一、环境准备

• 安装Docker-CE
• 开启Docker远程API
  • 本地Docker环境上,通过terraform调用Docker可以不用开启Docker的API
  • 如果是远程调用的需要开启Docker的API

# 安装工具软件包
yum install -y gcc gcc-c++ perl dos2unix git vim wget unzip lsof tree net-tools telnet epel-release yum-utils python-devel python-pip device-mapper-persistent-data lvm2

# 国内镜像源
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo yum makecache fast

# 卸载系统上已经安装了docker
yum remove docker docker-engine docker.io docker-ce*

# 安装docker-ce软件包
yum install docker-ce -y

# 添加daemon.json文件
mkdir -p /etc/docker/
cat > /etc/docker/daemon.json<<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "storage-driver": "overlay2",
  "live-restore": true,
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m",
    "max-file": "3",
    "labels": "production_status",
    "env": "os,customer"
  }
}
EOF


# 开启Docker API
cp -rp /usr/lib/systemd/system/docker.service{,.bak}
sed -i 's#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock#ExecStart=/usr/bin/dockerd --containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock  -H fd://#g' /usr/lib/systemd/system/docker.service

systemctl enable docker
systemctl daemon-reload
systemctl restart docker

# 查看docker服务
ps -ef |grep docker
root       8671      1  0 06:07 ?        00:00:00 /usr/bin/dockerd --containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock -H fd://

# curl Docker api接口
curl http://127.0.0.1:2375/version
{"Platform":{"Name":"Docker Engine - Community"},"Components":[{"Name":"Engine","Version":"20.10.18","Details":{"ApiVersion":"1.41","Arch":"amd64","BuildTime":"2022-09-08T23:12:21.000000000+00:00","Experimental":"false","GitCommit":"e42327a","GoVersion":"go1.18.6","KernelVersion":"3.10.0-1160.el7.x86_64","MinAPIVersion":"1.12","Os":"linux"}},{"Name":"containerd","Version":"1.6.8","Details":{"GitCommit":"9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6"}},{"Name":"runc","Version":"1.1.4","Details":{"GitCommit":"v1.1.4-0-g5fd4c4d"}},{"Name":"docker-init","Version":"0.19.0","Details":{"GitCommit":"de40ad0"}}],"Version":"20.10.18","ApiVersion":"1.41","MinAPIVersion":"1.12","GitCommit":"e42327a","GoVersion":"go1.18.6","Os":"linux","Arch":"amd64","KernelVersion":"3.10.0-1160.el7.x86_64","BuildTime":"2022-09-08T23:12:21.000000000+00:00"}

# docker-compose二进制安装
# github地址: https://github.com/docker/compose/releases
wget https://github.com/docker/compose/releases/download/v2.10.0/docker-compose-linux-x86_64 -O /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
ln -sfv /usr/local/bin/docker-compose /usr/bin/

二、配置Docker

整体项目结构

个人维护者: https://registry.terraform.io/providers/kreuzwerker/docker/2.21.0

项目仓库目录: youdianzhishi-terraform/terraform-docker-operator

# 项目目录
$ tree ./  
./
├───network
├───service
└───.terraformrc 

 # 配置的文本缓存目录
 $ mkdir -pv $HOME/.terraform.d/terraform-plugin-cache
 $ vim .terraformrc
 plugin_cache_dir  = "$HOME/.terraform.d/terraform-plugin-cache"
disable_checkpoint = true

provider_installation {
  filesystem_mirror {
    path    = "/root/.terraform.d/terraform-plugin-cache"
    include = ["registry.terraform.io/*/*"]
  }
}


# 声明本地缓存环境变量
export TF_CLI_CONFIG_FILE=/root/youdianzhishi-terraform/terraform-docker-operator/.terraformrc

三、创建Docker Network资源

个人维护者: https://registry.terraform.io/providers/kreuzwerker/docker/2.20.3/docs/resources/network

项目仓库目录: youdianzhishi-terraform/terraform-docker-operator/network

# 进入到项目目录
$ cd terraform-docker-operator/network
$ tree  ./
./
├── main.tf
├── outputs.tf
└── versions.tf

0 directories, 3 files

# 声明本地缓存环境变量
export TF_CLI_CONFIG_FILE=/root/youdianzhishi-terraform/terraform-docker-operator/.terraformrc

# 检测docker 服务是否正常
$ curl http://192.168.254.21:2375
{"message":"page not found"}

# 执行terraform命令
$ terraform init 
$ terraform fmt 或 terraform init -recursive
$ terraform validate
$ terraform plan
$ terraform apply 或 terraform apply -auto-approve
$ terraform destroy 或 terraform destroy -auto-approve

四、创建Docker Container资源

https://registry.terraform.io/providers/kreuzwerker/docker/2.20.3/docs/resources/image

https://registry.terraform.io/providers/kreuzwerker/docker/2.20.3/docs/resources/container

项目仓库目录: youdianzhishi-terraform/terraform-docker-operator/service

# 进入到项目目录
$ cd terraform-docker-operator/service
$ tree  ./
./
├── jenkins.tf
├── main.tf
└── versions.tf

0 directories, 3 files

# 声明本地缓存环境变量
export TF_CLI_CONFIG_FILE=/root/youdianzhishi-terraform/terraform-docker-operator/.terraformrc

# 检测docker 服务是否正常
$ curl http://192.168.254.21:2375
{"message":"page not found"}

# 执行terraform命令
$ terraform init 
$ terraform fmt 或 terraform init -recursive
$ terraform validate
$ terraform plan
$ terraform apply 或 terraform apply -auto-approve
$ terraform destroy 或 terraform destroy -auto-approve

# docker命令查看jenkins服务有没有启动
$ docker ps -a 
CONTAINER ID   IMAGE                                COMMAND                  CREATED         STATUS         PORTS                                              NAMES
5507536d02c6   jenkins/jenkins:2.346.3-2-lts-jdk8   "/usr/bin/tini -- /u…"   4 minutes ago   Up 4 minutes   0.0.0.0:8080->8080/tcp, 0.0.0.0:50000->50000/tcp   jenkins

# 数据挂载目录信息
$ ls /data/jenkin_home/
config.xml                     identity.key.enc                               jobs              plugins                   secrets      users
copy_reference_file.log        jenkins.install.InstallUtil.installingPlugins  nodeMonitors.xml  secret.key                updates      war
hudson.model.UpdateCenter.xml  jenkins.telemetry.Correlator.xml               nodes             secret.key.not-so-secret  userContent