安装Docker
# Ubuntu/Debian
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
# CentOS/RHEL
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce docker-ce-cli containerd.io
sudo systemctl start docker && sudo systemctl enable docker
安装Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
安装Jenkins
docker run -d --name jenkins -p 8080:8080 -p 50000:50000 \
-v jenkins_home:/var/jenkins_home \
jenkins/jenkins:lts
配置Jenkins Pipeline
pipeline {
agent any
stages {
stage('Build') {
steps {
sh 'docker build -t myapp:${BUILD_NUMBER} .'
}
}
stage('Test') {
steps {
sh 'docker run myapp:${BUILD_NUMBER} npm test'
}
}
stage('Push') {
steps {
withCredentials([usernamePassword(credentialsId: 'dockerhub', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
sh 'docker login -u $USERNAME -p $PASSWORD'
sh 'docker tag myapp:${BUILD_NUMBER} $USERNAME/myapp:${BUILD_NUMBER}'
sh 'docker push $USERNAME/myapp:${BUILD_NUMBER}'
}
}
}
}
}
配置.gitlab-ci.yml
stages:
- build
- test
- deploy
build:
stage: build
script:
- docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA .
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
test:
stage: test
script:
- docker run $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA npm test
deploy:
stage: deploy
script:
- ssh user@server "docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA"
- ssh user@server "docker stop myapp || true"
- ssh user@server "docker rm myapp || true"
- ssh user@server "docker run -d --name myapp -p 80:3000 $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA"
初始化Swarm集群
docker swarm init
创建Docker Stack文件
# docker-stack.yml
version: '3.8'
services:
app:
image: your-registry/your-app:latest
deploy:
replicas: 3
update_config:
parallelism: 1
delay: 10s
restart_policy:
condition: on-failure
ports:
- "80:3000"
部署应用
docker stack deploy -c docker-stack.yml myapp
安装Minikube或配置K8s集群
# Minikube安装
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube
创建Deployment和Service ```yaml
apiVersion: apps/v1 kind: Deployment metadata: name: myapp spec: replicas: 3 selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: myapp image: your-registry/your-app:latest ports: - containerPort: 3000
apiVersion: v1 kind: Service metadata: name: myapp spec: selector: app: myapp ports: - protocol: TCP port: 80 targetPort: 3000 type: LoadBalancer ```
bash
kubectl apply -f deployment.yaml使用Prometheus监控
docker run -d --name=prometheus -p 9090:9090 \
-v /path/to/prometheus.yml:/etc/prometheus/prometheus.yml \
prom/prometheus
使用Grafana可视化
docker run -d --name=grafana -p 3000:3000 grafana/grafana
集中日志管理(ELK)
# Elasticsearch
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:7.14.0
# Logstash
docker run -d --name logstash --link elasticsearch:elasticsearch -p 5000:5000 logstash:7.14.0
# Kibana
docker run -d --name kibana --link elasticsearch:elasticsearch -p 5601:5601 kibana:7.14.0
使用多阶段构建减少镜像大小
FROM node:14 as builder
WORKDIR /app
COPY . .
RUN npm install && npm run build
FROM nginx:alpine
COPY --from=builder /app/dist /usr/share/nginx/html
使用.dockerignore文件忽略不必要的文件
node_modules
.git
*.log
实现蓝绿部署或金丝雀发布减少部署风险
定期清理旧镜像
docker system prune -f
使用健康检查
HEALTHCHECK --interval=30s --timeout=3s \
CMD curl -f http://localhost/health || exit 1
通过以上方案,您可以在Linux上构建完整的Docker CI/CD流水线,实现从代码提交到生产部署的自动化流程。