[关闭]
@zhangyy 2019-12-12T16:42:13.000000Z 字数 6810 阅读 159

docker 项目案例

docker的部分


  • 一:docker的Compose 打包部署工具
  • 二:CI/CD 构建持续集成环境
  • 三:实现CI/CD发布项目
  • 四:容器服务注册与发现

一:docker的Compose 打包部署工具

1.1:compose的介绍

  1. 1 、介绍
  2. Compose是一个定义和管理多容器的工具,使用Python语言编写。使用Compose配置文件描述多个容器应用的架构,比如使用什么镜像、数据卷、网络、映射端口等;然后
  3. 一条命令管理所有服务,比如启动、停止、重启等。
  4. 2 2 、安装
  5. curl -L https://github.com/docker/compose/releases/download/1.15.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
  6. chmod +x /usr/local/bin/docker-compose
  7. 或者
  8. pip install docker-compose
  9. 3 3 YAML 文件格式及编写注意事项
  10. YAML是一种标记语言很直观的数据序列化格式,可读性高。类似于XML数据描述语言,语法比XML简单的很多。
  11. YAML数据结构通过缩进来表示,连续的项目通过减号来表示,键值对用冒号分隔,数组用中括号括起来,hash用花括号括起来。
  12. YAML文件格式注意事项:
  13. 1.不支持制表符tab键缩进,需要使用空格缩进
  14. 2.通常开头缩进2个空格
  15. 3.字符后缩进1个空格,如冒号、逗号、横杆
  16. 4.用井号注释
  17. 5.如果包含特殊字符用单引号引起来
  18. 6.布尔值(truefalseyesnoonoff)必须用引号括起来,这样分析器会将他们解释为字符串。

1.2 compose的常用参数

image_1ccfvlglm1b2c1rcr1s3d1951iu19.png-305.7kB

image_1ccfvm2pmn0nh6qd91ot2vorm.png-192.7kB

1.3 一键部署lnmp

  1. tree compose_lnmp

image_1ccfvru7haeiudl1la6bvt1r32j.png-212kB

  1. docker-compose -f docker-compose.yml up 一直到构建接收

image_1ccg025t5198n142t18r01ob4192n30.png-228.4kB

image_1ccg0357ica18ta1n4o1acc19a63d.png-316.6kB

image_1ccg0549oug01a0dasjnujc8l5q.png-297.3kB

  1. docker-compose -f docker-compose.yml up -d ### 后台查看
  2. docker-compose -f docker-compose.yml ps ### 查看运行的容器

image_1ccg07d0s7f1m0h1gvt18161c5c67.png-134.9kB

image_1ccg07r2djti6m053d171h1joq6k.png-197.8kB

image_1ccg09ji46i8ckl10a0neo11iv71.png-318.9kB

1.4 wordpress 测试

  1. mv wordpress-4.7.4-zh_CN.tar.gz /root/compose_lnmp/wwwroot/
  2. cd /root/compose_lnmp/wwwroot/
  3. tar -zxvf /root/compose_lnmp/wwwroot/
  4. 测试: http://172.17.100.12:81/wordpress/

image_1ccg0j765fg86eh15acf1g9dj7e.png-221.5kB

  1. 此处用户名密码在docker-compose.yml里面已经定义好了
  2. 数据库主机填写:mysql

image_1ccg0splk19qgh6e4kbkom1f4d8r.png-244.5kB
image_1ccg11urb1ao56331esn1qsm1e3sao.png-2785.4kB

1.5 一键部署 Nginx 反向代理 Tomcat

  1. tree compose_nginx_tomcat/

image_1ccg169311ursnfpks1o721d20c5.png-225.6kB

  1. 部署jdk
  2. cp -p jdk-8u45-linux-x64.tar.gz /root/compose_nginx_tomcat/
  3. cd /root/compose_nginx_tomcat/
  4. tar -zxvf jdk-8u45-linux-x64.tar.gz
  5. mv jdk1.8.0_45/ /usr/local/

1.6 执行compose构建

  1. docker-compose -f docker-compose.yml up ### 一直到执行结束

image_1ccg25d0g1gro95b1ea1qg41m5ef2.png-396kB

  1. docker-compose -f docker-compose.yml up -d
  2. docker-compose -f docker-compose.yml ps

image_1ccg280imvt96401agu16geupufs.png-162.5kB

image_1ccg293nh198e1sg1ja8bbi1qrlg9.png-215.1kB

  1. 访问测试:
  2. http://172.17.100.12:82/

image_1ccg2ou1mca01dff1mlbbvl1lbegm.png-88.8kB

二:构建持续集成环境

2.1 CI(持续集成)/CD(持续交付/持续部署)

image_1ccg2tpdqnmblf5183qq0drtsh3.png-653.6kB

2.2 发布流程设计

image_1ccg37jifie91p7e1j7t1i0u1btni0.png-240.4kB

2.3 构建docker的harbor的私用仓库

  1. 下载harbor 软件:harbor-offline-installer-v1.1.2.tgz
  2. wget https://github.com/vmware/harbor/releases/download/v1.1.2/harbor-offline-installer-v1.1.2.tgz
  3. tar xvf harbor-offline-installer-v1.1.2.tgz
  4. mv harbor /usr/local/
  5. cd /usr/local/harbor
  6. ----
  7. vim harbor.cfg
  8. ---
  9. 更改harbor hostname
  10. hostname = 172.17.100.13
  11. ---

image_1ccilspca8cq1e0eedg72311l9p.png-111kB

  1. 执行harbor脚本开始构建
  2. cd /usr/local/harbor/
  3. ./install.sh #### 一直到构建完毕
  4. ····
  5. ····
  6. ····
  7. ---
  8. docker ps -a

image_1ccim0jisjvn1s6d1ok2q4817pe16.png-155.4kB
image_1ccim3bh91097125i1kjh1fkmq671j.png-469.8kB

  1. 打关浏览器:
  2. http://172.17.100.13
  3. 用户名: admin 密码: Harbor12345
  4. 增加一个项目flyfish

image_1ccima8u41g8d561o3gllq190o4s.png-214.7kB

image_1ccimappf83n1cn91pbq9t47sp59.png-164.6kB

image_1ccimd3561qj11ce51hse2iqhcj5m.png-221.2kB

  1. 更改增加一个registries
  2. vim /etc/docker/daemon.json
  3. ----
  4. {
  5. "registry-mirrors": [ "https://registry.docker-cn.com"],
  6. "insecure-registries":["172.17.100.13"] ### 增加一行
  7. ----
  8. 然后重启docker
  9. service docker restart

image_1ccimjem6135k6df2f81e61at773.png-113.5kB

  1. 登录docker 仓库
  2. docker login 172.17.100.13
  3. 输入用户名 admin 密码: Harbor12345

image_1ccimr30o1vm22rf1k1n11661c6a80.png-121.1kB

  1. 给上传仓库的镜像 打一个tag
  2. docker tag nginx:latest 172.17.100.13/flyfish/nginx:latest
  3. 上传push 到镜像仓库
  4. docker push 172.17.100.13/flyfish/nginx

image_1ccio0psf1o7916rf19vvmm210018d.png-187.1kB

三:实现CI/CD发布项目

3.1: 环境信息

  1. 172.17.100.11 jenkins
  2. 172.17.100.12 docker (tomcat)
  3. 172.17.100.13 git/harbor

3.2.1 安装git 服务

  1. 172.17.100.13
  2. yum install -y git
  3. useradd git && echo git |passwd git --stdin
  4. su - git
  5. mkdir solo.git
  6. cd solo.git
  7. git --bare init

image_1ccveui2i1p7j1s6v1vprlgc11r09.png-359.9kB

image_1ccvf06ik3t81edgd2s1mktcibm.png-316.4kB


  1. 172.17.100.11:
  2. cd /root/
  3. git clone https://github.com/b3log/solo.git
  4. cd solo/src/main/resources
  5. vim latke.properties
  6. ---
  7. serverHost=172.17.100.12
  8. serverPort=8888
  9. ---
  10. 模拟提交solo git
  11. mkdir test
  12. cd test
  13. git clone root@172.17.100.13:/home/git/solo.git
  14. cp -ap /root/solo/* /root/test/solo/
  15. cd /root/test/solo/
  16. git add .
  17. git commit -m "all"
  18. git push oriagin master
  19. ----
  20. jenkins 拉代码不要输入密码:
  21. linux下每次git clone不需输入账号密码的方法
  22. 在~/下, touch创建文件 .git-credentials, 用vim编辑此文件,输入内容格式:
  23. ame@zhenyun ~ $touch .git-credentials
  24. ame@zhenyun ~ $vim .git-credentials
  25. 在里面按“i”然后输入:https://{username}:{password}@github.com
  26. 比如 https://aoeddklj:1233ds@github.com
  27. 2. 在终端下执行
  28. ame@zhenyun ~ $git config --global credential.helper store
  29. 3. 可以看到~/.gitconfig文件,会多了一项:
  30. [credential]
  31. helper = store
  32. 这个时候输入命令git clone http://username@url 时不需要输入密码,即可完成代码的git
  33. ----

image_1ccvi80b11dsnre01mo11h8ctem23.png-261.3kB

3.2.2 安装 jenkins

  1. 配置jenkins
  2. mkdir jenkins
  3. cd jenkins
  4. vim Dockerfile
  5. ----
  6. FROM jenkins
  7. USER root
  8. RUN echo '' > /etc/apt/sources.list.d/jessie-backports.list && \
  9. wget http://mirrors.163.com/.help/sources.list.jessie -O /etc/apt/sources.list
  10. RUN apt-get update && apt-get install -y git libltdl-dev
  11. ----
  12. docker build -t jenkins:v1 .

image_1ccvj5ug6dh513ii1q4ebkp6tpp.png-539kB

  1. 生成jenkins 容器:
  2. docker run -d \
  3. --name jenkins \
  4. -p 8080:8080 \
  5. -v /var/jenkins_home/:/var/jenkins_home \
  6. -v /usr/local/apache-maven-3.5.0:/usr/local/maven \
  7. -v /usr/local/jdk1.8.0_45:/usr/local/jdk \
  8. -v /var/run/docker.sock:/var/run/docker.sock \
  9. -v $(which docker):/usr/bin/docker \
  10. -v ~/.ssh:/root/.ssh \
  11. jenkins:v1
  12. ----

image_1ccvj71vd11631otnjcm168p1uk316.png-681.6kB

  1. 打开jenkins web 页面:
  2. http://172.17.100.11:8080

image_1cd1pfmp1uad12n911rs12vc4os19.png-235kB

image_1cd1pjvmv1a9adno178p1b2a1dbi1m.png-240.4kB

image_1cd1pm28246q1n4nnfi1hlbvtv2j.png-185.4kB

image_1cd1q9c1jgk2gpm1drv1qrt141h30.png-175.9kB

image_1cd1qdc8g18ma12rk1k501kcbh8v6a.png-230.6kB

3.2.3 配置tomcat镜像并提交harbor仓库

  1. 172.17.100.12 : (tomcat)
  2. 引用构建一个tomcat的基础镜像
  3. ---
  4. FROM centos:7
  5. MAINTAINER www.aliangedu.com
  6. RUN yum install unzip iproute -y
  7. ENV JAVA_HOME /usr/local/jdk
  8. ADD apache-tomcat-8.0.46.tar.gz /usr/local
  9. RUN mv /usr/local/apache-tomcat-8.0.46 /usr/local/tomcat
  10. WORKDIR /usr/local/tomcat
  11. EXPOSE 8080
  12. ENTRYPOINT ["./bin/catalina.sh", "run"]
  13. ---
  14. docker build -t 172.17.100.13/tomcat:v1 .
  15. 提交镜像到仓库:harbor
  16. docker login 172.17.100.13

image_1cd1rg1sd7it17g61mar1e801q6n.png-417.4kB
image_1cd1rh3pe2irqcpvo43pj176s74.png-568.6kB

  1. 将镜像上传打一个tag
  2. docker tag 172.17.100.13/tomcat:v1 172.17.100.13/flyfish/tomcat:v1
  3. docker push 172.17.100.13/flyfish/tomcat

image_1cd1segp01iihs3i1d541muk1p9nah.png-203.4kB

  1. 打开harbor 仓库查看是否提交

image_1cd77eau538n7v9rtnmen10ou9.png-210.6kB

image_1cd77gl6rgkq1v06hqk1ord1o7213.png-171.4kB

3.3.4 配置jenkins 构建

image_1cd77sp351ej411tlhrqvhfr291t.png-391.6kB

image_1cd77tvce9kt12u41c6n1r6kchc2a.png-51.1kB

image_1cd77v8h18141nk87dlvnvktt37.png-63.9kB

image_1cd7804qi9aeoaebe7c27d8q44.png-85.6kB

image_1cd780uuq1e916k31bt7aodff94h.png-153.1kB

image_1cd7833h1npvs0o1l4311sdjbr4u.png-311.3kB

image_1cd7858ti1hqu1g1hu2k9r61sne5b.png-150.2kB

image_1cd786bemp9j11k5hnt1ktnn4n5o.png-183.9kB

image_1cd787kn0qit16g8v5j1caa130p6l.png-376kB

image_1cd78a8i51qbh1b1p7951kq7107j8i.png-395.9kB

image_1cd78b5o81d6anl2re61bsa13fc8v.png-103.1kB

  1. 新建一个工程

image_1cd78m36vfkd16htiup5td13pk9s.png-222.4kB

image_1cd7a66fvk24h9n1ndmodbf7639.png-98.1kB

image_1cd79t0t1vq6pu21ab21msh1l.png-123.8kB

image_1cd7a3ldd18k61dg11rchcmeqf022.png-63.3kB

image_1cd7a47aq1o6g1lf9935v201rc22f.png-166.8kB

image_1cd7a4lv4k9v128516nd1ivl4ij2s.png-126.2kB

image_1cd7a7fh710of1mqg11mslmub3u3m.png-161.1kB

image_1cd7aaq2v1pcjotn8eb8l98va43.png-165.9kB

image_1cd7abhpe1q5v1euu1sup15qrbhg4g.png-77.8kB

image_1cd7ace1mlsh1dmlb0a8879p04t.png-536.3kB

image_1cd7adk4413r5189r146dsjgej35q.png-181.8kB

image_1cd7asfvc32je2vv54tfqbtl67.png-285.5kB

image_1cd9rlq4e8uk14g3169450hrrf9.png-195.3kB

image_1cd9rmrtrsch1p4obnslpc12ek16.png-230.3kB

image_1cd9rnjrmraj6go1p3310h5i5r1j.png-224.1kB

image_1cd9rodof1toaqf5oit1jon19qv20.png-738.5kB

四:容器服务注册与发现

4.1 :Consul的介绍与安装

  1. 1 、介绍
  2. Consul是一个分布式、高可用性,在基础设施中发现和配置服务的工具。
  3. 2 、安装
  4. 下载二进制Consul包:https://www.consul.io/downloads.html
  5. # unzip consul_0.9.2_linux_amd64.zip
  6. # mv consul /usr/bin
  7. 3 、部署
  8. # consul agent \
  9. -server \
  10. -bootstrap \
  11. -ui \
  12. -data-dir=/var/lib/consul-data \
  13. -bind=172.17.100.11 \
  14. -client=0.0.0.0 \
  15. -node=server01

image_1cda0bnfcja5bj61q8le1nse12d.png-242.5kB
image_1cda0erec54s1djl1c2v1t83141t37.png-315.2kB
image_1cda0eb2o1bt6g613tf1a82tcq2q.png-192.5kB

  1. 放在后台运行:
  2. nohup consul agent -server -bootstrap -ui -data-dir=/var/lib/consul-data -bind=172.17.100.11 -client=0.0.0.0 -node=server01 & > /var/log/consul.log &

4.2 consul 的相关命令

  1. 查看集群信息:
  2. consul members
  3. consul info |grep leader
  4. consul catalog services
  5. 通过 HTTP API 获取集群信息
  6. curl 127.0.0.1:8500/v1/status/peers # 集群server成员
  7. curl 127.0.0.1:8500/v1/status/leader # 集群Raft leader
  8. curl 127.0.0.1:8500/v1/catalog/services # 注册的所有服务
  9. curl 127.0.0.1:8500/v1/catalog/services/nginx # 服务信息
  10. curl 127.0.0.1:8500/v1/catalog/nodes # 集群节点详细信息

image_1cda0muc6chpni31o4q1vk71j1p3k.png-113kB
image_1cda0ncgorlf1rel1l361btf1m0e41.png-143kB


4.3手动注册一个服务到consul中

  1. curl -X PUT -d \
  2. '{"id": "jetty","name": "service_name","address": "172.17.100.12","port": 8081,"tags": ["test"],"checks": [{"http":
  3. "http://172.17.100.11:8081/","interval": "5s"}]}' \
  4. http://172.17.100.11:8500/v1/agent/service/register

image_1cda0s4ao1vdqr73pu61m891l3a4e.png-206kB

image_1cda0snde1d7teq31ukkuij11kq4r.png-244.1kB

4.3 Docker+Registrator+Consul实现容器服务自动加入Nginx集群

  1. consul- template
  2. 一个守护程序,用于实时查询consul集群数据,并更新文件系统上的任意数量的指定模板,生成配置文件,更新完成后可以选择运行任何Shell命令。
  3. gliderlabs/registrator:
  4. 检查容器运行状态自动注册和注销Docker容器的服务到服务配置中心。目前支持Consu
  5. letcdSkyDNS2
  6. https://github.com/hashicorp/consul-template
  7. https://releases.hashicorp.com/consul-template/0.19.3/consul-template_0.19.3_linux_amd64.zip

image_1cda1d8l2g901grd7pebs8198458.png-268.9kB

4.4 Docker 主机启动注册器

  1. 172.17.100.12 上面:
  2. docker run -d \
  3. --name=registrator \
  4. --net=host \
  5. -v /var/run/docker.sock:/tmp/docker.sock \
  6. --restart=always \
  7. gliderlabs/registrator:latest \
  8. -ip=172.17.100.12 \
  9. consul://172.17.100.11:8500

image_1cda1gig2su3c24t8h4l7hr5l.png-351.7kB

image_1cda1h8t31dki1iv51cod1v0rbaa62.png-522.1kB

4.5 安装nginx 服务器

  1. 172.17.100.11
  2. yum install -y gcc gcc-c++ make openssl-devel pcre-devel
  3. tar -zxvf nginx-1.12.1.tar.gz
  4. cd nginx-1.12.1/
  5. ./configure --prefix=/usr/local/nginx && make -j 2 && make install
  6. cd /usr/local/nginx
  7. sbin/nginx
  8. ps -ef |grep nginx

image_1cda1v1na5au9h4gaot5s18m17c.png-176.9kB

image_1cda1vi0d1rug1rimtaq145ckhh7p.png-153.8kB

  1. 更改nginx 的配置文件增加注册时候生成的配置文件目录
  2. cd /usr/local/nginx/conf
  3. mkdir vhost
  4. vim nginx.conf
  5. ----
  6. 在最后增加一个目录
  7. include vhost/*.conf
  8. ----

image_1cda593mcs5erorfkq85t1k3e86.png-45.8kB


4.6 配置consul-template

  1. 172.17.100.11 上面配置
  2. unzip consul-template_0.19.3_linux_amd64.zip
  3. mv consul-template /usr/bin/
  4. mkdir consul
  5. cd consul
  6. vim nginx.ctmpl
  7. ----
  8. upstream http_backend {
  9. # ip_hash;
  10. {{range service "nginx"}}
  11. server {{ .Address }}:{{ .Port }};
  12. {{ end }}
  13. }
  14. server {
  15. listen 80;
  16. server_name localhost;
  17. location / {
  18. proxy_pass http://http_backend;
  19. }
  20. }
  21. ----

image_1cda5go631lakbfa1s9somm115v8j.png-223.2kB

  1. nohup consul-template -consul-addr 172.17.100.11:8500 -template "./nginx.ctmpl:/usr/local/nginx/conf/vhost/site.conf:/usr/local/nginx/sbin/nginx -s reload" -log-level=info & > /var/log/site-nginx.log &

image_1cda5mi1s1i8vbci1e0h1iem1do49v.png-186.1kB

image_1cda5nc0p1j4mq87gqa128utulac.png-145.4kB

image_1cda5sadq1cdpu2r1ifv19ldqimb6.png-79kB

添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注