DevOps
- Gitlab CE
- Jenkins
- Nexus
Gitlab CE
https://hub.docker.com/r/gitlab/gitlab-ce/
https://docs.gitlab.com/omnibus/docker/README.html
$ docker pull gitlab/gitlab-ce
sudo docker run --detach --hostname gitlab.example.com --publish 443:443 --publish 80:80 --publish 22:22 --name gitlab --restart always --volume /srv/gitlab/config:/etc/gitlab --volume /srv/gitlab/logs:/var/log/gitlab --volume /srv/gitlab/data:/var/opt/gitlab gitlab/gitlab-ce:latest
或者(启用SELinux的情况)
sudo docker run --detach --hostname gitlab.example.com --publish 443:443 --publish 80:80 --publish 22:22 --name gitlab --restart always --volume /srv/gitlab/config:/etc/gitlab:Z --volume /srv/gitlab/logs:/var/log/gitlab:Z --volume /srv/gitlab/data:/var/opt/gitlab:Z gitlab/gitlab-ce:latest
Local location Container location Usage
/srv/gitlab/data /var/opt/gitlab For storing application data
/srv/gitlab/logs /var/log/gitlab For storing logs
/srv/gitlab/config /etc/gitlab For storing the GitLab configuration files
其中gitlab.example.com(可不必)替换成自己的服务器域名或者ip地址,首次运行,数据库资料、文件链接等都会自动被创建,用logs查看情况:
$ sudo docker logs gitlab -f
配置文件:/etc/gitlab/gitlab.rb
可以用exec -it去编辑:
$ sudo docker exec -it gitlab vi /etc/gitlab/gitlab.rb
配置后,用restart重启
$ sudo docker restart gitlab
关于配置文件:
external_url 如果是https,可配置下,因为是在容器中,默认的80端口不需要修改。
https、SMTP详细配置:
https://docs.gitlab.com/omnibus/settings/nginx.html#enable-https
https://docs.gitlab.com/omnibus/settings/smtp.html
Jenkins
https://hub.docker.com/r/jenkinsci/blueocean/
https://jenkins.io/doc/book/installing/#docker
$ docker pull jenkinsci/blueocean
docker run -d -p 8080:8080 -v jenkins-data:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock --name jenkins --restart always jenkinsci/blueocean
官方版本:
docker run -u root --rm -d -p 8080:8080 -p 50000:50000 -v jenkins-data:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock jenkinsci/blueocean
详细介绍见前面的#docker链接
运行后,通过 docker logs jenkins -f 能看到初始管理员密码,如果没看见,可以用下面命令查看:
$ docker exec -it jenkins cat /var/jenkins_home/secrets/initialAdminPassword
打开浏览器,输入初始密码,进入安装向导,按提示配置即可。
常用插件:(**开头的应该是自带的,*为其他)
Ansible pllugin
AnsiColor
Artifactory Plugin
**Blue Ocean
Consul Plugin
Delivery Pipeline Plugin
Docker plugin
GitLab Plugin
Marathon Deployment
Maven Dependency Update Trigger
Maven Info Plugin
Maven Metadata Plugin for Jenkins CI server
Maven Release Plug-in Plug-in
Maven Repository Server Plugin
MSBuild Plugin
NodeJS Plugin
packer
Parameterized Scheduler
Pipeline Maven Integration Plugin
Pipeline NPM Integration Plugin
SSH Agent Plugin
Terraform Plugin
**Timestamper
Unleash Maven Plugin
*Gogs plugin
Nexus
https://hub.docker.com/r/sonatype/nexus3/
https://github.com/sonatype/docker-nexus3
https://www.sonatype.com/download-oss-sonatype
支持: Bower Docker Git LFS Maven npm NuGet PyPI Ruby Gems Yum Proxy
$ docker pull sonatype/nexus3
映射卷注意:因为nexus-data要求UID 200,下面是创建一个nexus-data卷后,用inspect命令查看路径,
然后手动设置本机实际路径所有者为UID 200后,再调用run命令,否则会启动失败。
docker volume create --name nexus-data
docker volume inspect nexus-data
sudo chown -R 200 /var/lib/docker/volumes/nexus-data/_data
docker run -d -p 8081:8081 -v nexus-data:/nexus-data --restart always --name nexus sonatype/nexus3
如果将配置Docker仓库在5001,还有加入 -p 5001:5001,如下:
docker run -d -p 8081:8081 -p 5001:5001 -v nexus-data:/nexus-data --restart always --name nexus sonatype/nexus3
其他类同。
用 docker logs -f nexus 查看启动日志。
测试释放成功:curl -u admin:admin123 http://localhost:8081/service/metrics/ping
更详细见:https://hub.docker.com/u/sonatype/
Default credentials are: admin / admin123
-----------------
Docker Hub(私有)
-----------------
官方:https://hub.docker.com/_/registry/
参考:https://docs.docker.com/registry/deploying/
$ docker run -d -p 5000:5000 --restart=always --name registry registry
查看有几个仓库
http://RegistryServer:5000/v2/_catalog
查看某个仓库的tags
http://RegistryServer:5000/v2/RegistryName/tags/list
存储选项(-v 宿主机全路径:容器全路径[:ro|rw],在类UNIX系统中`pwd`返回当前目录)
-v `pwd`/data:/var/lib/registry
这行意思是将当前目录下的data目录,作为容器/var/lib/registry的映射目录。
注意:Windows系统,路径要用/代替\,并且在Docker配置Shared Drivers里开启了对应盘符的共享。
假设私有Docker Hub主机名是RegistryServer,当然IP也可以,用tag命令打一个新标签,然后用push推送到服务器:
$ docker tag m2nlight/static_web RegistryServer:5000/m2nlight/static_web
$ docker images
$ docker push RegistryServer:5000/m2nlight/static_web
如果push失败:
Get https://RegistryServer:5000/v1/_ping: http: server gave HTTP response to HTTPS client
需要在客户机的Docker加入对服务器的信任配置:
mac: 进入Docker配置的Advanced页,在Insecure registries列表里加入如:RegistryServer:5000
win: 进入Docker设置的Docker Daemon选项,在右边的json格式文本框的insecure-registries后加入:RegistryServer:5000
linux: $ vim /etc/docker/daemon.json
{
"insecure-registries": ["RegistryServer:5000"]
}
$ systemctl restart docker
重启客户机Docker生效。
被tag的“镜像”,同样适用其他镜像操作,比如rmi“删除”。
-----------------
Registry Frontend
-----------------
https://hub.docker.com/r/konradkleine/docker-registry-frontend/
https://github.com/kwk/docker-registry-frontend
$ konradkleine/docker-registry-frontend:v2
注意:v2是最新版本。
sudo docker run -d -e ENV_DOCKER_REGISTRY_HOST=192.168.48.10 -e ENV_DOCKER_REGISTRY_PORT=5000 -e ENV_MODE_BROWSE_ONLY=true -p 8080:80 --restart=always --name=registry-frontend konradkleine/docker-registry-frontend:v2
更多参数:
(1)Docker registry using SSL encryption
-e ENV_DOCKER_REGISTRY_USE_SSL=1
(2)SSL encryption
-e ENV_USE_SSL=yes -v $PWD/server.crt:/etc/apache2/server.crt:ro -v $PWD/server.key:/etc/apache2/server.key:ro -p 443:443 (3)Use the application as the registry
-e ENV_REGISTRY_PROXY_FQDN=ENTER-YOUR-APPLICATION-HOST-HERE -e ENV_REGISTRY_PROXY_PORT=ENTER-PORT-TO-YOUR-APPLICATION-HOST-HERE -e ENV_USE_SSL=yes -v $PWD/server.crt:/etc/apache2/server.crt:ro -v $PWD/server.key:/etc/apache2/server.key:ro -p 443:443 (4)其他
-e ENV_MODE_BROWSE_ONLY=true
-e ENV_DEFAULT_REPOSITORIES_PER_PAGE=50
更多见 https://hub.docker.com/r/konradkleine/docker-registry-frontend/
原文地址:https://www.cnblogs.com/Bob-wei/p/8296102.html
时间: 2024-08-09 08:36:49