Jenkins+GitLab+Docker持续集成LNMP（中）

[root@jenkins ~]# cd /usr/lib/jenkins/
[root@jenkins jenkins]# ll
总用量 64688
-rw-r--r-- 1 root root 66239216 5月  28 2020 jenkins.war
[root@jenkins jenkins]# mv jenkins.war jenkins.war.bak  #把原来的包备份
[root@jenkins jenkins]# rz
z waiting to receive.**B0100000023be50
[root@jenkins jenkins]# ll
总用量 133996
-rw-r--r-- 1 root root 70969355 11月 30 2020 jenkins.war    #上传新的war包
-rw-r--r-- 1 root root 66239216 5月  28 2020 jenkins.war.bak
[root@jenkins jenkins]# systemctl restart jenkins     #重启jenkins

进入命令行修改配置文件重启jenkins
[root@jenkins ~]# cd /var/lib/jenkins/updates/
[root@jenkins updates]# sed -i 's/http:\/\/updates.jenkins-ci.org\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json && sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
[root@jenkins updates]# systemctl restart jenkins
[root@jenkins updates]# cd

[root@jenkins ~]# cat .ssh/id_rsa  #复制私钥
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEApXNm9MqC/IuDtk0zvp/cNBLJUN0uXpHmpRHjEZ2MW1iA6lvn
eF90j9h2nCVpZA5e7p1TXoM0661688uFFlNaoAyPAvveMlaig9sxdDzGTzvHuTkQ
+Te4MuQiIxLqW1hwNl4Ox5fFV9YffVWXKBEZNZpwLZ2bUmchbXRm4PELF+T81vpr
x1sL4pVyaV0B13lR5TwExnDm7FTOb5CsR2o22KtS2bWEQOdSdo5CnlKj6IapmGWf
q3vTF4VSZe7i/jYLrcTfi3MKXrB+xK+4RfolA+iVawSlux5JmR2WaSJZQDECO2mv
Z6jlhpFyCq9Y0w7okCDfmpDxn1BG1neXccgt+wIDAQABAoIBAEj7X+YJUsBuFlqb
MYEb6Tm7M7yM5IBo4ZHdEwnZMmm036EBi1ho2vT86k00n4m4YR3mnjjprbVsX/kc
xIc1m5tQDuGlEr2nw6ZgUS9SA7Q9zXsh9h/I+WLRiVFpbaF/oHgLA3/9rdpyJI/X
6oaNDE694k/s3u/5eCBdIWiGS3ttHHyqe3xRPRb3yLWmqb+a0uEeOFIVkfTAmMyv
GHpBuR9ohjPoKB/Ii/gVMIDVr0JJSMAjGdfdc8w2s2lrSg+3OhGyeAe8gDdgWMGg
rhj8h0RnjyxjhTYV76BYVlmi3mnSLSqZ1rUWn9+8BrYo0LGgZFBdSrBYmKFOTeJP
J3bHzXECgYEA1bkQmXE0lko7WC/elXtmCuiKUCdyuBD4rGLeClDVhdLLpG7dgRs+
tGngSeC4EAOqsPKIGKgPQn9Yn//KRTiAaVsACFagE2/JNA1fD/OlrPgO4Tz8or7l
GW9BOf+Tg8FL1Z/abD5+Y6zK5O/pG7CgmQp0LnFGEjKT5bRXKh3QnXMCgYEAxi3V
6dTkClrO6F1vO5c7pQgbnKfd8LT+V0JRaHiTcITsyCf2/zmGMJv3i7aLX0jSoOe3
GGIsiNuYUc2zTrqsVDg3OllrK9GPhmtSv/NgiVvwoBHY7B2Ersi1dAMbsipdjedT
fqSbZVeRKsOWq0YSsYbY06W3gHgtdft2uYUsi1kCgYEAmVtML+5tX5Iwdx0SSIzd
MeKerNlBlhaHeZsP3LMYJAiYG4t54dRc8DQwvpJDQSqAZqwBQEAHgx3ByD1RNM5Q
RkkIAvO1tXy3EWSu29FnBnCQrMqINXdpCREt6qIbhaVD9yvXHWjSZE9u30vPJxFc
i7RWnaSmNRSZz2/SQ+RU90UCgYBJufGTzSSNCZ1h6qif9bI1wh9rlzPFAcCBO+XH
RNwtBvaDvAJyjrbyTIO6UU3mQ9RAEhQWmSdSPsea3ziuuFm19zfsmCl7ormPW0vs
pyEp2K9bDWiy5oRe9cIzh5h9Hq+xQ/bW7Wv2Nq6Fxz+9NhNsQetWSZdLzumys7tG
Z1nb+QKBgCIgZ0bPnRl8Tv3KwCqYn5OAK0jnxwRU5LPkHKSr/3zLIPIALHHCSpgL
zep1WzlWb/FEsdb3xHD/n+MqHcGxLzly+OA3NAqr675aQC/qSQtqEPPL6LTawuOz
EkZzROrU03xGPRl0nJ1ikoqYfw9+pAm9fiH28BWWdWSOG4cBmIXU
-----END RSA PRIVATE KEY-----

在上面的gitlab生成ssh密钥已经生成过了，所以这里直接传就行
[root@jenkins ~]# ssh-copy-id root@192.168.100.202
[root@jenkins ~]# ssh-copy-id root@192.168.100.203
[root@jenkins ~]# ssh-copy-id root@192.168.100.204
[root@jenkins ~]# ssh-copy-id root@192.168.100.205
[root@jenkins ~]# ssh-copy-id root@192.168.100.206

******（1）先做基础配置
[root@Centos7 ~]# hostnamectl set-hostname harbor
[root@Centos7 ~]# su
[root@harbor ~]# systemctl stop firewalld
[root@harbor ~]# setenforce 0
setenforce: SELinux is disabled
[root@harbor ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护，将以只读方式挂载
mount: /dev/sr0 已经挂载或 /mnt 忙
       /dev/sr0 已经挂载到 /mnt 上

******（2）安装docker
[root@harbor ~]# yum install -y yum-utils device-mapper-persistent-data lvm2  #安装依赖
。。。。。。
完毕！
[root@harbor ~]# ll
总用量 8
-rw-------. 1 root root 1264 1月  12 2021 anaconda-ks.cfg
drwxr-xr-x  3 root root 4096 8月   1 22:48 docker
[root@harbor ~]# vim /etc/yum.repos.d/centos.repo 
[aaa]
name=aaa
baseurl=file:///mnt
enabled=1
gpgcheck=0
[docker]
name=docker
baseurl=file:///root/docker
enabled=1
gpgcheck=0
#保存退出
[root@harbor ~]# yum -y install docker-ce
。。。。。。
#保存退出
[root@harbor ~]# mkdir -p /etc/docker/
[root@harbor ~]# vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://w4uieobw.mirror.aliyuncs.com"],
  "insecure-registries": ["192.168.100.206"]
}
#保存退出

******（3）安装Harbor，这里只搭建http协议的harbor
[root@harbor ~]# ll
总用量 614824
-rw-------. 1 root root      1264 1月  12 2021 anaconda-ks.cfg
drwxr-xr-x  3 root root      4096 8月   1 22:48 docker
-rw-r--r--  1 root root 629571428 8月   1 22:52 harbor-offline-installer-v2.3.1.tgz  #上传安装包
[root@harbor ~]# tar xf harbor-offline-installer-v2.3.1.tgz -C /usr/local/
[root@harbor ~]# cd /usr/bin   
[root@harbor bin]# rz
z waiting to receive.**B0100000023be50
[root@harbor bin]# chmod  a+x docker-compose 
[root@harbor bin]# ll | grep docker-compose
-rwxr-xr-x    1 root root    11748168 7月  28 18:54 docker-compose
[root@harbor bin]# cd
[root@harbor ~]# vim /usr/local/harbor/harbor.yml.tmpl
  1 # Configuration file of Harbor
  2 
  3 # The IP address or hostname to access admin UI and registry service.
  4 # DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
  5 hostname: 192.168.100.206
  6 
  7 # http related config
  8 http:
  9   # port for http, default is 80. If https enabled, this port will redirect to https port
 10   port: 80
 11 
 12 # https related config
 13 #https:
 14   # https port for harbor, default is 443
 15   #port: 443
 16   # The path of cert and key files for nginx
 17   #certificate: /your/certificate/path
 18   #private_key: /your/private/key/path
 19 
。。。。。。
#保存退出
[root@harbor ~]# cd /usr/local/harbor/
[root@harbor harbor]# cp harbor.yml.tmpl harbor.yml
[root@harbor harbor]# systemctl start docker   #启动docker
[root@harbor harbor]# sh install.sh #安装harbor，第一次使用脚本安装后续可使用“docker-compose up -d”命令启动 Harbor，使用“docker-compose stop”命令关闭 Harbor
[root@harbor harbor]# echo $?
0
[root@harbor harbor]# ps aux | grep docker-compose  #成功开启
root      16980  0.0  0.0 112676   988 pts/0    R+   23:00   0:00 grep --color=auto docker-compose
[root@harbor harbor]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
goharbor/harbor-exporter        v2.3.1              719fd825651e        13 days ago         81MB
goharbor/chartmuseum-photon     v2.3.1              3aba4510af16        13 days ago         178MB
goharbor/redis-photon           v2.3.1              4a0d49a4ece0        13 days ago         191MB
goharbor/trivy-adapter-photon   v2.3.1              a285847f857a        13 days ago         164MB
goharbor/notary-server-photon   v2.3.1              87a2dbfd122e        13 days ago         110MB
goharbor/notary-signer-photon   v2.3.1              7e29ff33ec85        13 days ago         107MB
goharbor/harbor-registryctl     v2.3.1              91e798004920        13 days ago         132MB
goharbor/registry-photon        v2.3.1              972ce19b1882        13 days ago         81.2MB
goharbor/nginx-photon           v2.3.1              3b3ede1db494        13 days ago         44.3MB
goharbor/harbor-log             v2.3.1              40a54594fe22        13 days ago         194MB
goharbor/harbor-jobservice      v2.3.1              d6e174ae0a00        13 days ago         171MB
goharbor/harbor-core            v2.3.1              f05acc3947d6        13 days ago         158MB
goharbor/harbor-portal          v2.3.1              4a15c5622fda        13 days ago         57.6MB
goharbor/harbor-db              v2.3.1              b16a9c81ef03        13 days ago         263MB
goharbor/prepare                v2.3.1              4ce629d59c20        13 days ago         288MB
[root@harbor harbor]# docker ps
CONTAINER ID        IMAGE                                COMMAND                  CREATED             STATUS                    PORTS                       NAMES
5bf08af481aa        goharbor/harbor-jobservice:v2.3.1    "/harbor/entrypoint.…"   34 seconds ago      Up 30 seconds (healthy)                               harbor-jobservice
d38b62be5d2b        goharbor/nginx-photon:v2.3.1         "nginx -g 'daemon of…"   34 seconds ago      Up 30 seconds (healthy)   0.0.0.0:80->8080/tcp        nginx
3d223a63d976        goharbor/harbor-core:v2.3.1          "/harbor/entrypoint.…"   37 seconds ago      Up 33 seconds (healthy)                               harbor-core
964e5805fb81        goharbor/harbor-portal:v2.3.1        "nginx -g 'daemon of…"   39 seconds ago      Up 36 seconds (healthy)                               harbor-portal
41038ff6f31e        goharbor/harbor-db:v2.3.1            "/docker-entrypoint.…"   39 seconds ago      Up 36 seconds (healthy)                               harbor-db
6b3503d1367e        goharbor/redis-photon:v2.3.1         "redis-server /etc/r…"   39 seconds ago      Up 36 seconds (healthy)                               redis
c059529f89f3        goharbor/harbor-registryctl:v2.3.1   "/home/harbor/start.…"   39 seconds ago      Up 36 seconds (healthy)                               registryctl
55a65d22d7b3        goharbor/registry-photon:v2.3.1      "/home/harbor/entryp…"   39 seconds ago      Up 36 seconds (healthy)                               registry
73f8185a516a        goharbor/harbor-log:v2.3.1           "/bin/sh -c /usr/loc…"   41 seconds ago      Up 39 seconds (healthy)   127.0.0.1:1514->10514/tcp   harbor-log
[root@harbor harbor]# cd

******（5）上传镜像，修改tag推送到镜像仓库
[root@harbor ~]# ll
总用量 2320516
-rw-------. 1 root root       1264 1月  12 2021 anaconda-ks.cfg
drwxr-xr-x  3 root root       4096 8月   1 22:48 docker
-rw-r--r--  1 root root  629571428 8月   1 22:52 harbor-offline-installer-v2.3.1.tgz
-rw-r--r--  1 root root  453615616 8月   1 23:04 mysql_5.7.tar.gz
-rw-r--r--  1 root root  137441280 8月   1 23:04 nginx
-rw-r--r--  1 root root 1155569664 8月   1 23:05 php_5.6
[root@harbor ~]# docker load -i nginx 
[root@harbor ~]# docker load -i php_5.6 
[root@harbor ~]# docker load -i mysql_5.7.tar.gz 
[root@harbor ~]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
mysql                           5.7                 8cf625070931        10 days ago         448MB
goharbor/harbor-exporter        v2.3.1              719fd825651e        13 days ago         81MB
goharbor/chartmuseum-photon     v2.3.1              3aba4510af16        13 days ago         178MB
goharbor/redis-photon           v2.3.1              4a0d49a4ece0        13 days ago         191MB
goharbor/trivy-adapter-photon   v2.3.1              a285847f857a        13 days ago         164MB
goharbor/notary-server-photon   v2.3.1              87a2dbfd122e        13 days ago         110MB
goharbor/notary-signer-photon   v2.3.1              7e29ff33ec85        13 days ago         107MB
goharbor/harbor-registryctl     v2.3.1              91e798004920        13 days ago         132MB
goharbor/registry-photon        v2.3.1              972ce19b1882        13 days ago         81.2MB
goharbor/nginx-photon           v2.3.1              3b3ede1db494        13 days ago         44.3MB
goharbor/harbor-log             v2.3.1              40a54594fe22        13 days ago         194MB
goharbor/harbor-jobservice      v2.3.1              d6e174ae0a00        13 days ago         171MB
goharbor/harbor-core            v2.3.1              f05acc3947d6        13 days ago         158MB
goharbor/harbor-portal          v2.3.1              4a15c5622fda        13 days ago         57.6MB
goharbor/harbor-db              v2.3.1              b16a9c81ef03        13 days ago         263MB
goharbor/prepare                v2.3.1              4ce629d59c20        13 days ago         288MB
nginx                           latest              4cdc5dd7eaad        3 weeks ago         133MB
cytopia/php-fpm-5.6             latest              2943ebf1ef81        3 years ago         1.1GB
[root@harbor ~]# docker tag mysql:5.7 192.168.100.206/library/mysql:5.7
[root@harbor ~]# docker tag nginx:latest 192.168.100.206/library/nginx:latest
[root@harbor ~]# docker tag cytopia/php-fpm-5.6:latest 192.168.100.206/library/php:latest
[root@harbor ~]# docker login -u admin -p Harbor12345 192.168.100.206
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@harbor ~]# docker push 192.168.100.206/library/mysql:5.7
[root@harbor ~]# docker push 192.168.100.206/library/nginx:latest
[root@harbor ~]# docker push 192.168.100.206/library/php:latest

******（1）先做基础配置，两台主机配置相同
[root@Centos7 ~]# hostnamectl set-hostname test
[root@Centos7 ~]# su
[root@test ~]# systemctl stop firewalld
[root@test ~]# setenforce 0
setenforce: SELinux is disabled
[root@test ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护，将以只读方式挂载
mount: /dev/sr0 已经挂载或 /mnt 忙
       /dev/sr0 已经挂载到 /mnt 上
[root@Centos7 ~]# hostnamectl set-hostname true
[root@Centos7 ~]# su
[root@true ~]# systemctl stop firewalld
[root@true ~]# setenforce 0
setenforce: SELinux is disabled
[root@true ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护，将以只读方式挂载
mount: /dev/sr0 已经挂载或 /mnt 忙
       /dev/sr0 已经挂载到 /mnt 上

******（2）安装Docker，上传docker-compose
[root@test ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@test ~]# vim /etc/yum.repos.d/centos.repo 
[aaa]
name=aaa
baseurl=file:///mnt
enabled=1
gpgcheck=0
[docker]
name=docker
baseurl=file:///root/docker
enabled=1
gpgcheck=0
#保存退出
[root@test ~]# ll
总用量 8
-rw-------. 1 root root 1264 1月  12 2021 anaconda-ks.cfg
drwxr-xr-x  3 root root 4096 8月   2 00:05 docker
[root@test ~]# yum -y install docker-ce
[root@test ~]# cd /usr/bin/
[root@test bin]# rz
z waiting to receive.**B0100000023be50
[root@test bin]# ll | grep docker-compose
-rw-r--r--    1 root root    11748168 7月  28 18:54 docker-compose
[root@test bin]# chmod a+x docker-compose 
[root@test bin]# cd
[root@test ~]# mkdir /etc/docker
[root@test ~]# vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://w4uieobw.mirror.aliyuncs.com"],
  "insecure-registries": ["192.168.100.206"]
}
#保存退出
[root@test ~]# systemctl start docker
[root@test ~]# docker login -u admin -p Harbor12345 192.168.100.206
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@test ~]# docker pull 192.168.100.206/library/nginx:latest
[root@test ~]# docker pull 192.168.100.206/library/php:latest
[root@test ~]# docker pull 192.168.100.206/library/mysql:5.7
[root@test ~]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
192.168.100.206/library/mysql   5.7                 8cf625070931        10 days ago         448MB
192.168.100.206/library/nginx   latest              4cdc5dd7eaad        3 weeks ago         133MB
192.168.100.206/library/php     latest              2943ebf1ef81        3 years ago         1.1GB
[root@true ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@true ~]# vim /etc/yum.repos.d/centos.repo 
[aaa]
name=aaa
baseurl=file:///mnt
enabled=1
gpgcheck=0
[docker]
name=docker
baseurl=file:///root/docker
enabled=1
gpgcheck=0
#保存退出
[root@true ~]# ll
总用量 8
-rw-------. 1 root root 1264 1月  12 2021 anaconda-ks.cfg
drwxr-xr-x  3 root root 4096 8月   2 00:06 docker
[root@true ~]# yum -y install docker-ce
[root@true ~]# cd /usr/bin/
[root@true bin]# rz
z waiting to receive.**B0100000023be50
[root@true bin]# ll | grep docker-compose
-rw-r--r--    1 root root    11748168 7月  28 18:54 docker-compose
[root@true bin]# chmod a+x docker-compose 
[root@true bin]# cd
[root@true ~]# mkdir /etc/docker
[root@true ~]# vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://w4uieobw.mirror.aliyuncs.com"],
  "insecure-registries": ["192.168.100.206"]
}
#保存退出
[root@true ~]# systemctl start docker
[root@true ~]# docker login -u admin -p Harbor12345 192.168.100.206
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@true ~]# docker pull 192.168.100.206/library/nginx:latest
[root@true ~]# docker pull 192.168.100.206/library/php:latest
[root@true ~]# docker pull 192.168.100.206/library/mysql:5.7
[root@true ~]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
192.168.100.206/library/mysql   5.7                 8cf625070931        10 days ago         448MB
192.168.100.206/library/nginx   latest              4cdc5dd7eaad        3 weeks ago         133MB
192.168.100.206/library/php     latest              2943ebf1ef81        3 years ago         1.1GB

[root@jenkins ~]# git config --global user.name "Administrator"
[root@jenkins ~]# git config --global user.email "admin@example.com"
[root@jenkins ~]# git clone git@192.168.100.202:root/lnmp.git
正克隆到 'lnmp'...
warning: 您似乎克隆了一个空版本库。
[root@jenkins ~]# cd lnmp/
[root@jenkins lnmp]# yum -y install tree
[root@jenkins lnmp]# tree   #上传lnmp目录
.
└── lnmp
    ├── conf
    │   └── default.conf
    ├── docker-compose.yml
    └── html
        ├── dbtest.php
        ├── index.html
        └── test.php
3 directories, 5 files
[root@jenkins lnmp]# git add .
[root@jenkins lnmp]# git commit -m "add lnmp"
[master（根提交） ed73f9c] add lnmp
 5 files changed, 74 insertions(+)
 create mode 100644 lnmp/conf/default.conf
 create mode 100644 lnmp/docker-compose.yml
 create mode 100644 lnmp/html/dbtest.php
 create mode 100644 lnmp/html/index.html
 create mode 100644 lnmp/html/test.php
[root@jenkins lnmp]# git push origin master
Counting objects: 10, done.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (10/10), 1.30 KiB | 0 bytes/s, done.
Total 10 (delta 0), reused 0 (delta 0)
To git@192.168.100.202:root/lnmp.git
 * [new branch]      master -> master

#语法（把刚才生成的git拉取数据的语句复制过来）：
pipeline {
    agent any
    stages {
        stage("gitlab") {
           steps {
               git credentialsId: '948ac17c-2c14-4a8d-9120-95eb8c2b86aa', url: 'git@192.168.100.202:root/lnmp.git'
           }  
         }
    }
}
在保存后可以先进行测试