总体流程
总体流程.png
安装Docker
- 下载docker-ce的repo
curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
- 安装依赖
yum install https://download.docker.com/linux/fedora/30/x86_64/stable/Packages/containerd.io-1.2.6-3.3.fc30.x86_64.rpm
ps:containerd版本过低,无法安装docker,所以此处是升级containerd的
- 安装docker-ce
yum install docker-ce
- 启动docker
systemctl start docker
#开机自动启动
# systemctl enable docker
- 设置国内源
vi /etc/docker/daemon.json
"registry-mirrors": [
"https://1nj0zren.mirror.aliyuncs.com","https://docker.mirrors.ustc.edu.cn",
"http://f1361db2.m.daocloud.io", "https://registry.docker-cn.com"]
- 重启
sudo systemctl daemon-reload
sudo systemctl restart docker
安装Portainer
介绍一款docker可视化界面portainer,可以方便的查看启动删除停止容器,也可以管理镜像
docker pull portainer/portainer
docker run -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -d portainer/portainer
portainer界面.png
安装Jenkins
docker pull jenkinsci/blueocean
docker run -d --name jenkins -p 9001:8080 -p 50000:50000 --env PATH=/usr/share/maven/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/java-1.8-openjdk/jre/bin:/usr/lib/jvm/java-1.8-openjdk/bin -v /var/run/docker.sock:/var/run/docker.sock -v /dockerworkspace/jenkins:/var/jenkins_home -v /opt/maven:/usr/share/maven -v /etc/localtime:/etc/localtime jenkinsci/blueocean
Ps:
-
jenkins插件清华大学镜像地址
https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json -
可能会出现java.net.UnknownHostException,困扰了我很久,百度搜出来的答案都不靠谱。看了一篇文章说有可能是防火墙没关。关闭防火墙,重启立马好了。。坑啊
systemctl status firewalld.service 查看防火墙状态 systemctl stop firewalld.service 执行停止运行防火墙命令 systemctl disable firewalld.service 禁止防火墙自启动防火墙的开启和自启动命令:
1、启动:
systemctl start firewalld.service2、防火墙随系统开启启动 :
systemctl enable firewalld.service -
报错:
touch: cannot touch ‘/var/jenkins_home/copy_reference_file.log’: Permission denied Can not write to /var/jenkins_home/copy_reference_file.log. Wrong volume permissions?需要修改下目录权限, 因为当映射本地数据卷时,/home/docker/jenkins目录的拥有者为root用户,而容器中jenkins user的uid为1000
sudo chown -R 1000:1000 /dockerworkspace/jenkins -
8080端口是jenkins的端口,5000端口是master和slave通信端口
-
jenkin调用docker没有权限时
chmod 666 /var/run/docker.sock -
clock of the subversion server appears to be out of sync. This can result in inconsistent check out behavior.
svn url末尾添加@HEAD
安装Maven
-
下载
wget http://mirrors.tuna.tsinghua.edu.cn/apache/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz -
解压
tar xf /tmp/apache-maven-*.tar.gz -C /opt -
设置环境变量(此处采用的dockerhub的jenkins,所以可以省略)
nano /etc/profile.d/maven.sh粘贴以下代码:
export JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk export MAVEN_HOME=/usr/opt/maven export PATH=${MAVEN_HOME}/bin:${PATH}为了更好地控制 Maven 版本和更新,我们将 创建一个符号链接 maven ,该链接指向 Maven 安装目录:
ln -s /opt/apache-maven-3.6.3 /opt/maven通过运行以下 chmod 命令使脚本可执行
chmod +x /etc/profile.d/maven.sh使用以下 source 命令加载环境变量:
source /etc/profile.d/maven.sh -
构建Maven多模块项目
配置一个maven风格的项目 然后在配置
root pom 指向的是最顶级的pom.xml
mvn clean install -pl ETECSA-SERVER/ETECSA-SERVER-EUREKA -am -amd -Dmaven.test.skip=true这样就单独构建ETECSA-SERVER-EUREKA这个jar,相关依赖也会构建好,不用将依赖提前放入maven仓库
根据资料已知:
参数 全称 释义 说明 -pl --projects Build specified reactor projects instead of all projects 选项后可跟随{groupId}:{artifactId}或者所选模块的相对路径(多个模块以逗号分隔) -am --also-make If project list is specified, also build projects required by the list 表示同时处理选定模块所依赖的模块 - amd --also-make-dependents If project list is specified, also build projects that depend on projects on the list 表示同时处理依赖选定模块的模块 -N --Non-recursive Build projects without recursive 表示不递归子模块 -rf --resume-from Resume reactor from specified project 表示从指定模块开始继续处理
Ps:
permission denied异常
解决方法:
将jenkins用户加入docker组,重启Jenkins服务
sudo gpasswd -a jenkins docker
sudo systemctl jenkins restart
搭建私有镜像仓库Harbor
-
下载
wget -P /workspace/harbor/ https://github.com/vmware/harbor/releases/download/v1.10.2/harbor-online-installer-v1.10.2.tgz -
解压
tar zxf harbor-online-installer-v1.10.2.tgz -
修改配置文件,配置文件为:harbor.yml
-
进入harbor目录下,运行脚本
./install.sh -
安装docker-compose
#国内镜像 curl -L "https://get.daocloud.io/docker/compose/releases/download/v1.25.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose -
给docker-compose执行权限,运行命令:
chmod +x /usr/local/bin/docker-compose -
测试上传和下载镜像,修改各docker client配置
nano /etc/docker/daemon.json"insecure-registries":["10.1.20.16:9002"]
Ps:docker 官方私有仓库镜像register
docker pull registry
docker run -d -v /opt/registry:/var/lib/registry -p 9001:5000 --restart=always --name registry registry:latest
Jenkins Pipe脚本示例(拉取svn代码build image push到镜像仓库)
def getHost(ip){
def remote = [:]
remote.name = 'server-${ip}'
remote.host = ip
remote.port = 22
remote.allowAnyHosts = true
withCredentials([usernamePassword(credentialsId: '31ed3f9c-3e80-496d-9733-98b78db29128', passwordVariable: 'password', usernameVariable: 'userName')]) {
remote.user = "${userName}"
remote.password = "${password}"
}
return remote
}
def imageName="10.1.20.16:9002/hn/demo:v1.0.0"
def prjName="demo"
pipeline {
agent any
environment{
def server = ''
}
stages {
stage('init-server'){
steps {
script {
server = getHost("1.10.80.2")
}
}
}
stage('Build') {
steps {
echo '拉取代码'
checkout([$class: 'SubversionSCM', additionalCredentials: [], excludedCommitMessages: '', excludedRegions: '', excludedRevprop: '', excludedUsers: '', filterChangelog: false, ignoreDirPropChanges: false, includedRegions: '', locations: [[cancelProcessOnExternalsFail: true, credentialsId: '2d3c4a0b-1bba-4690-b208-3a511fc4f415', depthOption: 'infinity', ignoreExternalsOption: true, local: '.', remote: 'svn://10.1.80.111/ETECSA-SERVER']], quietOperation: true, workspaceUpdater: [$class: 'UpdateUpdater']])
withMaven(maven: 'maven', mavenSettingsConfig: '3f3f6844-0644-48a3-8c4f-cef8f4e75196') {
sh label: '', script: 'mvn clean install -pl ETECSA-SERVER-EUREKA -amd -Dmaven.test.skip=true'
}
}
}
stage('DockerBuild') {
steps {
dir ("ETECSA-SERVER-EUREKA/") {
script {
def image = docker.build("hn/demo:v1.0.0")
docker.withRegistry("http://10.1.20.16:9002", '67bbae3e-a0da-4c30-9357-eec4a146cc2e'){
image.push()
}
}
}
}
}
stage('use'){
steps {
script {
sshCommand remote: server, command: """
if [ \$(docker ps -a | grep -i $imageName | wc -l) -eq 1 ]; then
sudo docker stop $prjName
sudo docker rm -v -f $prjName
fi
if [ \$(docker images | grep -i $imageName | wc -l) -eq 1 ]; then
sudo docker rmi -f $imageName
else
sudo docker run -p 8761:8761 --name $prjName -d $imageName
fi
"""
}
}
}
stage('clean') {
steps{
sh label: '', script: '''
docker rmi -f hn/demo:v1.0.0
docker rmi -f 10.1.20.16:9002/hn/demo:v1.0.0'''
}
}
}
}
jenkins build日志如下
jenkin-build.png
其他手动部署方式
- docker-compose部署服务
有三种方式:webEditor,上传docker-compose文件,git仓库获取docker-compose
portainer-stack.png
点击部署
portainer-stack-deploy.png
- docker容器部署
portainer-containers.png
- 命令行部署
docker run -p 8761:8761 --name demo -d 10.1.20.16:9002/hn/demo:v1.0.0
虚拟机IP 变动解决方法
进入到/etc/sysconfig/network-scripts
目录下面ls后有个文档(我的是ifcfg-ens33) ifcfg-eno16777736(不同机器后面数字会不相同),编辑该文件内容,将BOOTPROTO=dhcp的值改为static
并在最后面加上:
DNS1=114.114.114.114 --dns地址
IPADDR=192.168.49.128 --需要设置的ip地址
NETMASK=255.255.255.0 --子网掩码
GATEWAY=192.168.49.1 --网关
nmcli c reload
网友评论