作者 hoxing
1. 初始化swarm集群
1. 实例选择同区域,同交换机
2. 实例可以按小时计费,也可以添加已购买实例,本文选择选购三台4核8G做实验
3. 每台实例带宽可以选择最小,两个原因:服务之间数据传输为内网,对外暴露的 api会走阿里云的负载均衡,按流量收费
4. 价格(2018-11时期)简单计算一个月费用三台实例5.568/小时,负载均衡管理费0.02/小时,负载均衡流量300/月,每个月花费差不多4323
5. 创建完成之后, 会生成一个集群实例,一个负载均衡实例,负载80端口会映射集群路由器的9080端口
6. 默认一级域名 cn-shenzhen.alicontainer.com 默认二级域名$container-id.cn-shenzhen.alicontainer.com,域名可以做改动, 本文默认。
2.jenkins 2.89.2
1. 镜像选择2.89.2 阿里云默认容器编排比此版本低
2. 容器编排会有一些slave节点,这些节点的意思是每种不同的编译环境,如果不需要可以去掉,保留slave-java
3. 按照下面配置文件,在浏览器下访问 http://jenkins.$container-id.cn-shenzhen.alicontainer.com
4. jenkins 初始化页面会有一个秘钥,秘钥可以在容器生成的日志里边查
5. 安装按照默认即可,之后根据个人需求补插件
jenkins:
image: 'registry.cn-hangzhou.aliyuncs.com/acs-sample/jenkins:2.89.2'
mem_limit: 4000000000
volumes:
- /var/lib/docker/jenkins:/var/jenkins_home
restart: always
labels:
aliyun.scale: '1'
aliyun.probe.url: 'tcp://container:8080'
aliyun.probe.initial_delay_seconds: '10'
aliyun.routing.port_8080: jenkins
links:
- slave-golang
- slave-java
- slave-nodejs
- slave-python
- slave-php
slave-golang:
image: 'registry.aliyuncs.com/acs-sample/jenkins-slave-dind-golang'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
labels:
aliyun.scale: '1'
slave-java:
image: 'registry.aliyuncs.com/acs-sample/jenkins-slave-dind-java'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
labels:
aliyun.scale: '1'
slave-nodejs:
image: 'registry.aliyuncs.com/acs-sample/jenkins-slave-dind-nodejs'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
labels:
aliyun.scale: '1'
slave-python:
image: 'registry.aliyuncs.com/acs-sample/jenkins-slave-dind-python'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
labels:
aliyun.scale: '1'
slave-php:
image: 'registry.aliyuncs.com/acs-sample/jenkins-slave-dind-php'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
labels:
aliyun.scale: '1'
3.gitlab
1. aliyun.routing.port_80: gitlab 三级域名改成这个
2. GITLAB_HOST=gitlab.$container-id.cn-shenzhen.alicontainer.com,这个地方改成要生成的服务域名,之后项目方便复制代码链接
3. 如果需要配置邮件登录(我用的qsmtp.qq.com),之后有用户注册会发验证邮件;如果不需要可以按照阿里云默认编排模板
4. 访问 http://gitlab.$container-id.cn-shenzhen.alicontainer.com
5. 初始root用户密码可以登录到容器里边 是这个脚本 /home/git/gitlab/bin/rails,具体参考https://docs.gitlab.com/ce/security/reset_root_password.html
postgresql:
image: registry.cn-hangzhou.aliyuncs.com/acs-sample/postgresql-sameersbn:9.4-24
environment:
- DB_USER=gitlab
- DB_PASS=password
- DB_NAME=gitlabhq_production
- DB_EXTENSION=pg_trgm
labels:
aliyun.probe.url: tcp://container:5432
volumes:
- /srv/docker/gitlab/postgresql:/var/lib/postgresql
gitlab:
image: registry.cn-hangzhou.aliyuncs.com/acs-sample/gitlab-sameersbn:latest
links:
- redis:redisio
- postgresql:postgresql
ports:
- "10080:80"
- "10022:22"
environment:
- TZ=Asia/Shanghai
- SMTP_ENABLED=true
- SMTP_DOMAIN=qq.com
- SMTP_HOST=smtp.qq.com
- SMTP_PORT=465
- SMTP_USER=8888888@qq.com
- SMTP_PASS=123456789
- SMTP_STARTTLS=true
- SMTP_TLS=true
- SMTP_AUTHENTICATION=login
- GITLAB_TIMEZONE=Kolkata
- GITLAB_HOST=gitlab.$container-id.cn-shenzhen.alicontainer.com
- GITLAB_PORT=80
- GITLAB_SSH_PORT=22
- GITLAB_EMAIL=8888888@qq.com
- GITLAB_EMAIL_REPLY_TO=noreply@example.com
- GITLAB_BACKUPS=daily
- GITLAB_BACKUP_TIME=01:00
- GITLAB_SECRETS_DB_KEY_BASE=long-and-random-alphanumeric-string
- GITLAB_SECRETS_SECRET_KEY_BASE=long-and-random-alpha-numeric-string
- GITLAB_SECRETS_OTP_KEY_BASE=long-and-random-alpha-numeric-string
volumes:
- /srv/docker/gitlab/gitlab:/home/git/data
labels:
aliyun.probe.url: tcp://container:80
aliyun.probe.initial_delay_seconds: "10"
aliyun.routing.port_80: gitlab
redis:
image: registry.cn-hangzhou.aliyuncs.com/acs-sample/redis-sameersbn:latest
volumes:
- /srv/docker/gitlab/redis:/var/lib/redis
4.eureka高可用
1. image要用自己的,本文举例
2. 网络别名要设置
3. docker内jar包路径注意改
4. ADDITIONAL_EUREKA_SERVER_LIST目的eureka是配置文件的唯一(不用写三个)
5. 会生成三个服务链接 http://eureka[1,2,3].$container-id.cn-shenzhen.alicontainer.com
eureka1:
image: 'registry-vpc.cn-shenzhen.aliyuncs.com/project/eureka:master'
networks:
multi-host-network:
aliases:
- eureka1
mem_limit: 1073741824
environment:
- LANG=C.UTF-8
- JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
- ADDITIONAL_EUREKA_SERVER_LIST=http://{account}:{pass}@eureka2:8761/eureka/,http://{account}:{pass}8@eureka3:8761/eureka/
- HOSTNAME=eureka1
kernel_memory: 0
memswap_reservation: 0
restart: always
shm_size: 0
memswap_limit: 0
labels:
aliyun.scale: '1'
aliyun.routing.port_8761: 'http://eureka1'
command:
- java
- '-jar'
- '-Dspring.profiles.active=prd'
- /usr/local/javaapp/eureka.jar
eureka2:
image: 'registry-vpc.cn-shenzhen.aliyuncs.com/project/eureka:master'
networks:
multi-host-network:
aliases:
- eureka2
mem_limit: 1073741824
environment:
- LANG=C.UTF-8
- JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
- ADDITIONAL_EUREKA_SERVER_LIST=http://{account}:{pass}@eureka1:8761/eureka/,http://{account}:{pass}@eureka3:8761/eureka/
- HOSTNAME=eureka2
kernel_memory: 0
memswap_reservation: 0
restart: always
shm_size: 0
memswap_limit: 0
labels:
aliyun.scale: '1'
aliyun.routing.port_8761: 'http://eureka2'
command:
- java
- '-jar'
- '-Dspring.profiles.active=prd'
- /usr/local/javaapp/eureka.jar
eureka3:
image: 'registry-vpc.cn-shenzhen.aliyuncs.com/project/eureka:master'
networks:
multi-host-network:
aliases:
- eureka3
mem_limit: 1073741824
environment:
- LANG=C.UTF-8
- JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
- ADDITIONAL_EUREKA_SERVER_LIST=http://{account}:{pass}@eureka1:8761/eureka/,http://{account}:{pass}@eureka2:8761/eureka/
- HOSTNAME=eureka3
kernel_memory: 0
memswap_reservation: 0
restart: always
shm_size: 0
memswap_limit: 0
labels:
aliyun.scale: '1'
aliyun.routing.port_8761: 'http://eureka3'
command:
- java
- '-jar'
- '-Dspring.profiles.active=prd'
- /usr/local/javaapp/eureka.jar
