Docker + Gitlab + Jenkins built CI/CD system
1. Environmental
The construction environment is Centos 7.2. The local test is a VIRTUAL machine built by myself. The test environment is Centos 7.2 of Ali Cloud ECS
2. Install the docker
Yum comes with a relatively low version of Docker by default. I usually install the updated version of Docker
If you have installed Docker using yum
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine
Copy the code
Install docker dependency library, add docker official yum source and install Docker
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce
Copy the code
Configure docker startup and start Docker
systemctl enable docker
systemctl daemon-reload
systemctl start docker
Copy the code
After the installation, you can query the installed Docker version
Docker --version Docker version 18.09.6, build 481bC77156Copy the code
Docker-compose should be installed after docker is installed
Docker-compose is a docker composing tool written by Python. The following startup services are started with Docker-compose, so that there is no need to manually input the configuration parameters of docker startup commands every time, simplifying the operation. Finally, gitlab can also be used. Jenkins and other related services are written in the same Docker-compose script, which is convenient to manage together
Our deployment environment has python3, so we installed Docker-compose directly using PIp3
sudo pip3 install docker-compose
Copy the code
3. Install gitlab
Build gitLab image and start
First, create a docker-compose script in your working directory,
# /data/gitlab is a directory where custom mapping gitlab stores configuration parameters and data. You can change it to your own directory
cat > docker-compose.yml << EOF
version: '2'Services: Jenkins: image: gitlab/gitlab-ce:12.0.3-ce.0 Container_name: Gitlab ports: -"9022:9022"
- "9080:80"
volumes:
- "/data/gitlab/cfg:/etc/gitlab"
- "/data/gitlab/logs:/var/log/gitlab"
- "/data/gitlab/data:/var/opt/gitlab"
restart: always
EOF
-d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d -d
docker-compose up -d
Copy the code
Configuration gitlab
Gitlab will listen on port 22 (SSH connection), port 80 (HTTP) and port 443 (HTTPS). We add a haProxy in front of Gitlab as reverse proxy. Haproxy listens on port 443 and proxy on port 9443. Docker not open port 80 all go to port 9443 (mapped to port 433)
Using vim editor gitlab configuration files, gitlab configuration file defaults to/data/gitlab/CFG/gitlab rb, the mapping of the directory is configured in the docker ahead of the directory
docker container exec -it gitlab bash
vim /etc/gitlab/cfg/gitlab.rb
The following are gitlab configuration items
Gitlab will automatically create a nginx configuration that listens on port 443 when external_url is configured as HTTPS, and the certificate will be placed in /etc/gitlab/ssl and named as.crt
Note For example, if the domain name is https://git.xxx.com, the certificate files are git.xxx.com.crt and git.xxx.com.key
external_url 'https://git.xxx.com'
Configure email information
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = '[email protected]'
gitlab_rails['gitlab_email_display_name'] = 'gitlab'
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "hwsmtp.xxx.com"
gitlab_rails['smtp_port'] = 994
gitlab_rails['smtp_user_name'] = "[email protected]"
gitlab_rails['smtp_password'] = "xxx"
gitlab_rails['smtp_domain'] = "qiye.xxx.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
Type the command to reconfigure gitlab
sudo gitlab-ctl reconfigure
Copy the code
Using gitlab
The normal use of GitLab can refer to other resources on the web, mainly the creation of users, groups and projects
4. Install Jenkins
Install Jenkins Mirror
# /data/ Jenkins is the directory where Jenkins stores data, which can be modified to the directory you need. Docker mapping is to enable Jenkins to use docker in the host environment
cat > docker-compose.yml << EOF
version: '2'
services:
jenkins:
image: jenkins/jenkins:lts
user: root
container_name: jenkins
ports:
- "8002:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "/data/jenkins:/var/jenkins_home"
- "/usr/bin/docker:/usr/bin/docker"
restart: always
EOF
# background to start the service, or automatically pull the mirror for the first time, add background start - d, can add the parameters used in the background
docker-compose up
Copy the code
Using Jenkins
When Jenkins runs properly, the startup log will contain the administrator password required for the first login, as follows:
Copy this password and log in to host address :8002 to access, it will enter Jenkins initialization page, enter the password just copied, then enter the boot page, install the recommended plug-in according to the boot
Once the plugin is complete, you can add an administrator account, which will take you to Jenkins’ homepage
Install gitlab and Docker plug-ins
Search and install gitLab and Docker plugins in System Administration > Plugins Management > Optional Plugins
Gitlab adds a testable project
We need to add another test project to Gitlab, and the project needs dockerfile script. The main process of our test is Gitlab push tag, and then Jenkins triggers the construction and starts automatic deployment. The project deployment is realized by the way of Docker image generation and deployment
Configure the Gitlab SSH key pair
SSH: id_rsa(private key) and id_rsa.pub(public key)
ssh-keygen -o -t rsa -b 4096 -C "[email protected]"
Copy the code
Copy the public key information and go to Gitlab > User Settings > SSH Keys > add an SSH key
Configure the Docker build task
Add a task to Jenkins
Source code needs to be configured in the task. The managed code of GitLab is used here, so the address of gitLab warehouse is required, and the user needs to have the corresponding permissions for the warehouse. Since the user information of Gitlab has not been configured, the source code of the warehouse cannot be read
Click the Add button next to the Credentials to add the certificate information. Select SSH username with private Key, add the private key that is used to generate the key, and click Add to complete the entry
Then in source management, select the authentication information you just added, and the red error message will disappear if no problem is added
Add a build step to the build, where the code builds a Docker image
After the completion of the click save to complete the task to add, and then click the build button to view the home page construction effect, for the first time will trigger a docker to download the corresponding not download images, may be slow, then you can see the task to build success, to view the console output log output can see building shell, the construction of this task has no problem, The next step is to implement gitLab push to trigger the build automatically
Configuring GitLab automatically triggers a build
Turn on the push Event trigger in the Jenkins task’s build trigger, then in advanced click Generate Secret Token that generates a callback address, then save
Go to GitLab Project > Settings > Integration and configure Jenkins and the generated token into GitLab, event select Tag Push
Then create a tag, Jenkins receives the callback will automatically build, on the home page can query the history of the build
Automatically push the image to Ali Cloud Registry after completion of construction
Once you can accept tag push callbacks, you need to modify the shell scripts you built
GIT_TAG specifies the tag used to automatically fetch the local Git version
CONTAINER_NAME="citest"
GIT_TAG=`git describe --always --tag`
CONTAINER_FULL_NAME=${CONTAINER_NAME}-${GIT_TAG}
REPOSITORY=registry.cn-shanghai.aliyuncs.com/xxx/${CONTAINER_NAME}:${GIT_TAG}
# Build Docker image
docker build -t $REPOSITORY -f Dockerfile .
# Push Docker image. Username and password are the account password of Ali Cloud container image service
docker login --username=xxxxx --password=xxxxxx registry.cn-shanghai.aliyuncs.com
docker push $REPOSITORY
Delete the generated image
docker images | grep citest | awk '{print $1":"$2}' | xargs docker rmi
# delete mirror with name or tag none
docker rmi -f `docker images | grep '<none>' | awk '{print $3}'`
Copy the code
Changing to this version will create a tag in GitLab, which will then call back to Jenkins, who will then start building and push the resulting image to Ali Cloud Registry and clean up the scene
Image publishing of GitLab — Jenkins — DockerRegistry has been completed, and Jenkins’ ability to distribute and deploy published images to each machine will continue