Shashikant shah

Friday, 28 January 2022

Jenkins CI/CD pipeline with Docker: part4

1.Install the docker and  docker-compose.

# sudo install docker -y

# usermod -aG docker ec2-user

# systemctl enable docker

# service docker start

logout and login

# docker ps


2.docker-compose

# sudo curl -L --fail https://github.com/docker/compose/releases/download/1.29.2/run.sh -o /usr/local/bin/docker-compose

# sudo chmod +x /usr/local/bin/docker-compose

# sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

# docker-compose -version


# docker pull jenkins/jenkins:lts-jdk11

# docker image ls

 

 

 

 # docker info | grep -i "root"

# sudo du -sh /var/lib/docker

519M /var/lib/docker


# mkdir -p /home/ec2-user/jenkins-data

# mkdir -p /home/ec2-user/jenkins-data/jeknins_home

# cd /home/ec2-user/jenkins-data

# vim docker-compose.yml

version: '3'

services:

jenkins:

container_name: jenkins

image: jenkins/jenkins:lts-jdk11

ports:

- "8080:8080"

volumes:

- "$PWD/jeknins_home:/var/jenkins_home"

networks:

- net

networks:

net:


# docker-compose up -d (container launch)

# docker ps

# docker logs -f 13bfaba9e0f7

 

# docker-compose restart jenkins

# docker-compose stop jenkins

# docker-compose start jenkins

# docker-compose down (delete container)

 

java check in jenkins container.

# docker exec -it jenkins bash

 


# docker cp script.sh jenkins:/tmp/script.sh

 

How to ssh one container to another container.

Ref :- https://sourceexample.com/article/en/446389fea3cf6a40c1b75daa15308775/

# mkdir -p /home/ec2-user/jenkins-data/centos7

# cd /home/ec2-user/jenkins-data/centos7

# ssh-keygen -f remote-key

# vim Dockerfile

FROM centos

MAINTAINER dys "dys@abc.com"

RUN yum install -y openssh openssh-server openssh-clients

RUN mkdir -p /var/run/sshd

RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key

RUN useradd remote_user

RUN /bin/echo "remote_user:1234" | chpasswd

RUN mkdir -p /home/remote_user/.ssh

RUN chmod 700 /home/remote_user/.ssh

COPY remote-key.pub /home/remote_user/.ssh/authorized_keys

RUN chown remote_user:remote_user -R /home/remote_user/.ssh

RUN chmod 600 /home/remote_user/.ssh/authorized_keys

RUN ssh-keygen -A

RUN /bin/sed -i 's/.*session.*required.*pam_loginuid.so.*/session optional pam_loginuid.so/g' /etc/pam.d/sshd

RUN /bin/echo -e "LANG=\"en_US.UTF-8\"">/etc/default/local

EXPOSE 22

CMD /usr/sbin/sshd -D


# cd /home/ec2-user/jenkins-data

# cat docker-compose.yml

version: '3'

services:

jenkins:

container_name: jenkins

image: jenkins/jenkins:lts-jdk11

ports:

- "8080:8080"

volumes:

- "$PWD/jeknins_home:/var/jenkins_home"

networks:

- net

remote_host:

container_name: remote-host

image: remote-host

build:

context: centos7

networks:

- net

networks:

net:

# docker-compose build

# docker images

 


# docker-compose up -d

# docker ps


SSH from jenkins container.

Getting one Error


NOTE :-  DNS not enabled on default network. Only custom network DNS is enabled.
The container is created with a custom network.

# docker network ls



# docker network create myNetwork

# docker network ls

f795f2b681a0 myNetwork bridge local

 

container connect to myNetwork

# docker network connect myNetwork jenkins

# docker network connect myNetwork remote-host

# docker network inspect myNetwork

"ConfigOnly": false,

"Containers": {

"0949bc7a60c0040e901a217de2922925caad789c2476a4b4b921076118002302": {

"Name": "jenkins",

"EndpointID": "f99fb5c8565d95b388ca54343a65c07337d4fd1b2f4c5b529a1006d383a6b78d",

"MacAddress": "02:42:ac:13:00:02",

"IPv4Address": "172.19.0.2/16",

"IPv6Address": ""

},

"fc425520d0eb2bc474a89bf3181aebaf79106f508663c1458c7b94777da8547a": {

"Name": "remote-host",

"EndpointID": "e06739f5a37c8c62f0d278aced25964e0f89a91927f803eb421449b2a44e1d79",

"MacAddress": "02:42:ac:13:00:03",

"IPv4Address": "172.19.0.3/16",

"IPv6Address": ""

}

},

login to jenkins container

# docker exec -it 0949bc7a60c0 bash

$ ssh remote_user@remote-host


ERROR:-

"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."

client side :-

$ ls -l /run/nologin
# rm /run/nologin 

 key copy in jenkins container.

# docker cp remote-key jenkins:/tmp/remote-key

# docker exec -it jenkins /bin/bash

# ssh -i /tmp/remote-key remote_user@remote-host



Create a db container :-

# cat docker-compose.yml

version: '3'

services:

jenkins:

container_name: jenkins

image: jenkins/jenkins:lts-jdk11

ports:

- "8080:8080"

volumes:

- "$PWD/jeknins_home:/var/jenkins_home"

networks:

- net

remote_host:

container_name: remote-host

image: remote-host

build:

context: centos7

networks:

- net

db_host:

container_name: db

image: mysql:5.7

environment:

- "MYSQL_ROOT_PASSWORD=1234"

volumes:

- "$PWD/db_data:/var/lib/mysql"

networks:

- net

networks:

net:

# mkdir -p /home/ec2-user/jenkins-data/db_data

# docker-compose up -d

# docker ps


# docker exec -it db bash


Client install in remote-host container


# cat Dockerfile

FROM centos

MAINTAINER dys "dys@abc.com"

RUN yum install -y openssh openssh-server openssh-clients

RUN mkdir -p /var/run/sshd

RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key

RUN useradd remote_user

RUN /bin/echo "remote_user:1234" | chpasswd

RUN mkdir -p /home/remote_user/.ssh

RUN chmod 700 /home/remote_user/.ssh

COPY remote-key.pub /home/remote_user/.ssh/authorized_keys

RUN chown remote_user:remote_user -R /home/remote_user/.ssh

RUN chmod 600 /home/remote_user/.ssh/authorized_keys

RUN ssh-keygen -A

RUN /bin/sed -i 's/.*session.*required.*pam_loginuid.so.*/session optional pam_loginuid.so/g' /etc/pam.d/sshd

RUN /bin/echo -e "LANG=\"en_US.UTF-8\"">/etc/default/local

RUN yum -y install mysql

RUN yum -y install python39

RUN curl -O https://bootstrap.pypa.io/get-pip.py

RUN python3.9 get-pip.py

RUN pip install awscli --upgrade

EXPOSE 22

CMD /usr/sbin/sshd -D

# docker-compose build

# docker-compose up -d

# docker exec -it remote-host bash


How to secure password the mysql password.

Set the variable for password.








Password variable set for script.


Jenkins with ansible


for delete stopped container

# docker container rm $(docker container ls -aq)

# mkdir -p /home/ec2-user/jenkins-data/jenkins-ansible

# vim jenkins-ansible/Dockerfile

FROM jenkins/jenkins:lts-jdk11


USER root

RUN apt-get update

RUN apt install python3.9 python3-pip -y

RUN curl -O https://bootstrap.pypa.io/get-pip.py

RUN python3 get-pip.py

RUN pip install ansible --upgrade

USER jenkins


# vim /home/ec2-user/jenkins-data/docker-compose.yml

version: '3'

services:

  jenkins:

    container_name: jenkins

    image: jenkins-ansible

    build:

      context: jenkins-ansible

    ports:

      - "8080:8080"

    volumes:

      - "$PWD/jeknins_home:/var/jenkins_home"

    networks:

      - net

  remote_host:

    container_name: remote-host

    image: remote-host

    build:

      context: centos7

    networks:

      - net

  db_host:

    container_name: db

    image: mysql:5.7

    environment:

      - "MYSQL_ROOT_PASSWORD=1234"

    volumes:

      - "$PWD/db_data:/var/lib/mysql"

    networks:

      - net   

networks:

  net:

 # docker-compose build

# docker images


# docker-compose  up -d

 

# docker ps

# docker exec -it jenkins bash

$ ansible --version






















































































No comments:

Post a Comment