Docker CI/CD Continuous Integration — Project Mirroring (76)

Original article, welcome to reprint. Reprint please specify: reprint from IT people story, thank you! Docker CI/CD Continuous Integration — Project Mirroring (76)

I wanted to use Docker Registry as a private image library, but I gave up. If you know the docker Registry doesn’t have an interface, you’ll have to choose Harbor instead. Vagrant created a virtual server. It is estimated that more than 3 will be required to complete the entire CICD sustainable integration in a production environment. The previous three requirements are ALL 4G dual-core, such as Gitlab, Gitlabci and Harbor. My i7 processor, 16 gigabytes of ram let me show you how it works. Source: github.com/limingios/d…

Installed via Vagrant

vagrant reload
Copy the code

Download the Harbor

• Select the latest version 1.5.2 github.com/vmware/harb… I chose the online version, and the two versions are almost the same.

sudo yum -y install lrzsz
# Download 1.5.2 Online for Windows
rz
Copy the code

• Unpack the harbor

Tar XVF harbor - online - installer - v1.5.2. TGZCopy the code

• The installation

cd harbor
sudo ./install.sh
Copy the code

• You need to change to a different installation method.

sudo ./prepare
Copy the code

• Real installation

sudo docker-compose up -d
Copy the code

Successful installation

172.28.128.6 THIS IP address is automatically obtained

Normal access User name: admin Password: Harbor12345 You can run the following commands to stop and start the system

stop

sudo docker-compose stop
Copy the code

Start the

sudo docker-compose start
Copy the code

Test the harbor

• Start the service

sudo serivce docker restart
cd harbor
sudo docker-compose start
Copy the code

• Modify the parameters

Docker pulls the image from the official image by default, and since version 1.12, the default private repository uses HTTPS to connect, so we need to make some corresponding changes here:

sudo vi /etc/docker/daemon.json
# write {" insecure - registries: "[]" 172.28.128.6 "}

 sudo systemctl restart docker  
Copy the code

At present, many articles solve this problem by modifying the docker configuration file “etc/systemconfig/docker” and restarting docker. Docker 1.12.3 does not have this file, create this file according to the online, and fill in the corresponding content, restart docker no effect, still reported this error. Solution: Create a daemon.json file in /etc/docker-/. Write to the file

Harbor is using port 80, so there is no need to configure port 5000 in docker-comemage. yml.

If HTTP is not configured for filtering, someone using HTTPS will reject it.
connect: connection refused
# insecure-registries configured above
server gave HTTP response to HTTPS client
Copy the code

Docker login username: admin password: Harbor12345

Push image

• A new user

• New project

# This error is that the project was not created.
f9d9e4e6e2f0: Preparing 
denied: requested access to the resource is denied
Copy the code

• Push the project

Sudo docker pull busybox sudo docker tag busybox 172.28.128.6 idig8 / busybox sudo docker login 172.28.128.6 -u idig8 - p 123456789 sudo docker push 172.28.128.6 / idig8 / busyboxCopy the code

It worked. It was a back-and-forth game for about 3 hours, from 10am to 1am. Suck a mouth smoke, baidu inside too much pit dad, a lot of people write an article is directly copy, reprint I do not know he does not practice in the end, I here are side practice to help tell you how to use. Harbor really feels much better than docker warehouse. The moment I saw Chinese, I felt that I must give up docker warehouse with this in the future.

Remote harbor connection

• Find the Docker service file: Log in to the server where Docker is installed and enter systemctl status Docker to view the Docker service file.

sudo systemctl status docker
Copy the code

• Edit the docker.service file: Add the -insecure -registry parameter to ExecStart.

sudo vi /usr/lib/systemd/system/docker.service
Copy the code

• Reload the service file and restart the Docker service.

sudo systemctl daemon-reload
sudo systemctl restart docker
Copy the code

• Try remote login

Sudo docker login http://172.28.128.6 -u admin -p Harbor12345Copy the code

gitlab gitlab-ci harbor

Type the corresponding image package into harbor through Gitlab-CI

• Modify. Gitlab – ci. Yml

Add release to perform image generation and send to remote Harbor server when package is ready. In addition, although we need to add sudo in front of CRT editor to connect to Linux, it is not allowed to add sudo in script script, if added, it will report an error.

stages:
  - style
  - test
  - deploy
  - release
  
pep8:
  stage: style
  script:
    - pip install tox
    - tox -ePep8 tags: -python2.7 unittest-py27: stage:test
   script:
     - pip install tox
     - tox -ePy27 tags: -python2.7 unitTest -py34: stage:test
   script:
     - pip install tox
     - tox -e py34
   tags:
     - python3/4
     
docker-deploy:
   stage: deploy
   script:
     - docker build -t flask-demo .
     - if [ $( docker ps -aq --filter name=web) ]; then docker rm -f web;fi
     - docker run -d -p 5000:5000 --name web flask-demo
   tags:
     - test1 only: - master docker-image-release: stage: release script: -docker login 172.28.128.6 -u idig8 -p 123456789 -docker build -t 172.28.128.6/idig8/flask-demo:$CI_COMMIT_TAG-docker login 172.28.128.6 -u idig8 -p 1qaz@WSX3edc -docker push 172.28.128.6/idig8/flask-demo:$CI_COMMIT_TAG
   tags:
     - test1
   only:
     - tags

Copy the code

Once this is done, the pipline operation is automatically performed and then merged into the Master branch

.

Once the pipline execution passes, you can merge to the master branch

Merging to the Master branch automatically triggers the Pipline to perform multiple deploy operations

• What if we want to go to the master branch, and we just tag it and make an image

It appears that.gitlab-ci.yml was modified to add an EXCEPT in each task.

stages:
  - style
  - test
  - deploy
  - release
  
pep8:
  stage: style
  script:
    - pip install tox
    - tox -ePep8 tags: -python2.7 except: - tags unittest-py27: stage:test
   script:
     - pip install tox
     - tox -ePy27 tags: -python2.7 except: - tags unittest-py34: stage:test
   script:
     - pip install tox
     - tox -e py34
   tags:
     - python3/4
   except:
     - tags
     
docker-deploy:
   stage: deploy
   script:
     - docker build -t flask-demo .
     - if [ $( docker ps -aq --filter name=web) ]; then docker rm -f web;fi
     - docker run -d -p 5000:5000 --name web flask-demo
   tags:
     - test1 only: - master docker-image-release: stage: release script: -docker login 172.28.128.6 -u idig8 -p 123456789 -docker build -t 172.28.128.6/idig8/flask-demo:$CI_COMMIT_TAG-docker login 172.28.128.6 -u idig8 -p 1qaz@WSX3edc -docker push 172.28.128.6/idig8/flask-demo:$CI_COMMIT_TAG
   tags:
     - test1
   only:
     - tags
Copy the code

• The new tag

New tag

• Take a look inside Harbor

PS: In fact, this example is the generation of a specific version of docker image. The release of a version represents the appearance of the stable version of our software, and then we can deploy the stable version. The deployment of the stable version is docker Swarm or K8S. The most important thing is that we have a Docker image, and we can manually Or an automatic upgrade. Update Docker image implements uninterrupted service. In general, the process of these several times is as follows: after the development code is submitted to the branch, the pipline is checked under the branch, no problems are found, the pipline is deployed, no problems are found in the deploy test, and the tag is packaged to form a stable version of the DockerImage.