安装基于docker swarm mode自动化运维架构,该文档用于搭建测试环境使用,不做生产使用.
1. 环境准备
| 角色 | IP | 组件 |
|---|---|---|
| Console节点 | 192.168.1.99 | docker,consul,swarm-manager,nginx,jenkins,java,maven,harbor |
| 集群Master | 192.168.1.97 | docker,docker-proxy,swarm-agent,registrator,haproxy |
| 集群Worker | 192.168.1.96 | docker,,docker-proxy,swarm-agent,registrator,haproxy |
2. 组件说明
- Consul: 主要用于服务发现以及共享配置
- Registrator: 服务自动注册,需在每个节点上部署
- Haproxy: 配合Registrator实现服务自动发现和自动代理
- Jenkins: 用于代码自动构建持续集成
- Gitlab: 代码仓库
- Harbor: 镜像仓库
- Nginx: 反向代理
- Docker-proxy: 代理docker 2375端口
3. 持续集成与自动构建
4. 集群路由示意图
5. 集群架构图
6. 访问地址
- Jenkins: http://192.168.1.99:8080 用户名:admin 密码:123456
- Gitlab: http://192.168.1.96/ 用户名:root 密码:12345678
- Harbor: http://192.168.1.99/ 用户名:admin 密码:Xfxb@2016
- Doreamon: http://192.168.1.99:8099 用户名:admin 密码:123456
7. 安装步骤
7.1 安装准备 (==所有服务器执行==)
7.1.1 配置Docker Yum源
curl -o /etc/yum.repos.d/docker-ce.repo https://file-1252926814.cos.ap-guangzhou.myqcloud.com/docker-17-05.repo
7.1.2 安装Docker
yum -y install docker-engine
7.1.3 配置docker启动参数
mkdir -p /etc/docker
cat <<EOF > /etc/docker/daemon.json
{
"insecure-registries": ["192.168.1.99"],
"log-opts": {
"max-size": "100m",
"max-file": "10"
},
"graph": "/data/docker/"
}
EOF
7.1.4 设置开机启动
systemctl start docker && systemctl enable docker
7.2 安装Console节点 (==192.168.1.99==)
7.2.1 安装Harbor
wget https://storage.googleapis.com/harbor-releases/release-1.5.0/harbor-offline-installer-v1.5.1.tgz
tar xvf harbor-offline-installer-v1.5.1.tgz
# 修改harbor.cfg
# 执行./install.sh --with-clair
# 修改admin密码Xfxb@2016
7.2.2 安装Consul,Swarm Manager
docker run -d \
-p 8300:8300 \
-p 8301:8301 \
-p 8301:8301/udp \
-p 8302:8302 \
-p 8302:8302/udp \
-p 8400:8400 \
-p 8500:8500 \
-p 8600:53 \
-p 53:53/udp \
-v /data/volume-xfxb/consul:/data \
-h ops01.consul.goshm.com \
--restart=always \
--name=consul 192.168.1.99/test/consul:0.5.2 -server -bootstrap -ui-dir=/ui -dc=ops01_dc -advertise 192.168.1.99 -client 0.0.0.0
docker run -ti -d \
--restart=always -p 3375:3375 \
--label registrator.ignored=true \
--name dora-manager 192.168.1.99/test/swarm:latest \
manage --replication \
--addr 192.168.1.99:3375 \
--host tcp://0.0.0.0:3375 consul://192.168.1.99:8500
7.2.3 安装JDK
curl -o /tmp/java.tar.gz https://file-1252926814.cos.ap-guangzhou.myqcloud.com/jdk-8u172-linux-x64.tar.gz
mkdir -p /usr/java
tar -zxvf /tmp/java.tar.gz -C /usr/java
ln -s /usr/java/jdk1.8.0_172/bin/java /usr/bin/java
# 配置环境变量
cat /etc/profile
JAVA_HOME=/usr/java/jdk1.8.0_172
JRE_HOME=/usr/java/jdk1.8.0_172/jre
PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
export JAVA_HOME JRE_HOME PATH CLASSPATH
source /etc/profile
7.2.4 安装Jenkins
sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
yum -y install jenkins
# 修改配置文件启动用户为root /etc/sysconfig/jenkins
systemctl start jenkins
systemctl enable jenkins
7.2.5 安装maven
wget http://apache.fayea.com/maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-bin.tar.gz
tar -zxvf apache-maven-3.3.9-bin.tar.gz
mv apache-maven-3.3.9 /usr/apache-maven-3.3.9
# 配置环境变量
cat /etc/profile
# maven环境变量
export MAVEN_HOME=/usr/apache-maven-3.3.9
export PATH=$PATH:$JAVA_HOME/bin:$MAVEN_HOME/bin
# 使环境变量立刻生效
source /etc/profile
# 验证是是否成功
mvn -v
7.2.6 Jenkins安装插件
需安装以下插件
- Git Parameter
- Git
- Gitlab Hook
- Gitlab Authentication plugin
- GitLab Plugin
- Build Authorization Token
- Maven Integration
7.2.7 安装nginx
由于80端口被harbor占用,需修改监听80端口为81端口
yum install epel-release
yum -y install nginx
systemctl start nginx
systemctl enable nginx
# 添加配置文件
cat /etc/nginx/conf.d/ops-docker.conf
upstream ops01-services{
server 192.168.1.97:80;
server 192.168.1.96:80;
}
upstream ops01-swarm-mode{
server 192.168.1.97:2375;
}
upstream ops01-swarm{
server 192.168.1.99:3375;
}
server {
listen 2375;
server_name docker.ops01.youmenlu.com;
access_log /var/log/nginx/access_test02.log;
location ~ ^/v1.29/* {
proxy_pass http://ops01-swarm-mode;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~ ^/v1.27/* {
proxy_pass http://ops01-swarm-mode;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~ ^/v1.24/* {
proxy_pass http://ops01-swarm;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 81;
server_name *.ops01.goshm.com;
access_log /var/log/nginx/access_ops01_service.log main;
location / {
proxy_pass http://ops01-services;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# 重新加载
/usr/sbin/nginx -s reload
7.2.8 部署Doraemon运维平台
docker run --restart always -p 3306:3306 --name dora-db -e MYSQL_ROOT_PASSWORD=123456 -d 192.168.1.99/test/mysql:5.6.40
docker run --restart always -p 8099:8099 --name doraemon -d 192.168.1.99/test/doraemon:v1.0.2
7.3 安装集群Master (==192.168.1.97==)
# 使用init命令创建Swarm mode集群
docker swarm init
# 记录以下生成的Token,集群节点加入需使用
# docker swarm join \
# --token SWMTKN-1-05kdsu8kpqg1ayjvvizpyruxr1l8anpf6th2r1t6xk3mbwcl2l-bbaq4liaexarpry09tzyzwksz \
# 192.168.1.97:2377
# 安装docker-proxy 代理2375端口
docker run -ti -d \
-p 2375:2375 \
--hostname=`hostname` \
--restart=always \
--name dora-proxy \
--label registrator.ignored=true \
-v /var/run/docker.sock:/var/run/docker.sock \
-e PORT=2375 \
192.168.1.99/test/docker-proxy:latest
# 安装swarm-agent
docker run -ti -d \
--restart=always \
--label registrator.ignored=true \
--name dora-agent \
192.168.1.99/test/swarm:latest \
join --addr `ifconfig eth0|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $2}'|tr -d 'addr:'`:2375 \
consul://192.168.1.99:8500
# 创建集群网络
docker network create -d overlay my-net
# 使用运维平台部署
# haproxy
# dora-registrator
7.4 安装集群Worker节点 (==192.168.1.96==)
7.4.1 加入集群
# 使用Master节点生成的Token加入集群
docker swarm join \
--token SWMTKN-1-05kdsu8kpqg1ayjvvizpyruxr1l8anpf6th2r1t6xk3mbwcl2l-bbaq4liaexarpry09tzyzwksz \
192.168.1.97:2377
# 安装swarm-agent
docker run -ti -d \
--restart=always \
--label registrator.ignored=true \
--name dora-agent \
192.168.1.99/test/swarm:latest \
join --addr `ifconfig eth0|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $2}'|tr -d 'addr:'`:2375 \
consul://192.168.1.99:8500
# 安装docker-proxy
docker run -ti -d \
-p 2375:2375 \
--hostname=`hostname` \
--restart=always \
--name dora-proxy \
--label registrator.ignored=true \
-v /var/run/docker.sock:/var/run/docker.sock \
-e PORT=2375 \
192.168.1.99/test/docker-proxy:latest
7.4.2 安装Gitlab
# 使用docker镜像安装
docker run -d --label registrator.ignored=true --hostname 127.0.0..1 -p 80:80 --name gitlab-ce --restart always 192.168.1.99/test/gitlab-ce
# 设置 Outbound requests: Allow requests to the local network from hooks and services
# 配置项目WebHook地址为: http://192.168.1.99:8099/gitHooks
8. 结束
测试集群安装完成,根据以上访问地址访问相对应的项目即可.
自动构建按照CI流程即可用运维平台完成代码的从提交到自动构建到部署.