From c3ccc152d4c63b8b752516a8cc4cb2bd4e96332b Mon Sep 17 00:00:00 2001 From: Bruce CHEN <805899926@qq.com> Date: Thu, 5 Sep 2024 12:45:30 +0800 Subject: [PATCH] # add docker in docker --- server/docker/ops/docker/conf/daemon.json | 4 ++++ server/docker/ops/docker/deploy.yml | 17 +++++++++++++++++ server/docker/ops/jenkins-ssh-agent/Dockerfile | 10 ++++------ server/docker/ops/jenkins-ssh-agent/deploy.yml | 4 ++++ server/docker/ops/jenkins/Dockerfile | 12 +++++------- server/docker/ops/jenkins/deploy.yml | 5 ++++- 6 files changed, 38 insertions(+), 14 deletions(-) create mode 100644 server/docker/ops/docker/conf/daemon.json create mode 100644 server/docker/ops/docker/deploy.yml diff --git a/server/docker/ops/docker/conf/daemon.json b/server/docker/ops/docker/conf/daemon.json new file mode 100644 index 000000000..65242e1c8 --- /dev/null +++ b/server/docker/ops/docker/conf/daemon.json @@ -0,0 +1,4 @@ +{ + "registry-mirrors": ["http://registry-proxy.czy21-internal.com"], + "insecure-registries": ["registry.czy21-internal.com", "registry-proxy.czy21-internal.com"] +} \ No newline at end of file diff --git a/server/docker/ops/docker/deploy.yml b/server/docker/ops/docker/deploy.yml new file mode 100644 index 000000000..170c7d700 --- /dev/null +++ b/server/docker/ops/docker/deploy.yml @@ -0,0 +1,17 @@ +version: "3.9" + +services: + + docker: + image: "docker:27.2.0-dind" + pull_policy: always + container_name: docker + hostname: docker + privileged: true + volumes: + - {{ param_docker_data }}/{{ param_role_name }}/conf/daemon.json:/etc/docker/daemon.json + - {{ param_docker_data }}/{{ param_role_name }}/conf/certs/:/certs/client + - {{ param_docker_data }}/{{ param_role_name }}/data/:/var/lib/docker + environment: + DOCKER_TLS_CERTDIR: /certs + restart: always \ No newline at end of file diff --git a/server/docker/ops/jenkins-ssh-agent/Dockerfile b/server/docker/ops/jenkins-ssh-agent/Dockerfile index 31d239093..5fe922ec7 100644 --- a/server/docker/ops/jenkins-ssh-agent/Dockerfile +++ b/server/docker/ops/jenkins-ssh-agent/Dockerfile @@ -1,9 +1,7 @@ FROM jenkins/ssh-agent:5.46.0-jdk17 USER root -RUN apt update && apt install git sudo curl -y -RUN curl -L "https://github.com/docker/compose/releases/download/v{{ param_compose_version }}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose -RUN chmod +x /usr/local/bin/docker-compose -RUN ln -sf /usr/local/bin/docker-compose /usr/bin/docker-compose -RUN echo -n "%sudo ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/99-custom -RUN usermod -aG sudo jenkins \ No newline at end of file +RUN apt-get update && apt-get install -y lsb-release +RUN curl -fsSLo /usr/share/keyrings/docker-archive-keyring.asc https://download.docker.com/linux/debian/gpg +RUN echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.asc] https://download.docker.com/linux/debian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list +RUN apt-get update && apt-get install -y docker-ce-cli \ No newline at end of file diff --git a/server/docker/ops/jenkins-ssh-agent/deploy.yml b/server/docker/ops/jenkins-ssh-agent/deploy.yml index be3c4419c..53d3ea3b1 100644 --- a/server/docker/ops/jenkins-ssh-agent/deploy.yml +++ b/server/docker/ops/jenkins-ssh-agent/deploy.yml @@ -13,9 +13,13 @@ services: - {{ param_docker_data }}/{{ param_role_name }}/data/:/home/jenkins/ - {{ param_docker_data }}/{{ param_role_name }}/data/.jenkins:/home/jenkins/.jenkins - {{ param_docker_data }}/{{ param_role_name }}/data/agent:/home/jenkins/agent + - {{ param_docker_data }}/docker/conf/certs/:/certs/client - /run/:/run/ - /var/run/:/var/run/ - /tmp/:/tmp/ environment: JENKINS_AGENT_SSH_PUBKEY: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDNiu2EIXk3id8QagrKhcHqzdGPzjE0oLag1lAMK/oBT3nidQb9o7Cprj+iJeeghWw3NjcFHppMmzzmnzI7lseiVZ0s/tgH6qBAozUkIqHFROKvnMi0oQ/oVBqgRVAO8tVLjou31e6DB4ru3ycBEnNZXj2Z+6CPvZc7s4LuTdvgnJFgPPBWYKzqMh0BsWFskO72tjkd3SrIA0KL36Ezy/e82g2qozCISO+X3Y7lnWqP9WRuAzWLwm24iH01X5/EdkfupW6pDsrA8PwHnbFMvNBEaCQZpEk3Nbw5pg6lMYfZX6q4wzqFnrS6A2zFKgZuT/PcptTxhuDQsbyEf4hcJMCXuHRHWsnNYqmtffEenydYojcLK7cWSDifq7gqci/SpmUTC8VlSYLHwL6AFLAoAOez7Zq5+wGlUaqZ4tddZ4dLRlMLL0ZQi5N0tDbmvkSKDjkJSGJcEbpR6/hcvDqmuPcttb26X0jc0HeEApx2+cWOnD9BUxTVSAOqD2kzLIAsitE= 805899926@qq.com + DOCKER_HOST: tcp://docker:2376 + DOCKER_CERT_PATH: /certs/client + DOCKER_TLS_VERIFY: 1 restart: always \ No newline at end of file diff --git a/server/docker/ops/jenkins/Dockerfile b/server/docker/ops/jenkins/Dockerfile index 7e82664c1..38110c893 100644 --- a/server/docker/ops/jenkins/Dockerfile +++ b/server/docker/ops/jenkins/Dockerfile @@ -1,10 +1,8 @@ -FROM jenkins/jenkins:2.474-jdk17 +FROM jenkins/jenkins:2.475-jdk17 USER root -RUN apt update && apt install sudo -y -RUN curl -L "https://github.com/docker/compose/releases/download/v{{ param_compose_version }}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose -RUN chmod +x /usr/local/bin/docker-compose -RUN ln -sf /usr/local/bin/docker-compose /usr/bin/docker-compose -RUN echo -n "%sudo ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/99-custom -RUN usermod -aG sudo jenkins +RUN apt-get update && apt-get install -y lsb-release +RUN curl -fsSLo /usr/share/keyrings/docker-archive-keyring.asc https://download.docker.com/linux/debian/gpg +RUN echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.asc] https://download.docker.com/linux/debian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list +RUN apt-get update && apt-get install -y docker-ce-cli USER jenkins \ No newline at end of file diff --git a/server/docker/ops/jenkins/deploy.yml b/server/docker/ops/jenkins/deploy.yml index 0f5dbb59d..d2242ede9 100644 --- a/server/docker/ops/jenkins/deploy.yml +++ b/server/docker/ops/jenkins/deploy.yml @@ -19,11 +19,14 @@ services: - "50000:50000" volumes: - {{ param_docker_data }}/{{ param_role_name }}/data/:/var/jenkins_home/ - - /var/run/docker.sock:/var/run/docker.sock + - {{ param_docker_data }}/docker/conf/certs/:/certs/client environment: JENKINS_UC: https://mirrors.aliyun.com/jenkins/updates/update-center.json JENKINS_UC_EXPERIMENTAL: https://mirrors.aliyun.com/jenkins/updates/experimental/update-center.json JAVA_OPTS: "-Xverify:none" + DOCKER_HOST: tcp://docker:2376 + DOCKER_CERT_PATH: /certs/client + DOCKER_TLS_VERIFY: 1 deploy: resources: limits: