Docker + Gitlab + Jenkins built CI/CD system

1. Environmental

The construction environment is Centos 7.2. The local test is a VIRTUAL machine built by myself. The test environment is Centos 7.2 of Ali Cloud ECS

2. Install the docker

Yum comes with a relatively low version of Docker by default. I usually install the updated version of Docker

If you have installed Docker using yum

sudo yum remove docker \
                docker-client \
                docker-client-latest \
                docker-common \
                docker-latest \
                docker-latest-logrotate \
                docker-logrotate \
                docker-selinux \
                docker-engine-selinux \
                docker-engine
Copy the code

Install docker dependency library, add docker official yum source and install Docker

sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce
Copy the code

Configure docker startup and start Docker

systemctl enable docker
systemctl daemon-reload
systemctl start docker
Copy the code

After the installation, you can query the installed Docker version

Docker --version Docker version 18.09.6, build 481bC77156Copy the code

Docker-compose should be installed after docker is installed

Docker-compose is a docker composing tool written by Python. The following startup services are started with Docker-compose, so that there is no need to manually input the configuration parameters of docker startup commands every time, simplifying the operation. Finally, gitlab can also be used. Jenkins and other related services are written in the same Docker-compose script, which is convenient to manage together

Our deployment environment has python3, so we installed Docker-compose directly using PIp3

sudo pip3 install docker-compose
Copy the code

3. Install gitlab

Build gitLab image and start

First, create a docker-compose script in your working directory,

# /data/gitlab is a directory where custom mapping gitlab stores configuration parameters and data. You can change it to your own directory
cat > docker-compose.yml << EOF
version: '2'Services: Jenkins: image: gitlab/gitlab-ce:12.0.3-ce.0 Container_name: Gitlab ports: -"9022:9022"
      - "9080:80"
    volumes:
      - "/data/gitlab/cfg:/etc/gitlab"
      - "/data/gitlab/logs:/var/log/gitlab"
      - "/data/gitlab/data:/var/opt/gitlab"
    restart: always
EOF

-d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d
docker-compose up -d
Copy the code

Configuration gitlab

Gitlab will listen on port 22 (SSH connection), port 80 (HTTP) and port 443 (HTTPS). We add a haProxy in front of Gitlab as reverse proxy. Haproxy listens on port 443 and proxy on port 9443. Docker not open port 80 all go to port 9443 (mapped to port 433)

Using vim editor gitlab configuration files, gitlab configuration file defaults to/data/gitlab/CFG/gitlab rb, the mapping of the directory is configured in the docker ahead of the directory

docker container exec -it gitlab bash
vim /etc/gitlab/cfg/gitlab.rb

The following are gitlab configuration items

Gitlab will automatically create a nginx configuration that listens on port 443 when external_url is configured as HTTPS, and the certificate will be placed in /etc/gitlab/ssl and named as.crt
Note For example, if the domain name is https://git.xxx.com, the certificate files are git.xxx.com.crt and git.xxx.com.key
external_url 'https://git.xxx.com'

Configure email information
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = '[email protected]'
gitlab_rails['gitlab_email_display_name'] = 'gitlab'
gitlab_rails['smtp_enable'] = true

gitlab_rails['smtp_address'] = "hwsmtp.xxx.com"
gitlab_rails['smtp_port'] = 994
gitlab_rails['smtp_user_name'] = "[email protected]"
gitlab_rails['smtp_password'] = "xxx"
gitlab_rails['smtp_domain'] = "qiye.xxx.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true

Type the command to reconfigure gitlab
sudo gitlab-ctl reconfigure
Copy the code

Using gitlab

The normal use of GitLab can refer to other resources on the web, mainly the creation of users, groups and projects

4. Install Jenkins

Install Jenkins Mirror

# /data/ Jenkins is the directory where Jenkins stores data, which can be modified to the directory you need. Docker mapping is to enable Jenkins to use docker in the host environment
cat > docker-compose.yml << EOF
version: '2'
services:
  jenkins:
    image: jenkins/jenkins:lts
    user: root
    container_name: jenkins
    ports:
      - "8002:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "/data/jenkins:/var/jenkins_home"
      - "/usr/bin/docker:/usr/bin/docker"
    restart: always
EOF

# background to start the service, or automatically pull the mirror for the first time, add background start - d, can add the parameters used in the background
docker-compose up
Copy the code

Using Jenkins

When Jenkins runs properly, the startup log will contain the administrator password required for the first login, as follows:

Copy this password and log in to host address :8002 to access, it will enter Jenkins initialization page, enter the password just copied, then enter the boot page, install the recommended plug-in according to the boot

Once the plugin is complete, you can add an administrator account, which will take you to Jenkins’ homepage

Install gitlab and Docker plug-ins

Search and install gitLab and Docker plugins in System Administration > Plugins Management > Optional Plugins

Gitlab adds a testable project

We need to add another test project to Gitlab, and the project needs dockerfile script. The main process of our test is Gitlab push tag, and then Jenkins triggers the construction and starts automatic deployment. The project deployment is realized by the way of Docker image generation and deployment

Configure the Gitlab SSH key pair

SSH: id_rsa(private key) and id_rsa.pub(public key)
ssh-keygen -o -t rsa -b 4096 -C "[email protected]"
Copy the code

Copy the public key information and go to Gitlab > User Settings > SSH Keys > add an SSH key

Configure the Docker build task

Add a task to Jenkins

Source code needs to be configured in the task. The managed code of GitLab is used here, so the address of gitLab warehouse is required, and the user needs to have the corresponding permissions for the warehouse. Since the user information of Gitlab has not been configured, the source code of the warehouse cannot be read

Click the Add button next to the Credentials to add the certificate information. Select SSH username with private Key, add the private key that is used to generate the key, and click Add to complete the entry

Then in source management, select the authentication information you just added, and the red error message will disappear if no problem is added

Add a build step to the build, where the code builds a Docker image

After the completion of the click save to complete the task to add, and then click the build button to view the home page construction effect, for the first time will trigger a docker to download the corresponding not download images, may be slow, then you can see the task to build success, to view the console output log output can see building shell, the construction of this task has no problem, The next step is to implement gitLab push to trigger the build automatically

Configuring GitLab automatically triggers a build

Turn on the push Event trigger in the Jenkins task’s build trigger, then in advanced click Generate Secret Token that generates a callback address, then save

Go to GitLab Project > Settings > Integration and configure Jenkins and the generated token into GitLab, event select Tag Push

Then create a tag, Jenkins receives the callback will automatically build, on the home page can query the history of the build

Automatically push the image to Ali Cloud Registry after completion of construction

Once you can accept tag push callbacks, you need to modify the shell scripts you built

GIT_TAG specifies the tag used to automatically fetch the local Git version
CONTAINER_NAME="citest"
GIT_TAG=`git describe --always --tag`
CONTAINER_FULL_NAME=${CONTAINER_NAME}-${GIT_TAG}
REPOSITORY=registry.cn-shanghai.aliyuncs.com/xxx/${CONTAINER_NAME}:${GIT_TAG}

# Build Docker image
docker build -t $REPOSITORY -f Dockerfile .

# Push Docker image. Username and password are the account password of Ali Cloud container image service
docker login --username=xxxxx --password=xxxxxx registry.cn-shanghai.aliyuncs.com
docker push $REPOSITORY

Delete the generated image
docker images | grep citest | awk '{print $1":"$2}' | xargs docker rmi

# delete mirror with name or tag none
docker rmi -f  `docker images | grep '<none>' | awk '{print $3}'`
Copy the code

Changing to this version will create a tag in GitLab, which will then call back to Jenkins, who will then start building and push the resulting image to Ali Cloud Registry and clean up the scene

Image publishing of GitLab — Jenkins — DockerRegistry has been completed, and Jenkins’ ability to distribute and deploy published images to each machine will continue