DevOps from scratch (eight): Jenkins combines Docker private servers to implement remote automated deployment

In the summary section of the previous article, "DevOps from Zero (VII): Jenkins + GitLab+Docker Deploys the SpringBoot Project", we raised the question of the security and scalability of the project! If you use a Dockerfile to package the build, the built image can only be saved to the cloud if you want to save it. If this cloud is Docker Hub, non-open source projects are very insecure, so how to make Docker images safe storage? We can build a Docker private server repository and push the built image to our private server repository to ensure the security of this image. Combined with Jenkins, wouldn't it be perfect to build an image from the main server and upload it, and then pull the image from another server and run it. This is the end of the theory, let's try it together!

First, Docker private server construction

1. Pre-condition

1. Two Centos7 operating systems (either virtual machine or host)

VMware Creating a Virtual Machine Tutorial: VMware Creating a Virtual Machine Tutorial

1. Install Docker separately for both virtual machines

Centos7 installation of Docker process: Centos7 installation of Docker process

1. Assuming it has been installed and configured, now I have two servers, as follows

(1) Main server: 192.168.1.11

(2) Project Server: 192.168.1.12

What we do is build a Docker private server repository on the main server, and then pull or commit images on the project server!!

2. The main server starts the private server warehouse container

1. Pull the latest version of the registry of the private server repository

docker pull registry

# 拉取成功后查看是否存在
docker images           

1. Create a private server image container and start it

Set up automatic startup so you don't have to start the container again after restarting docker!

docker run --restart=always \
--name myregistry -d \
-p 5000:5000 registry           

# 启动成功后查看启动状态
docker ps           

1. Use a browser to access the private server repository address

Address: http://192.168.1.11:5000/v2/_catalog

As shown in the figure, you can see that the private server container on the main server has been successfully started, but there are no uploaded images in it.

1. Create and modify the docker source file "daemon.json"

vim /etc/docker/daemon.json           

{
 		"registry-mirrors": ["https://yy28v837.mirror.aliyuncs.com"],
 		"insecure-registries":["192.168.1.11:5000"]
}           

Here's an explanation:

"registry-mirrors" is the address we configure to accelerate the download of domestic Alibaba Cloud images, you can find one at will from the Internet or you can create one yourself, the creation method borrows from a CSDN blogger's blog, Alibaba Cloud creates docker free personal container image hosting (private server) service_Aliyun container image service personal version_Jinling brick mover's blog-CSDN blog. If you are interested, you can create one by yourself to try, if you don't want to create it, you can also skip this step and use it directly in the text.

"insecure-registries" is the address of the private server warehouse, which is now the local machine.

1. Restart docker

systemctl restart docker           

3. Test whether the private server repository can successfully upload images

1. Tag images as private server repository images

Just find a random image and label this image to prove that it is a mirror image of a private server repository

docker tag testproject 192.168.1.11:5000/testproject           

Check whether the label is successfully tagged

1. Upload the tag image to the private server repository

docker push host IP: Private server port number/image name

docker push 192.168.1.11:5000/testproject           

1. The browser tests whether the upload is successful

1. As shown in the figure, you can see that the previously packaged image has been successfully uploaded!

4. The project server sets the address of the private server warehouse

1. Enter Project Server (192.168.1.12)
2. Create and set up a Docker profile

vim /etc/docker/daemon.json           

{
	"insecure-registries":["192.168.1.11:5000"]
}           

"insecure-registries" is the address of the private server warehouse

1. Restart Docker

systemctl restart docker           

1. Pull the uploaded private server image and check whether it is successful

docker pull 192.168.1.11:5000/testproject           

docker images           

At this point, the Docker private server is all done, let's combine it into Jenkins and try it!

Second, Jenkins pipeline configuration

After Docker is successfully built, we need to combine him into Jenkins, so how to combine and what is the process? In fact, it is very simple, it is two steps:

1. The Jenkins master server packages the image and uploads it to the Docker private server repository
2. SSH to Project Server, then pull the image and run

Try it, get it up!

1. Preparation

Take a look at this article I wrote earlier:

Jenkins Deploying the SpringBoot Project as a Traditional jar Package Tutorial: Jenkins Deploying a SpringBoot Project in a Traditional jar Package Tutorial

From this tutorial, except for the last step of "Execute shell" that does not need to be followed, everything else can be configured, including:

(1) Jenkins installs Maven and GitLab plugins and configures Maven globally

(2) Create a pipeline, configure the project git address and branch, and configure webhooks with GitLab

(3) Select Maven Shell and configure Maven command packaging

Once created, the effect:

(1) Source code management

(2) Build triggers

(3) Build the environment

(4) Compile the project

At this point, all the prerequisites are ready, and we start the deployment of Docker Private Server!!

2. Build a Docker image and upload it to the private server repository

1. Dockerfile is written and placed in the project root

The writing of Dockerfile files can be found at this link: Dockerfile Writing

1. In "Build Steps", after Maven is packaged, click "Add Build Action" and select "Execute shell"
2. In the selected "Execute shell", fill in the command that specifies the Dockerfile

#!/bin/bash

# 删除已经构建好的镜像
docker rmi hhproject:latest

# 使用Dockerfile来构建自己的镜像（testProject就是镜像名称，latest是版本号）
# 最后的“.”千万不要忘记加
docker build -t hhproject:latest .

# 给创建好的镜像打标签
docker tag hhproject 192.168.1.11:5000/hhproject

# 给打好标签的镜像上传的私服仓库
docker push 192.168.1.11:5000/hhproject           

1. Click Apply and Save to return to the home page of the pipeline
2. Click "Build Now" or submit the code once to see if you start building

1. After the build is successful, check the private server address in the browser to see if the image is successfully uploaded

1. As you can see, the image just pushed has been successfully pushed!

3. Write scripts on remote servers (pull images + start containers)

Create folders and script files

mkdir -p /data/registry

cd /data/registry

vim deploy.sh           

The script content deploy.sh as follows:

#!/bin/bash

# 强制删除正在运行的容器
docker rm -f hhproject

# 删除原有的私服镜像
docker rmi 192.168.1.11:5000/hhproject

# 重新拉取私服仓库的镜像
docker pull 192.168.1.11:5000/hhproject

# 根据打包好的镜像来创建容器并启动
docker run --name hhproject -p 8087:8085 -d 192.168.1.11:5000/hhproject:latest           

4, Jenkins configure SSH remote commands

Jenkins Installing the "Publish Over SSH" Plugin Tutorial: Jenkins Installing the "Publish Over SSH" Plugin Tutorial

1. In "Execute shell" just now, continue to "Add Build Operations" and select "Send files or execute commands over SSH"
2. Select Project Server in SSH Server Name, configured in the previous series of articles
3. In the last entry, Exec command, execute the startup script you just configured

sh /data/registry/deploy.sh           

After the configuration is completed, as shown in the following figure:

1. Click Apply, Save, return to the home page, click "Build Now", and test whether the build is successful

5. Test results

After the build is successful, enter the project server (192.168.1.12). We can find that the image of the private server repository has been successfully pulled and the container has been successfully started.

III. Summary

At this point, the articles on building a Docker private server and applying the private server to Jenkins remote deployment have been completed. The main technical points are: container startup of private servers, Docker configuration of remote servers, and writing scripts for remote server execution. The process is very clear: the master server builds the image and uploads it to the private server repository, and then the project server pulls the image and starts it. In fact, by this point, the "Implementing DevOps from Zero" series has come to an end, there is still an article on automating the deployment of microservices, and the project has been busy recently, and I will continue to update it when I have time. Thank you all for liking and working together!!

所有你想象的一切，皆是现实！