文章目录

• • 1 git工具使用
  • • 1.1 git安装
    • 1.2 git使用
    • 1.3 远程仓库，将数据备份到云端
  • 2.gitlab代码仓库
  • • 2.1 gitlab安装
    • 2.2 gitlab使用
  • 3.jenkins持续集成
  • 4 开发人员Dockerfile->gitlab->触发jenkins->实现镜像转发
  • • 4.1安装docker容器
    • 4.2 本机Dockerfile->gitlab->实现镜像转发
    • 4.3 开发人员Dockerfile->gitlab->触发jenkins->实现镜像转发
  • 5.jenkins结合镜像
  • • 5.1 jenkins结合ansible
    • • 1）安装ansible
      • 2）配置gitlab
      • 3）配置文件
      • 4）配置jenkins
    • 5.2 jenkins结合harbor
    • • 1）安装及配置harbor
      • 2）拉取和上传镜像
      • 3）配置jenkins
      • 4）测试本地拉取

---

环境：需要新建快照server1，2，3

1 git工具使用

• git特点:

  • 速度
  • 简单的设计
  • 对非线性开发模式的强力支持(允许成千上万个并行开发的分支)
  • 完全分布式
  • 有能力高效管理类似 Linux 内核一样的超大规模项目(速度和数据量)
  • 自诞生于 2005 年以来,Git 日臻成熟完善,在高度易用的同时,仍然保留着初期设定的目标。 它的速度飞快,极其适合管理大项目,有着令人难以置信的非线性分支管理系统。
  • Git必看秘籍:https://git-scm.com/book/zh/v2

• git 有三种状态：已提交（committed）、已修改（modified） 和 已暂存（staged）;对应三个阶段：工作区、暂存区以及 Git 目录

  • 已修改表示修改了文件，但还没保存到数据库中。
  • 已暂存表示对一个已修改文件的当前版本做了标记，使之包含在下次提交的快照中。
  • 已提交表示数据已经安全地保存在本地数据库中。
    

1.1 git安装

##新建serve1，4G内存

[root@server1 ~]# yum install -y git
[root@server1 ~]# mkdir demo
[root@server1 ~]# cd demo/
[root@server1 demo]# pwd
/root/demo

获取 Git 仓库通常有两种方式：

• 将尚未进行版本控制的本地目录转换为 Git 仓库。
• 从其它服务器克隆 一个已存在的 Git 仓库。比如： git clone

[root@server1 demo]# git init	##初始化版本库
Initialized empty Git repository in /root/demo/.git/
[root@server1 demo]# l.
.  ..  .git

1.2 git使用

[root@server1 demo]# git config --global user.name "geng"##用户信息,只用填一次信息
[root@server1 demo]# git config --global user.email "geng@qq.com"

[root@server1 demo]# touch README.txt
[root@server1 demo]# git status
[root@server1 demo]# git status -s##状态简化输出
?? README.txt

状态简览

   $ git status -s 
   M README 
   MM Rakefile A lib/git.rb
    M lib/simplegit.rb 
   ?? LICENSE.txt

创建文件并提交

[root@server1 demo]# git add README.txt ##添加README.txt
[root@server1 demo]# git status -s##A是在暂存区
A  README.txt
##退出server1，重连，能补齐
[root@server1 ~]# cd demo/
[root@server1 demo]# git commit -m "add file"##提交
[root@server1 demo]# git log##查看日志
[root@server1 demo]# ls
README.txt

修改文件并提交

[root@server1 demo]# vim README.txt 
[root@server1 demo]# cat README.txt 
westos
[root@server1 demo]# git status -s##右M是已修改
 M README.txt
[root@server1 demo]# git add README.txt
[root@server1 demo]# git status -s##左M是已修改、已添加到暂存区
M  README.txt
[root@server1 demo]# vim README.txt 
[root@server1 demo]# cat README.txt 
westos
westos
[root@server1 demo]# git status -s
MM README.txt
[root@server1 demo]# git add README.txt
[root@server1 demo]# git status -s
M  README.txt
[root@server1 demo]# git commit -m "update file"##提交暂存区内所有文件
[master 277fb60] update file
 1 file changed, 2 insertions(+)
[root@server1 demo]# git add .##添加整个目录所有的修改文件到暂存区

忽略隐藏文件

[root@server1 demo]# ls
README.txt
[root@server1 demo]# mkdir .dir
[root@server1 demo]# cd .dir/
[root@server1 .dir]# touch file1
[root@server1 .dir]# cd ..
[root@server1 demo]# git status -s
?? .dir/
[root@server1 demo]# touch .file2
[root@server1 demo]# git status -s
?? .dir/
?? .file2
[root@server1 demo]# vim .gitignore##忽略所有隐藏文件
[root@server1 demo]# cat .gitignore
.*
[root@server1 demo]# git status -s

删除本地文件，恢复方法

[root@server1 demo]# ls
README.txt
[root@server1 demo]# touch test.txt
[root@server1 demo]# git add test.txt
[root@server1 demo]# git commit -m "add test.txt"
[root@server1 demo]# git reflog
[root@server1 demo]# ls
README.txt  test.txt
[root@server1 demo]# rm -fr test.txt 
[root@server1 demo]# git status -s
 D test.txt
[root@server1 demo]# git status
# On branch master
# Changes not staged for commit:
#   (use "git add/rm <file>..." to update what will be committed)
#   (use "git checkout -- <file>..." to discard changes in working directory)
#
#	deleted:    test.txt
#
no changes added to commit (use "git add" and/or "git commit -a")
[root@server1 demo]# git checkout -- test.txt
[root@server1 demo]# ls
README.txt  test.txt

删除git中文件，指定版本号，进行版本回退

[root@server1 demo]# git rm test.txt
rm 'test.txt'
[root@server1 demo]# ls
README.txt
[root@server1 demo]# git status -s
D  test.txt
[root@server1 demo]# git commit -m "delete test.txt"
[root@server1 demo]# git reflog
8a68fcd HEAD@{0}: commit: delete test.txt
9f0af5b HEAD@{1}: commit: add test.txt
277fb60 HEAD@{2}: commit: update file
3e27cb8 HEAD@{3}: commit (initial): add file
[root@server1 demo]# git reset --hard 9f0af5b##指定版本号，进行版本回退
HEAD is now at 9f0af5b add test.txt
[root@server1 demo]# ls
README.txt  test.txt
[root@server1 demo]# git reset --hard 8a68fcd##指定版本号，进行版本回退
HEAD is now at 8a68fcd delete test.txt
[root@server1 demo]# ls
README.txt

1.3 远程仓库，将数据备份到云端

远程仓库：注册github帐号（或者是码云等国内gitee，速度更快），并新建一个仓库：

做免密，通过ssh方式上传

[root@server1 ~]# ssh-keygen
[root@server1 ~]# cd .ssh
[root@server1 .ssh]# cat id_rsa.pub

[root@server1 demo]# git push -u origin master

[root@server1 ~]# rm -fr demo
[root@server1 ~]# git clone 远端仓库ssh链接

2.gitlab代码仓库

2.1 gitlab安装

• 官网:https://about.gitlab.com/install/
• 软件下载(官方下载慢,推荐使用国内镜像站点):https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/

常用指令

 gitlab-ctl start # 启动所有 gitlab 组件 
 gitlab-ctl stop # 停止所有 gitlab 组件 
 gitlab-ctl restart # 重启所有 gitlab 组件
 gitlab-ctl status # 查看服务状态
 gitlab-ctl reconfigure # 重载服务
 gitlab-ctl tail # 查看日志

server1软件安装: (官方推荐内存至少4G内存)

[root@server1 ~]# rm -fr demo
[root@server1 ~]# ls
gitlab-ce-13.2.2-ce.0.el7.x86_64.rpm
[root@server1 ~]# yum install -y curl policycoreutils-python openssh-server
[root@server1 ~]# rpm -ivh gitlab-ce-13.2.2-ce.0.el7.x86_64.rpm 
[root@server1 ~]# vim /etc/gitlab/
[root@server1 ~]# cd /etc/gitlab/
[root@server1 gitlab]# ls
gitlab.rb
[root@server1 gitlab]# vim gitlab.rb 
external_url 'http://172.25.3.1'##访问gitlab的地址

[root@server1 gitlab]# gitlab-ctl --help
[root@server1 gitlab]# gitlab-ctl reconfigure##每次修改文件时执行
[root@server1 gitlab]# gitlab-ctl status

2.2 gitlab使用

网页访问172.25.3.1,首次登陆时强制修改密码，用户root，密码westos123。
设置中文

##查看密钥

[root@server1 gitlab]# cd
[root@server1 ~]# cd .ssh/
[root@server1 .ssh]# ls
id_rsa  id_rsa.pub
[root@server1 .ssh]# cat id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRQuasURGppGzzUP09rXfbU/puzY7n8aiOFMV65DnJM7d7xZ+s5WSmNXmWgDMDHIwR87dt7W/z77xAWsr4+gpwv8Yk0n9ZkYtslj0z7SeotB1ckMXKev2/FCeqCInyabMDjZXZRch4p2vTTdTxJL0CLp8UvR6WkkqYZcxVBjVBk2gKJzO6+ore4+pDoFJwzvaL8TK4oB6z/VrGo5M+uVlX0qyTGYeX1Hu4eb9PvRT6ewgfh9baQZikIfDeqh+Pq0cZtpD67vi/IaqLNHa2W++K0m+MR6f0wWJOwLDmVb64zIyhj2PDHwPlewugkYn56Ycz27s9cJvWPyhZJag55c8l root@server1

添加ssh密钥

新建项目

[root@server1 ~]# git clone git@172.25.3.1:root/demo.git
[root@server1 ~]# cd demo
[root@server1 demo]# ls
README.md
[root@server1 demo]# git remote -v
origin	git@172.25.3.1:root/demo.git (fetch)
origin	git@172.25.3.1:root/demo.git (push)
[root@server1 demo]# touch index.html
[root@server1 demo]# echo www.westos.org > index.html
[root@server1 demo]# git add index.html
[root@server1 demo]# git commit -m "add index.html"
[master 7cddce4] add index.html
 1 file changed, 1 insertion(+)
 create mode 100644 index.html
[root@server1 demo]# git status -s
[root@server1 demo]# git push -u origin master ###push，与远端同步数据

3.jenkins持续集成

• Jenkins是开源CI&CD软件领导者, 提供超过1000个插件来支持构建、部署、自动化, 满足任何项目的需要。

• CI(Continuous integration持续集成)持续集成强调开发人员提交了新代码之后,立刻进行构建、(单元)测试。

• CD(Continuous Delivery持续交付) 是在持续集成的基础上，将集成后的代码部署到更贴近真实运行环境(类生产环境)中。

##新建serve2，2G内存
[root@server2 ~]# ls
jdk-8u171-linux-x64.rpm  jenkins-2.293-1.1.noarch.rpm
[root@server2 ~]# rpm -ivh jdk-8u171-linux-x64.rpm jenkins-2.293-1.1.noarch.rpm 
[root@server2 jenkins]# systemctl start jenkins

##更新插件源:

[root@server2 jenkins]# vim /var/lib/jenkins/hudson.model.UpdateCenter.xml

<?xml version='1.1' encoding='UTF-8'?>
<sites>
<site>
<id>default</id>
<url>http://172.25.3.250/update-center.json</url>
</site>

%s/updates.jenkins.io\/download/mirrors.tuna.tsinghua.edu.cn\/jenkins/g
{"connectionCheckUrl":"http://www.baidu.com/",
[root@server2 jenkins]# systemctl reload jenkins

• 访问: http://172.25.3.2:8080
  使用初始密码登录:cat /var/lib/jenkins/secrets/initialAdminPassword
  安装默认插件即可,使用admin用户,登录后修改密码 。

会有一些插件安装错误，直接继续，开始登陆

• 去设置里update site，即可自动安装更新安装失败的插件
  

• 设置中文
  安装插件“Locale和Localization: Chinese (Simplified)

• 创建一个*风格任务

• 添加server2的私钥

[root@server2 ~]# ssh-keygen 
[root@server2 ~]# cd .ssh/
[root@server2 .ssh]# ls
id_rsa  id_rsa.pub
[root@server2 .ssh]# cat id_rsa

[root@server2 ~]# yum install git -y

[root@server1 demo]# ls
index.html  README.md
[root@server1 demo]# vim index.html 
[root@server1 demo]# cat index.html 
www.westos.org
www.westos.org
www.westos.org
www.westos.org
[root@server1 demo]# git commit -a -m "v1"
[root@server1 demo]# git status -s
[root@server1 demo]# git push -u origin master

网页查看http://172.25.3.1/，http://172.25.3.2:8080/都会同步数据

4 开发人员Dockerfile->gitlab->触发jenkins->实现镜像转发

4.1安装docker容器

[root@server2 ~]# cd /etc/yum.repos.d/
[root@server2 yum.repos.d]# vim docker.repo
[root@server2 yum.repos.d]# cat docker.repo
[docker]
name=docker
baseurl=http://172.25.3.250/docker-ce
gpgcheck=0

[root@server2 yum.repos.d]# yum repolist
Loaded plugins: product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
docker                                                                       | 3.0 kB  00:00:00     
docker/primary_db                                                            |  12 kB  00:00:00     
repo id                                        repo name                                      status
docker                                         docker                                            17
dvd                                            rhel7.6                                        5,152
repolist: 5,169
[root@server2 yum.repos.d]# yum install docker-ce -y

[root@server2 ~]# systemctl start docker
[root@server2 ~]# systemctl enable --now docker
[root@server2 ~]# docker info
[root@server2 ~]# vim /etc/sysctl.d/docker.conf 
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
[root@server2 ~]# sysctl --system

4.2 本机Dockerfile->gitlab->实现镜像转发

拉取镜像

[root@server2 ~]# docker pull nginx
[root@server2 ~]# docker run -d --name demo -p 80:80 nginx
42c9fd2051d37a501f138d2ac755566263ab75dbc18eff0baa468cd5c1f5cde9
[root@server2 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
42c9fd2051d3        nginx               "/docker-entrypoint.…"   9 seconds ago       Up 8 seconds        0.0.0.0:80->80/tcp   demo
本地测试
[root@server2 ~]# vim index.html
[root@server2 ~]# cat index.html
www.westos.org
[root@server2 ~]# docker cp index.html demo:/usr/share/nginx/html
[root@server2 ~]# curl localhost
www.westos.org
[root@server2 ~]# vim index.html
[root@server2 ~]# docker cp index.html demo:/usr/share/nginx/html	##nginx默认发布页
[root@server2 ~]# curl localhost
www.westos.org
www.westos.org
www.westos.org
[root@server2 ~]# docker rm -f demo

Dockerfile

[root@server1 demo]# vim Dockerfile
[root@server1 demo]# cat Dockerfile
FROM nginx
COPY index.html /usr/share/nginx/html	
[root@server1 demo]# cat index.html 
www.westos.org
www.westos.org
www.westos.org
www.westos.org
[root@server1 demo]# git status -s
?? Dockerfile
[root@server1 demo]# git add Dockerfile
[root@server1 demo]# git commit -m "v2"
[root@server1 demo]# git push -u origin master

[root@server2 ~]# ll /var/run/docker.sock 
srw-rw---- 1 root docker 0 May 15 17:02 /var/run/docker.sock
[root@server2 ~]# chmod 777 /var/run/docker.sock

4.3 开发人员Dockerfile->gitlab->触发jenkins->实现镜像转发

网页手动触发http://172.25.3.2:8080/ ->项目test配置bulid

• 安装插件
  - 编写bulid
  
  

• 手动触发
  
  

• gitlab触发

[root@server1 demo]# vim index.html 
[root@server1 demo]# cat index.html 
www.westos.org
www.westos.org
[root@server1 demo]# git commit -a -m "v3"
[master 8e19b34] v3
 1 file changed, 2 deletions(-)
[root@server1 demo]# git push -u origin master
[root@server2 ~]# docker rm -f demo
demo
[root@server2 ~]# docker images
REPOSITORY                 TAG                 IMAGE ID            CREATED             SIZE
localhost:5000/webserver   7                   a1c5ea4dd34b        3 minutes ago       133MB
localhost:5000/webserver   latest              a1c5ea4dd34b        3 minutes ago       133MB
localhost:5000/webserver   6                   56de7b4533eb        8 minutes ago       133MB
nginx                      latest              f0b8a9a54136        3 days ago          133MB
[root@server2 ~]# docker run -d --name demo -p 80:80 localhost:5000/webserver
f025238836e193bee9cf3c37042b961bdbe1a8e790c7704f75f44fc221526b3e
[root@server2 ~]# curl localhost
www.westos.org
www.westos.org

%%%%%%%%%%%%%%%%%%%%%%2021-5-16

[root@server2 ~]# docker pull registry
[root@server2 ~]# docker run -d --name registry -v /opt/registry:/var/lib/registry -p 5000:5000 registry
6245f5603039fbee9d9db9bed3f9d0677487d210ba7b15c51a818604e436a0a2
[root@server2 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
6245f5603039        registry            "/entrypoint.sh /etc…"   3 seconds ago       Up 3 seconds        0.0.0.0:5000->5000/tcp   registry
[root@server2 ~]# chmod 777 /var/run/docker.sock 
[root@server2 ~]# ll /var/run/docker.sock
srwxrwxrwx 1 root docker 0 May 16 09:44 /var/run/docker.sock

网页http://172.25.3.2:8080/job/test/，勾掉test构建中的skip push
###jenkins用户可以执行docker

[root@server2 ~]# usermod -s /bin/bash jenkins
[root@server2 ~]# su - jenkins
-bash-4.2$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
6245f5603039        registry            "/entrypoint.sh /etc…"   15 minutes ago      Up 15 minutes       0.0.0.0:5000->5000/tcp   registry
-bash-4.2$ docker images
REPOSITORY                 TAG                 IMAGE ID            CREATED             SIZE
localhost:5000/webserver   7                   a1c5ea4dd34b        17 hours ago        133MB
localhost:5000/webserver   latest              a1c5ea4dd34b        17 hours ago        133MB
localhost:5000/webserver   6                   56de7b4533eb        17 hours ago        133MB
nginx                      latest              f0b8a9a54136        3 days ago          133MB
registry                   latest              1fd8e1b0bb7e        4 weeks ago         26.2MB

-bash-4.2$ docker run -d --name demo -p 80:80 localhost:5000/webserver
443546f4b093a2d5ba1497a3b909aa1cd12d8b6256c5dc0cc2da5cb147278a05
-bash-4.2$ docker ps

网页http://172.25.3.2:8080/，新建docker项目，关联test，创建shell命令

• 新建docker*风项目
  

• 关联test

• 创建shell命令
  

docker ps | grep webserver && docker rm -f webserver
sleep 1
docker run -d --name webserver -p 80:80 172.25.3.2:5000/webserver:latest

• 手动触发docker
  

• 查看docker控制台输出
  
  

[root@server2 ~]# docker ps##有webserver运行
CONTAINER ID        IMAGE                             COMMAND                  CREATED             STATUS              PORTS                    NAMES
c637448b0440        localhost:5000/webserver:latest   "/docker-entrypoint.…"   46 seconds ago      Up 45 seconds       0.0.0.0:80->80/tcp       webserver
6245f5603039        registry                          "/entrypoint.sh /etc…"   25 minutes ago      Up 25 minutes       0.0.0.0:5000->5000/tcp   registry

原理：git->push->gitlab->triger->jenkins->test(from docker file bulid image and push image to registry)->triger->docker(docker run container)

5.jenkins结合镜像

新建server3，安装docker

[root@server3 ~]# vim /etc/yum.repos.d/docker.repo
[root@server3 ~]# cat /etc/yum.repos.d/docker.repo
[docker]
name=docker
baseurl=http://172.25.3.250/docker-ce
gpgcheck=0

[root@server3 ~]# yum install docker-ce -y
[root@server3 ~]# systemctl start docker
[root@server3 ~]# systemctl enable --now docker
[root@server3 ~]# docker info
[root@server3 ~]# vim /etc/sysctl.d/docker.conf 
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
[root@server3 ~]# sysctl --system

[root@server3 ~]# vim /etc/docker/daemon.json
[root@server3 ~]# cat /etc/docker/daemon.json
{
  "insecure-registries": ["172.25.3.2:5000"]
}

[root@server3 ~]# systemctl reload docker
[root@server3 ~]# docker info
 Insecure Registries:
  172.25.3.2:5000
  127.0.0.0/8


[root@server2 yum.repos.d]# docker rm -f webserver 
[root@server2 yum.repos.d]# docker push localhost:5000/webserver:latest

[root@server3 docker]# docker pull 172.25.3.2:5000/webserver:latest##能拉取

安装插件ssh

添加凭据

docker ps | grep webserver && docker rm -f webserver
sleep 1
docker rmi 172.25.3.2:5000/webserver:latest
sleep 1
docker run -d --name webserver -p 80:80 172.25.3.2:5000/webserver:latest

手动触发，拉取镜像成功

[root@server1 ~]# cd demo/
[root@server1 demo]# vim index.html 
[root@server1 demo]# cat index.html 
www.li.org
www.li.org
[root@server1 demo]# git commit -a -m "v5"
[root@server1 demo]# git push -u origin master 
[root@server3 docker]# curl localhost
www.li.org
www.li.org

5.1 jenkins结合ansible

1）安装ansible

[root@zhenji ~]# cd /var/www/html/
[root@zhenji html]# ls
ansible  
[root@zhenji ansible]# ls
ansible-2.7.8-1.el7.noarch.rpm                 python-httplib2-0.9.2-0.1.el7.noarch.rpm
ansible-2.8.5-1.el7.noarch.rpm                 python-keyczar-0.71c-2.el7.noarch.rpm
ansible-tower-setup-bundle-3.4.2-1.el7.tar.gz  python-paramiko-2.1.1-0.9.el7.noarch.rpm
libtomcrypt-1.17-25.el7.x86_64.rpm             repodata
libtommath-0.42.0-5.el7.x86_64.rpm             roles
python2-crypto-2.6.1-13.el7.x86_64.rpm         sshpass-1.06-1.el7.x86_64.rpm
python2-jmespath-0.9.0-1.el7.noarch.rpm

[root@server2 yum.repos.d]# vim ansible.repo
[root@server2 yum.repos.d]# cat ansible.repo 
[ansible]
name=ansible 2.8
baseurl=http://172.25.3.250/ansible
gpgcheck=0
[root@server2 yum.repos.d]# yum install ansible -y

2）配置gitlab

网页http://172.25.3.1,gitlab新建项目playbook

3）配置文件

[root@server1 ~]# git clone git@172.25.3.1:root/playbook.git

创建 devops用户

[root@server3 docker]# docker rm -f webserver
[root@server3 docker]# useradd devops
[root@server3 docker]# passwd devops

免密

[root@server2 ~]# su - jenkins
-bash-4.2$ ssh-keygen
-bash-4.2$ ssh-copy-id devops@172.25.3.3

ansible配置文件

[root@server3 ~]# visudo
root    ALL=(ALL)       ALL##添加devops
devops  ALL=(ALL)       NOPASSWD: ALL

[root@server1 ~]# cd playbook/
[root@server1 playbook]# ls
README.md
[root@server1 playbook]# vim ansible.cfg
[root@server1 playbook]# cat playbook.yml 
---
- hosts: all
  tasks:
  - name: install apache
    yum:
      name: httpd
      state: present
  - name: config apache
    template:
      src: httpd.conf.j2
      dest: /etc/httpd/conf/httpd.conf
    notify: restart apache
  - name: enable apache
    service:
      name: httpd
      state: started
      enabled: yes
  - name: create index.html
    lineinfile:
      path: /var/www/html/index.html
      create: yes
      line: "{{ ansible_hostname }}"
  handlers:
  - name: restart apache
    service:
      name: httpd
      state: restarted

[root@server3 ~]# scp /etc/httpd/conf/httpd.conf server1:/root/playbook/httpd.conf.j2

[root@server1 playbook]# vim httpd.conf.j2 
Listen {{ http_port }}##改成变量
[root@server1 playbook]# mkdir inventry
[root@server1 playbook]# cd inventry/
[root@server1 inventry]# vim prod
[root@server1 inventry]# cat prod
[prod]
172.25.3.3 :80
[root@server1 inventry]# vim test
[root@server1 inventry]# cat test
[test]
172.25.3.1:8000
[root@server1 inventry]# cd ..
[root@server1 playbook]# git add .
[root@server1 playbook]# git status -s
[root@server1 playbook]# git commit -m "add playbook"
[root@server1 playbook]# git push -u origin master 

查看，上传成功

[root@server1 playbook]# useradd devops
[root@server1 playbook]#  passwd devops

[root@server2 ~]# su - jenkins
-bash-4.2$ ssh-keygen
-bash-4.2$ ssh-copy-id devops@172.25.3.1

[root@server1 ~]# visudo
root    ALL=(ALL)       ALL##添加devops
devops  ALL=(ALL)       NOPASSWD: ALL

<font color=blue

4）配置jenkins

http://172.25.3.2:8080/，新建项目ansible

[root@server1 inventry]# curl 172.25.3.1:8000
server1

[root@server1 playbook]# curl 172.25.3.3
server3

5.2 jenkins结合harbor

1）安装及配置harbor

[root@server3 ~]# ls
docker-compose-Linux-x86_64-1.27.0  harbor-offline-installer-v1.10.1.tgz
[root@server3 ~]# mv docker-compose-Linux-x86_64-1.27.0 /usr/local/bin/docker-compose
[root@server3 ~]# chmod +x /usr/local/bin/docker-compose
[root@server3 ~]# tar zxf harbor-offline-installer-v1.10.1.tgz 
[root@server3 harbor]# vim harbor.yml 
hostname: reg.westos.org
  certificate: /data/certs/westos/org.crt
  private_key: /data/certs/westos/org.key
harbor_admin_password: westos

[root@server3 harbor]# mkdir /data
[root@server3 harbor]# cd /data/
[root@server3 data]# mkdir certs
[root@server3 data]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/westos.org.key -x509 -days 365 -out certs/westos.org.crt
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:shanxi
Locality Name (eg, city) [Default City]:xian
Organization Name (eg, company) [Default Company Ltd]:westos
Organizational Unit Name (eg, section) []:linux
Common Name (eg, your name or your server's hostname) []:reg.westos.org
Email Address []:root@westos.org

[root@server3 harbor]# systemctl disable --now httpd.service 
[root@server2 ~]# docker rm -f registry 
[root@server3 harbor]# ./install.sh 

网页访问https://172.25.3.3/，用户admin，密码westos，登陆harbor仓库

2）拉取和上传镜像

[root@server2 ~]# ls
game2048.tar  
[root@server2 ~]# docker load -i game2048.tar 
[root@server2 ~]# vim /etc/hosts
172.25.3.3 server3 reg.westos.org
[root@server2 ~]# docker tag game2048:latest reg.westos.org/library/game2048:latest
[root@server3 ~]# scp /data/certs/westos.org.crt server2:/etc/docker/certs.d/reg.westos.org/ca.crt
[root@server2 ~]# docker login reg.westos.org
Username: admin
Password: 
[root@server2 ~]# docker push reg.westos.org/library/game2048##此时能上传

[root@server3 ~]# vim /etc/hosts
172.25.3.3 server3 reg.westos.org
[root@server3 ~]# cd /etc/docker/
[root@server3 docker]# mkdir certs.d
[root@server3 docker]# cd certs.d/
[root@server3 certs.d]# mkdir reg.westos.org
[root@server3 certs.d]# cp /data/certs/westos.org.crt reg.westos.org/ca.crt
[root@server3 certs.d]# cd
[root@server3 ~]# docker pull reg.westos.org/library/game2048
[root@server3 ~]# docker run -d --name game2048 -p 8080:80 reg.westos.org/library/game2048:latest

网页访问http://172.25.3.3:8080/

3）配置jenkins

http://172.25.3.2:8080，修改test



禁用docker

手动触发test

镜像上传成功

4）测试本地拉取

[root@server3 ~]# cd /etc/docker/
[root@server3 docker]# vim daemon.json 
[root@server3 docker]# cat daemon.json 
{
  "registry-mirrors": ["https://reg.westos.org"]
}
[root@server3 docker]# systemctl reload docker.service        

然后起开docker项目，并配置

手动触发docker

部署成功

[root@server3 docker]# docker images|grep webserver
webserver                         latest                           95aed160e406        3 hours ago         133MB
[root@server3 docker]# docker ps | grep webserver
f72c6179b18e        webserver:latest                                          "/docker-entrypoint.…"   56 seconds ago      Up 55 seconds             80/tcp                                        webserver
[root@server3 docker]# docker inspect webserver
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.3",

[root@server3 docker]# curl 172.17.0.3
www.li.org
www.li.org