iT邦幫忙

2023 iThome 鐵人賽

DAY 29
0
DevOps

搞定Docker網路系列 第 29

Drone的網路-Drone+gitlab是否可以不用ip溝通?其實可以

  • 分享至 

  • xImage
  •  

先說明一下,後來還是找到方法讓gitlab跟drone的溝通可以不用ip,不過需要借用traefik的route功能來達成。

不過實作還是有個狀況

  1. drone解析不到gitlab.docker.localhost這個名稱,所以還是用了extra_host來作ip dn對照的設定給drone。
  2. drone在gitlab的application redirect URL還是必須使用IP。
  • docker compose yaml
version: "3"
name: cicd
services:
 reverse-proxy:
    # The official v2 Traefik docker image
    image: traefik:v2.10.4
    # Enables the web UI and tells Traefik to listen to docker
    command: --api.insecure=true --providers.docker
    ports:
      # The HTTP port
     - "81:80"
      # The Web UI (enabled by --api.insecure=true)
     - "8082:8080"
    volumes:
      # So that Traefik can listen to the Docker events
     - /var/run/docker.sock:/var/run/docker.sock
 gitlab:
    image: gitlab/gitlab-ce:16.4.1-ce.0
    restart: always
    networks:
     ap_net:
       ipv4_address: 172.18.0.100
    ports:
      - 80:80
      - 443:443
      - 22:22
    environment:    
     TZ: Asia/Taipei
     GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://gitlab.docker.localhost'
        gitlab_rails['time_zone'] = 'Asia/Taipei'
        gitlab_rails['gitlab_default_projects_features_builds'] = false
        gitlab_rails['smtp_enable'] = false
        gitlab_rails['gitlab_email_enabled'] = false
        gitlab_rails['incoming_email_enabled'] = false

        # Terraform
        gitlab_rails['terraform_state_enabled'] = false

        # Usage Statistics
        gitlab_rails['usage_ping_enabled'] = false
        gitlab_rails['sentry_enabled'] = false
        grafana['reporting_enabled'] = false

        # 關閉container registry
        gitlab_rails['gitlab_default_projects_features_container_registry'] = false
        gitlab_rails['registry_enabled'] = false
        registry['enable'] = false
        registry_nginx['enable'] = false

        # 關閉package
        gitlab_rails['packages_enabled'] = false
        gitlab_rails['dependency_proxy_enabled'] = false

        # GitLab KAS
        gitlab_kas['enable'] = false
        gitlab_rails['gitlab_kas_enabled'] = false

        # Mattermost
        mattermost['enable'] = false
        mattermost_nginx['enable'] = false

        # Kerberos
        gitlab_rails['kerberos_enabled'] = false
        sentinel['enable'] = false

        # GitLab Pages
        gitlab_pages['enable'] = false
        pages_nginx['enable'] = false

        # 禁用PUMA
        puma['worker_processes'] = 0
        puma['min_threads'] = 1
        puma['max_threads'] = 2

        # 降低sidekiq數量
        sidekiq['max_concurrency'] = 5

        gitlab_ci['gitlab_ci_all_broken_builds'] = false
        gitlab_ci['gitlab_ci_add_pusher'] = false

        # 關閉監控
        prometheus_monitoring['enable'] = false
        alertmanager['enable'] = false
        node_exporter['enable'] = false
        redis_exporter['enable'] = false
        postgres_exporter['enable'] = false
        pgbouncer_exporter['enable'] = false
        gitlab_exporter['enable'] = false
        grafana['enable'] = false
        sidekiq['metrics_enabled'] = false
    volumes:
      - "/home/ted/project/gitlab/config:/etc/gitlab"
      - "/home/ted/project/gitlab/logs:/var/log/gitlab"
      - "/home/ted/project/gitlab/data:/var/opt/gitlab"
    labels:
     - "traefik.http.routers.gitlab.rule=Host(`gitlab.docker.localhost`)"
 drone:
    image: drone/drone:2.20.0
    volumes:
     - "/home/ted/project/drone:/data"
    environment:
     - DRONE_GITLAB_SERVER=http://gitlab.docker.localhost
     - DRONE_GITLAB_CLIENT_ID=0d2222222
     - DRONE_GITLAB_CLIENT_SECRET=g22222222
     - DRONE_RPC_SECRET=932222222222222
     - DRONE_SERVER_HOST=172.18.0.4
     - DRONE_SERVER_PROTO=http
     - DRONE_USER_CREATE=username:root,admin:true
    depends_on:
     gitlab:
      condition: service_healthy
    ports:
     - 8080:80
     - 8000:443
    networks:
     ap_net:
       ipv4_address: 172.18.0.4
    extra_hosts:
     - "gitlab.docker.localhost:172.18.0.100"
     - "drone.docker.localhost:172.18.0.4"
 portainer:
    image: portainer/portainer-ce:2.19.1-alpine
    volumes:
     - /var/run/docker.sock:/var/run/docker.sock
    ports:
     - 8001:8000
     - 9443:9443
 sonarqube:
    image: sonarqube:8.9.10-community
    volumes:
      - "/home/ted/project/sonarqube/data:/opt/sonarqube/data"
      - "/home/ted/project/sonarqube/logs:/opt/sonarqube/logs"
      - "/home/ted/project/sonarqube/extensions:/opt/sonarqube/extensions"
    ports:
     - 9000:9000  
    networks: 
     - ap_net
networks:
    ap_net:
     external: true

結果因為drone的關係,必須讓gitlab跟drone本身都要有ip指定,drone在gitlab必須設定為ip,DRONE_SERVER_HOST=172.18.0.4也要保留用ip

參考:
https://doc.traefik.io/traefik/routing/providers/docker/#port
https://stackoverflow.com/questions/29076194/using-add-host-or-extra-hosts-with-docker-compose


上一篇
Drone的網路-Drone+gitlab是否可以不用ip溝通?
下一篇
Docker的網路-最後整理心得
系列文
搞定Docker網路31
圖片
  直播研討會
圖片
{{ item.channelVendor }} {{ item.webinarstarted }} |
{{ formatDate(item.duration) }}
直播中

尚未有邦友留言

立即登入留言