李振东的blog

Docker容器化gitlab

# 容器化代码上线坑：
1.gitlab如何使用非22端口拉代码
2.jenkins容器如何使用docker命令
3.jenkins的密钥上传到gitlab
4.jenkins如何登录 harbor

##### 启动gitlab
docker run \
--name gitlab \
--hostname 10.0.0.102 \
--env GITLAB_OMNIBUS_CONFIG="external_url 'http://10.0.0.105'" \
-p 443:443 \
-p 80:80 \
-p 2222:22 \
--restart always \
-v /data/gitlab/config:/etc/gitlab \
-v /data/gitlab/logs:/var/log/gitlab \
-v /data/gitlab/data:/var/opt/gitlab \
-d gitlab/gitlab-ce


#### 查询启动情况
docker exec  -it gitlab  /bin/bash
root@10:/# gitlab-ctl status

run: alertmanager: (pid 1120) 27s; run: log: (pid 1140) 24s
run: gitaly: (pid 541) 148s; run: log: (pid 570) 145s
run: gitlab-exporter: (pid 1056) 45s; run: log: (pid 1061) 44s
run: gitlab-kas: (pid 768) 136s; run: log: (pid 788) 133s
run: gitlab-workhorse: (pid 1019) 51s; run: log: (pid 1025) 51s
run: logrotate: (pid 502) 160s; run: log: (pid 516) 157s
run: nginx: (pid 1012) 51s; run: log: (pid 1034) 49s
run: postgres-exporter: (pid 1217) 21s; run: log: (pid 1303) 18s
run: postgresql: (pid 596) 142s; run: log: (pid 680) 139s
run: prometheus: (pid 1100) 33s; run: log: (pid 1112) 32s
run: puma: (pid 940) 64s; run: log: (pid 948) 63s
run: redis: (pid 519) 154s; run: log: (pid 538) 151s
run: redis-exporter: (pid 1075) 39s; run: log: (pid 1087) 38s
run: sidekiq: (pid 957) 58s; run: log: (pid 968) 57s
run: sshd: (pid 40) 170s; run: log: (pid 39) 170s


#### 查看密码
docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password
Password: osIoQPoYsm1IsHQA+/n41NqEX+njaqKPIgTB9uWkN90=

##### 配置gitlab 使用非 22端口数据传输
vim /etc/gitlab/gitlab.rb

#------ 在文件最下方添加 --------#
## 修改gitlab配置文件
external_url 'http://10.0.0.102'
gitlab_rails['gitlab_shell_ssh_port'] = 2222
## 优化内容
alertmanager['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false

## 重新加载gitlab配置文件
docker exec -it gitlab gitlab-ctl reconfigure

git 相关命令
git tag -a '标签' -m '备注'

git push --tag
git push --tags

Git

容器化jenkins

#### 启动jenkins
docker run \
--name jenkins \
--privileged \
--user=root \
--restart=always \
-v /data/jenkins/:/var/jenkins_home \
-v /usr/bin/docker:/usr/bin/docker \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /root/.ssh/:/root/.ssh/ \
-v /root/.docker/config.json:/root/.docker/config.json \
-p 8080:8080 \
-p 50000:50000 \
-d jenkins/jenkins:2.422

docker run \
--name jenkins \
--privileged \
--user=root \
--restart=always \
-v /data/jenkins/:/var/jenkins_home \
-v /usr/bin/docker:/usr/bin/docker \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /root/.ssh/:/root/.ssh/ \      #### 利用主机的ssh密钥
-v /root/.docker/config.json:/root/.docker/config.json \  #### 利用主机的docker密钥
-p 8080:8080 \
-p 50000:50000 \
-d jenkins/jenkins:2.422

### 将插件解压导指定目录
tar xf jenkins_plugins_2.422.tgz -C /data/jenkins/plugins/

### 重启容器jenkins
docker restart jenkins
 
### 查看用户密码
docker exec -it jenkins cat  /var/jenkins_home/secrets/initialAdminPassword
186b2c289c8244b4ac70d48168434777

### 访问10.0.0.103:8080
账户：admin
密码：186b2c289c8244b4ac70d48168434777

自由风格 freestyle

harbor_url='10.0.0.105'
project_name="wordpress"
pkg_name="${harbor_url}/${project_name}/web:${git_tag}"

cat > ${WORKSPACE}/Dockerfile <<EOF
FROM nginx:alpine
COPY ./* /usr/share/nginx/html/
EOF

cd ${WORKSPACE} && \
docker build -t ${pkg_name} .
docker push ${pkg_name}
deploy(){
	for n in $@;do
	ssh [email protected].${n} "docker pull ${pkg_name}"
	ssh [email protected].${n} "docker rm -f web"
	ssh [email protected].${n} "docker run --name web -p 80:80 -d ${pkg_name}"
	done
}

case $env in
dev)
	deploy 101
	;;
prod)
	deploy 102
	;;
esac

Java代码 maven

要使用 maven 将maven命令 映射到容器内


docker run \
--name jenkins \
--privileged \
--user=root \
--restart=always \
-v /usr/share/maven:/usr/share/maven \
-v /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.x86_64/jre:/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.x86_64/jre \
-v /data/jenkins/:/var/jenkins_home \
-v /usr/bin/docker:/usr/bin/docker \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /root/.ssh/:/root/.ssh/ \
-v /root/.docker/config.json:/root/.docker/config.json \
-p 8080:8080 \
-p 50000:50000 \
-d jenkins/jenkins:2.422

if [ $env == 'test' ];then
web_host="172.16.1.8"
elif [ $env == 'prod' ];then
web_host="172.16.1.7"
elif [ $env == 'dev' ];then
web_host="172.16.1.9"
elif [ $env == 'beta' ];then
web_host="172.16.1.10"
fi
cd ${WORKSPACE} && zip -r /tmp/${JOB_NAME}_${git_tag}.zip ./*
for host_ip in $web_host;do
	ssh ${host_ip} "mkdir -p /opt/${JOB_NAME}_code"
	scp /tmp/${JOB_NAME}_${git_tag}.zip ${host_ip}:/opt/${JOB_NAME}_code
	ssh ${host_ip} "unzip -o /opt/${JOB_NAME}_code/${JOB_NAME}_${git_tag}.zip -d /opt/${JOB_NAME}_code/${JOB_NAME}_${git_tag}"
	ssh ${host_ip} rm -fr /code/${JOB_NAME}
	ssh ${host_ip} ln -s /opt/${JOB_NAME}_code/${JOB_NAME}_${git_tag} /code/${JOB_NAME}
done