version: '3.7'
services:
  webserver:
    build: ./docker-cmdb/cmdb
    container_name: cmdb_server
    command:
      - /bin/bash
      - -c
      - |
        cd /opt/auto_cmdb
        pip3 install pymysql
        python3 manage.py makemigrations
        python3 manage.py migrate
        uwsgi --ini conf/auto_cmdb_uwsgi.ini
    restart: always
    expose:
      - "8000"
    networks:
      - jumpserver-test
    depends_on:
      - mysql
      - redis
      - rabbitmq
    ports:
      - "9000:8000"

  mysql:
    image:  mysql/mysql-server:5.7
    container_name: mysql_server
    command:  --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
    tty: true
    volumes:
      - type: bind
        source: ./docker-cmdb/mysql/init.sql
        target: /docker-entrypoint-initdb.d/init.sql
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: QFedu123!
    expose:
      - "3306"
    networks:
      - jumpserver-test

  redis:
    image: redis:alpine
    container_name: redis_server
    volumes:
      - type: volume
        source: redis
        target: /etc/redis.conf
    restart: always
    expose:
      - "6379"
    networks:
      - jumpserver-test

  rabbitmq:
    image: rabbitmq:latest
    container_name: rabbitmq_server
    restart: always
    networks:
      - jumpserver-test

  nginx:
    image: nginx:alpine3.10
    container_name: nginx_server
    restart: always
    volumes:
      - type: bind
        source: ./docker-cmdb/nginx
        target: /etc/nginx/conf.d
      - type: bind
        source: ./docker-cmdb/nginx/allstatic
        target: /allstatic
    networks:
      - jumpserver-test

      - "9800:80"
    depends_on:
      - webserver

  gitlab:
    image: 'gitlab:latest'
    restart: always
    hostname: 'gitlab.hahalet.com'
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://10.0.122.158:9280'
        unicorn['worker_timeout'] = 60
        unicorn['worker_processes'] = 3 # worker进程数
        unicorn['worker_memory_limit_min'] = "200 * 1 << 20" # worker最小内存
        unicorn['worker_memory_limit_max'] = "300 * 1 << 20"  # worker最大内存
        sidekiq['concurrency'] = 10
        postgresql['shared_buffers'] = "128MB"
        postgresql['max_worker_processes'] = 8
    networks:
      - jumpserver-test
    ports:
      - '9280:9280'
    volumes:
      - './gitlab/config:/etc/gitlab'
      - './gitlab/logs:/var/log/gitlab'
      - './gitlab/data:/var/opt/gitlab'

  jenkins:
    image: 'jenkins:latest'
    restart: always
    privileged: true
    user: root
    volumes:
      - type: bind
        source: ./jenkins/jenkins_home
        target: /var/jenkins_home
      - type: bind
        source: /Volumes/data/com.docker.docker/Data/docker.sock
        target: /var/run/docker.sock
        read_only: "yes"
    networks:
      - jumpserver-test
    ports:
      - "9980:8080"


volumes:
  redis:

networks:
  jumpserver-test:

建立CD环境

1.确认cmdb_server容器有ssh服务，没有则yum install openssh-server
2.然后进入jenkins_server容器发公钥到cmdb_server
3.jenkins安装Publish over SSH，将jenkins_server的私钥填入

image

如果测试不成功，尝试以下操作：
解决办法源于此文档

Publish over SSH 这个插件为旧版本，我们下载的新的openssh-server生成秘钥为新的算法，所以如果要制作“较旧的” OpenSSH格式，请尝试此操作。
或通过使用旧的ssh-keygen进行设置

ssh-keygen -t rsa -b 4096 -m PEM

开始构建任务

image

image

image

image

image

主动执行任务后，可在cmdb_server容器中得到一个这样的文件

ls /app/code/
code.tar

基于以上操作

我们可以实现代码的简单更新，也有点类似于发布

我们在本机上写好新功能，提交到gitlab上，jenkins使用webhook拉取到代码，并且通过ssh推送到生产服务器上，生产服务器停服务，备份源代码，拉取新代码，起服务，跑新代码，有问题则回滚，一系列操作自动执行

image

bak.sh（可放到工作区下被一起打包过去）

#!/bin/bash
tar -xf /app/code/code.tar  -C /app/code/     #解压tar包
cp -r /opt/auto_cmdb /backup/auto_cmdb-$(date +%F-%X)  #备份原来的代码
rm -rf /opt/auto_cmdb    #删除原来的代码
mv /app/code/auto_cmdb /opt/    #部署新的代码

由于我们起的容器的缘故，cmdb的Dockerfile 写入了 CMD uwsgi --ini /opt/auto_cmdb/conf/uwsgi.ini

image

造成无法停止服务,虽然不合生产环境，但是不影响我们运行新的代码
当我们在访问页面时，刷新即可看到相应的改变