script: 'bash /root/lnmp.sh'
}
}
}
}
現(xiàn)在去編寫腳本
[root@jenkins docker-compose-lnmp]# cd #要記得回到root下,因為語法是執(zhí)行root下的腳本
[root@jenkins ~]# vim aaa.sh #其實這里也可以去寫拉取鏡像,這樣的話測試環(huán)境和生產(chǎn)環(huán)境就不需要提前拉鏡像了
#!/bin/bash
cd /root/lnmp
docker-compose up -d
#保存退出
[root@jenkins ~]# vim lnmp.sh
#!/bin/bash
scp -r /var/lib/jenkins/workspace/docker-compose-lnmp/lnmp root@192.168.100.204:/root/
ssh root@192.168.100.204 sh /root/aaa.sh
#保存退出
編寫好腳本之后,在瀏覽器中點擊構建
現(xiàn)在訪問192.168.100.204測試頁面
成功部署!!!!
-現(xiàn)在在生產(chǎn)環(huán)境進行部署
[root@jenkins ~]# cat aaa.sh #aaa.sh無需變化
#!/bin/bash
cd /root/lnmp
docker-compose up -d
[root@jenkins ~]# vim lnmp.sh #修改lnmp.sh的遠程主機
#!/bin/bash
scp -r /var/lib/jenkins/workspace/docker-compose-lnmp/lnmp root@192.168.100.205:/root/
ssh root@192.168.100.205 sh /root/aaa.sh
同樣流水線也修改遠程主機
進行測試
測試
成功向生產(chǎn)環(huán)境部署!!!!
三、docker-compose目錄內(nèi)容
[root@jenkins lnmp]# tree
.
└── lnmp
├── conf
│ └── default.conf
├── docker-compose.yml
└── html
├── dbtest.php
├── index.html
└── test.php
3 directories, 5 files
[root@jenkins lnmp]# cd lnmp/
[root@jenkins lnmp]# vim docker-compose.yml
version: "3"
services:
nginx:
image: 192.168.100.206/library/nginx:latest
ports:
- "80:80/tcp"
volumes:
- /root/lnmp/conf/default.conf:/etc/nginx/conf.d/default.conf
- /root/lnmp/html/:/usr/share/nginx/html
depends_on:
- php
php:
image: 192.168.100.206/library/php:latest
volumes:
- /root/lnmp/html/:/var/www/html/
depends_on:
- mysql
mysql:
image: 192.168.100.206/library/mysql:5.7
environment:
- MYSQL_ROOT_PASSWORD=123456
#保存退出
[root@jenkins lnmp]# cd conf/
[root@jenkins conf]# ll
總用量 4
-rw-r--r-- 1 root root 957 8月 1 16:13 default.conf
[root@jenkins conf]# vim default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.php index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
#pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root html;
fastcgi_pass php:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html/$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
#保存退出
[root@jenkins conf]# cd ..
[root@jenkins lnmp]# ll
總用量 4
drwxr-xr-x 2 root root 26 8月 1 16:19 conf
-rw-r--r-- 1 root root 507 8月 1 16:17 docker-compose.yml
drwxr-xr-x 2 root root 58 8月 1 16:13 html
[root@jenkins lnmp]# cd html/
[root@jenkins html]# ll
總用量 12
-rw-r--r-- 1 root root 102 8月 1 16:13 dbtest.php
-rw-r--r-- 1 root root 30 8月 1 16:13 index.html
-rw-r--r-- 1 root root 19 8月 1 16:13 test.php
[root@jenkins html]# cat dbtest.php
<?php
$conn=mysql_connect("mysql","root","123456");
if ($conn) echo "it's ok!!!!!";
mysql_close();
?>
#這里直接寫mysql密碼,是因為上傳的鏡像的mysql密碼默認就是這個,也可以自己去賦權用戶登錄
[root@jenkins html]# cat index.html
welcome !!!!!!!!!!!!!!!!!!!!!
[root@jenkins html]# cat test.php
<?php phpinfo()?>
原文鏈接:https://blog.csdn.net/rzy1248873545/article/details/122061637
相關推薦
- 2022-04-20 Python設計模式中的結構型橋接模式_python
- 2022-04-10 微信小程序 base64 圖片 canvas 畫布 drawImage 實現(xiàn)
- 2022-05-27 go語言實現(xiàn)兩個協(xié)程交替打印_Golang
- 2022-04-08 深入理解Golang的反射reflect示例_Golang
- 2022-04-25 利用Python寫個摸魚監(jiān)控進程_python
- 2022-11-19 如何解決error: failed to push some refs to 'xxx(遠程庫)'
- 2022-12-01 Linux利用inotify和rsync服務實現(xiàn)數(shù)據(jù)實時同步的原理解析_Linux
- 2023-04-02 linux?top命令基本實戰(zhàn)_linux shell
- 最近更新
-
- window11 系統(tǒng)安裝 yarn
- 超詳細win安裝深度學習環(huán)境2025年最新版(
- Linux 中運行的top命令 怎么退出?
- MySQL 中decimal 的用法? 存儲小
- get 、set 、toString 方法的使
- @Resource和 @Autowired注解
- Java基礎操作-- 運算符,流程控制 Flo
- 1. Int 和Integer 的區(qū)別,Jav
- spring @retryable不生效的一種
- Spring Security之認證信息的處理
- Spring Security之認證過濾器
- Spring Security概述快速入門
- Spring Security之配置體系
- 【SpringBoot】SpringCache
- Spring Security之基于方法配置權
- redisson分布式鎖中waittime的設
- maven:解決release錯誤:Artif
- restTemplate使用總結
- Spring Security之安全異常處理
- MybatisPlus優(yōu)雅實現(xiàn)加密?
- Spring ioc容器與Bean的生命周期。
- 【探索SpringCloud】服務發(fā)現(xiàn)-Nac
- Spring Security之基于HttpR
- Redis 底層數(shù)據(jù)結構-簡單動態(tài)字符串(SD
- arthas操作spring被代理目標對象命令
- Spring中的單例模式應用詳解
- 聊聊消息隊列,發(fā)送消息的4種方式
- bootspring第三方資源配置管理
- GIT同步修改后的遠程分支
提供CDN加速