linuxea:gitops持续集成组件快速搭建

marksugar
2022-06-27 / 0 评论 / 380 阅读 / 正在检测是否收录...
温馨提示:
本文最后更新于2022年06月28日,已超过99天没有更新,若内容或图片失效,请留言反馈。

我想我多少有些浮夸,因为我将这几句破烂的文字描述的一个持续集成的幼形称作“gitops”。不禁我有些害臊

这充其量只是一个持续集成的组件整合,远远算不上gitops,更别说什么devops,那是个什么东西呢。

不知道从什么时候开始,我逐渐厌烦有人枉谈devops,随意的描述devops,更可恶的是有些人做了一个流水线管道就妄言从事了devops的工作,我不想与他们为伍。我肤浅的认为只有无知才会大言不惭。

为此,为了能和这些所谓的devops划清界限,并跨远。我利用业余时间将一些小项目的实施交付文档经过修改改为所谓的基于git的持续集成和持续发布,很明显,这里面引入了gitlab。

gitlab作为管理jenkins的共享库和k8s的yaml配置清单。当然,这是一个幼形。并且,如果我的描述和形容使你感到不适,那当我什么都没说。

好的,那么我们正式开始

在一些场合中,我们希望快速构建一个项目,项目里面一套持续集成的流水线,我们至少需要一些必要的组件,如:jenkins,gitlab,sonarqube,harbor,nexus3,k8s集群等。我们的目的是交付一套持续集成和持续交付的幼形,来应对日益变换的构建和发布。拓扑如下

image-20220627234505529.png

为此,这篇文章简单介绍如何快速使用docker来部署这些必要的组件。

首要条件

安装docker和docker-compose

  • 离线安装docker

如果你准备了离线包就可以使用本地的包进行安装

centos7.9:

cd docker/docker-rpm
yum localinstall * -y
  • 离线安装docker-compose

我们至少下载一个较新的版本来应对harbor的配置要求,一般来说都够用

cd docker/docker-compose
cp docker-compose-Linux-x86_64 /usr/loca/sbin/docker-compose
chmod +x /usr/loca/sbin/docker-compose

验证

docker verson
docker-compsoe -v
  • 在线安装:
yum install epel* -y
yum install docker-ce docker-compose -y

jenkins

如果本地有旧的包,解压即可

tar xf jenkins.tar.gz -C /data/
chown -R 1000:1000 /data/jenkins
cd /data/jenkins
docker-compose -f jenkins.yaml up -d

安装新的

version: '3.5'
services:
  jenkins:
    image: registry.cn-hangzhou.aliyuncs.com/marksugar/jenkins:2.332-3-alpine-ansible-maven3-nodev16.15-latest
    container_name: jenkins
    restart: always
    network_mode: host
    environment:
     - JAVA_OPTS=-Duser.timezone=Asia/Shanghai  # 时区1
    volumes:
      - /etc/localtime:/etc/localtime:ro  # 时区2
      - /data/jenkins-latest/jenkins_home:/var/jenkins_home #chown 1000:1000 -R jenkins_home
      - /data/jenkins-latest/ansiblefile:/etc/ansible
      - /data/jenkins-latest/local_repo:/data/jenkins-latest/local_repo
      - /data/jenkins-latest/package:/usr/local/package
      #- /data/jenkins-latest/package/node-v14.17.6-linux-x64/bin/node:/sbin/node
      #- /data/jenkins-latest/package/node-v14.17.6-linux-x64/bin/npm:/sbin/npm
      #- /data/jenkins-latest/latest_war_package/jenkins.war:/usr/share/jenkins/jenkins.war # jenkins war新包挂载
#    ports:
#      - 58080:58080
    user: root
    logging:
      driver: "json-file"
      options:
        max-size: "1G"
    deploy:
      resources:
        limits:
          memory: 30720m
        reservations:
          memory: 30720m   

查看密钥

[root@linuxea.com data]# cat /data/jenkins-latest/jenkins_home/secrets/initialAdminPassword 
c3e5dd22ea5e4adab28d001a560302bc

第一次卡住,修改

# cat /data/jenkins-latest/jenkins_home/hudson.model.UpdateCenter.xml 

<?xml version='1.1' encoding='UTF-8'?>
<sites>
  <site>
    <id>default</id>
    <url>https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json</url>
  </site>
</sites>
  • 跳过,不安装任何插件

image-20220618154620501.png

选择none

image-20220618154639674.png

如果没有修改上面的插件源,我们就在Manage Jenkins->Plugin Manager->Advanced->最下方的Update Site修改

https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json

必要安装的jenkins插件

1.Credentials: 凭据
localization: 中文插件
localization: chinase(simplified) 

2.AnsiColor: 颜色插件
"echo -en \\033[1;32m"

3.Rebuilder: 重复上次构建插件

4.build user vars:变量

变量分为如下几种:
Full name :全名
BUILD_USER_FIRST_NAME :名字
BUILD_USER_LAST_NAME :姓
BUILD_USER_ID :Jenkins用户ID
BUILD_USER_EMAIL :用户邮箱

5.Workspace Cleanup: 清理workspace
6.Role-based Authorization Strategy 用户角色
7.Git Plugin
8.Gogs
9.GitLab
10.Generic Webhook TriggerVersion
11.Pipeline
12.Pipeline: Groovy
13.JUnit Attachments
14.Performance
15.Html Publisher
16.Gitlab Authentication
17.JIRA
18.LDAP 
19.Parameterized Trigger

sonarqube

sonarqube:8.9.2-community
docker pull sonarqube:8.9.8-community
version: '3.3'
services:
  sonarqube:
    container_name: sonarqube
    image: registry.cn-hangzhou.aliyuncs.com/marksugar/sonarqube:8.9.8-community
    restart: always
    hostname: 172.16.100.47
    environment:
     - stop-timeout: 3600
     - "ES_JAVA_OPTS=-Xms16384m -Xmx16384m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    logging:
      driver: "json-file"
      options:
        max-size: "50M"
    deploy:
      resources:
        limits:
          memory: 16384m
        reservations:
          memory: 16384m
    ports:
    - '9000:9000'
    volumes:
      - /etc/localtime:/etc/localtime
      - /data/sonarqube/conf:/opt/sonarqube/conf
      - /data/sonarqube/extensions:/opt/sonarqube/extensions
      - /data/sonarqube/logs:/opt/sonarqube/logs
      - /data/sonarqube/data:/opt/sonarqube/data

harbor

tar xf harbor-offline-installer-v2.5.1.tgz
cd harbor
cp harbor.yml.tmpl harbor.yml
Nodeip=`ip a s ${NETWORK_DEVIDE:-eth0}|awk '/inet/{print $2}'|sed -r 's/\/[0-9]{1,}//'`
sed -i "s/hostname: reg.mydomain.com/hostname: ${NodeIp}/g" harbor.yml
sed -i "s@https:@#https:@g" harbor.yml
sed -i "s@port: 443@#port: 443@g"  harbor.yml
sed -i "s@certificate: /your/certificate/path@#certificate: /your/certificate/path@g" harbor.yml
sed -i "s@private_key: /your/private/key/path@#private_key: /your/private/key/path@g"  harbor.yml
bash install.sh

默认密码:Harbor12345

nexus

mkdir /data/nexus/data -p && chown -R 200.200 /data/nexus/data

yaml

version: '3.3'
services:
  nexus3:
    image: sonatype/nexus3:3.39.0
    container_name: nexus3
    network_mode: host
    restart: always
    environment:
    - INSTALL4J_ADD_VM_PARAMS=-Xms8192m -Xmx8192m -XX:MaxDirectMemorySize=8192m -Djava.util.prefs.userRoot=/nexus-data
#    - NEXUS_CONTEXT=/
#    ports:
#      - 8081:8081
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /data/nexus/data:/nexus-data
    logging:
      driver: "json-file"
      options:
        max-size: "50M"
    deploy:
      resources:
        limits:
          memory: 8192m
        reservations:
          memory: 8192m

gitlab

version: '3'
services:
  gitlab-ce:
    container_name: gitlab-ce
    image: gitlab/gitlab-ce:15.0.3-ce.0
    restart: always
#    network_mode: host
    hostname: 192.168.100.22
    environment:
      TZ: 'Asia/Shanghai'
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://192.168.100.22'
        gitlab_rails['time_zone'] = 'Asia/Shanghai'
        gitlab_rails['gitlab_shell_ssh_port'] = 23857
#        unicorn['port'] = 8888
#        nginx['listen_port'] = 80
    ports:
    - '80:80'
    - '443:443'
    - '23857:22'
    volumes:
      - /etc/localtime:/etc/localtime
      - /data/gitlab/config:/etc/gitlab
      - /data/gitlab/logs:/var/log/gitlab
      - /data/gitlab/data:/var/opt/gitlab
    logging:
      driver: "json-file"
      options:
        max-size: "50M"
    deploy:
      resources:
        limits:
          memory: 13312m
        reservations:
          memory: 13312m

gitlab-ce启动完成后使用如下命令查看登录密码

docker exec -it gitlab-ce grep 'Password:' /etc/gitlab/initial_root_password
0

评论

博主关闭了当前页面的评论