Clone
This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
是的,建议为DRONE CI和Gerrit分别创建独立的目录。这样做的原因和最佳实践:
📁 目录结构建议
方案一:按服务分目录(推荐)
~/devops/
├── gerrit/ # Gerrit代码审查
│ ├── docker-compose.yml
│ ├── data/
│ └── config/
├── drone-ci/ # Drone CI/CD
│ ├── docker-compose.yml
│ ├── config/
│ └── runner/
├── gitea/ # Gitea Git仓库
│ ├── docker-compose.yml
│ └── data/
├── minio/ # MinIO存储
│ ├── docker-compose.yml
│ └── data/
└── nexus/ # Nexus仓库
├── docker-compose.yml
└── data/
方案二:统一编排(更复杂)
~/devops/
├── docker-compose.yml # 所有服务统一编排
├── .env # 环境变量
├── config/
│ ├── gerrit/
│ ├── drone/
│ ├── gitea/
│ └── nginx/
└── data/
├── gerrit/
├── drone/
├── gitea/
└── minio/
🏗️ 具体实现
方法1:分别部署(简单,推荐初学者)
1. Gerrit目录
# 创建Gerrit目录
mkdir -p ~/devops/gerrit && cd ~/devops/gerrit
cat > docker-compose.yml << 'EOF'
version: '3.8'
services:
gerrit:
image: gerritcodereview/gerrit:3.8
container_name: gerrit
environment:
- CANONICAL_WEB_URL=http://localhost:8081
- DATABASE_TYPE=postgresql
- DB_ENV_POSTGRES_DB=gerrit
- DB_ENV_POSTGRES_USER=gerrit
- DB_ENV_POSTGRES_PASSWORD=gerrit
volumes:
- ./data:/var/gerrit/review_site
ports:
- "8081:8080"
- "29418:29418"
depends_on:
- postgres
restart: unless-stopped
postgres:
image: postgres:13
container_name: gerrit-postgres
environment:
- POSTGRES_DB=gerrit
- POSTGRES_USER=gerrit
- POSTGRES_PASSWORD=gerrit
volumes:
- ./postgres-data:/var/lib/postgresql/data
restart: unless-stopped
EOF
# 启动Gerrit
docker-compose up -d
2. Drone CI目录
# 创建Drone CI目录
mkdir -p ~/devops/drone && cd ~/devops/drone
cat > docker-compose.yml << 'EOF'
version: '3.8'
services:
drone-server:
image: drone/drone:2
container_name: drone-server
environment:
- DRONE_GITEA_SERVER=http://gitea:3000 # 指向Gitea
- DRONE_GITEA_CLIENT_ID=${DRONE_CLIENT_ID}
- DRONE_GITEA_CLIENT_SECRET=${DRONE_CLIENT_SECRET}
- DRONE_RPC_SECRET=${DRONE_RPC_SECRET}
- DRONE_SERVER_HOST=localhost:8080
- DRONE_SERVER_PROTO=http
- DRONE_USER_CREATE=username:admin,admin:true
volumes:
- ./data:/data
ports:
- "8080:80"
networks:
- devops-net
restart: unless-stopped
drone-runner:
image: drone/drone-runner-docker:1
container_name: drone-runner
environment:
- DRONE_RPC_PROTO=http
- DRONE_RPC_HOST=drone-server
- DRONE_RPC_SECRET=${DRONE_RPC_SECRET}
- DRONE_RUNNER_CAPACITY=2
- DRONE_RUNNER_NAME=docker-runner
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
- devops-net
restart: unless-stopped
depends_on:
- drone-server
networks:
devops-net:
external: true # 使用外部网络,让各服务能互相访问
EOF
# 创建环境变量文件
cat > .env << 'EOF'
DRONE_CLIENT_ID=your-client-id
DRONE_CLIENT_SECRET=your-client-secret
DRONE_RPC_SECRET=$(openssl rand -hex 16)
EOF
# 创建网络(如果不存在)
docker network create devops-net 2>/dev/null || true
# 启动Drone
docker-compose up -d
方法2:统一编排(高级)
# 创建统一目录
mkdir -p ~/devops-unified && cd ~/devops-unified
cat > docker-compose.yml << 'EOF'
version: '3.8'
networks:
devops-net:
driver: bridge
volumes:
gerrit_data:
gerrit_db:
drone_data:
gitea_data:
minio_data:
nexus_data:
services:
# 1. Gerrit
gerrit:
image: gerritcodereview/gerrit:3.8
container_name: gerrit
environment:
- CANONICAL_WEB_URL=http://gerrit:8080
volumes:
- gerrit_data:/var/gerrit/review_site
ports:
- "8081:8080"
- "29418:29418"
networks:
- devops-net
restart: unless-stopped
depends_on:
- gerrit-db
gerrit-db:
image: postgres:13
container_name: gerrit-db
environment:
- POSTGRES_DB=gerrit
- POSTGRES_USER=gerrit
- POSTGRES_PASSWORD=gerrit
volumes:
- gerrit_db:/var/lib/postgresql/data
networks:
- devops-net
restart: unless-stopped
# 2. Drone CI
drone-server:
image: drone/drone:2
container_name: drone-server
environment:
- DRONE_GITEA_SERVER=http://gitea:3000
- DRONE_GITEA_CLIENT_ID=${DRONE_CLIENT_ID}
- DRONE_GITEA_CLIENT_SECRET=${DRONE_CLIENT_SECRET}
- DRONE_RPC_SECRET=${DRONE_RPC_SECRET}
- DRONE_SERVER_HOST=drone
- DRONE_SERVER_PROTO=http
volumes:
- drone_data:/data
ports:
- "8080:80"
networks:
- devops-net
restart: unless-stopped
drone-runner:
image: drone/drone-runner-docker:1
container_name: drone-runner
environment:
- DRONE_RPC_PROTO=http
- DRONE_RPC_HOST=drone-server
- DRONE_RPC_SECRET=${DRONE_RPC_SECRET}
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
- devops-net
restart: unless-stopped
depends_on:
- drone-server
# 3. Gitea
gitea:
image: gitea/gitea:latest
container_name: gitea
environment:
- USER_UID=1000
- USER_GID=1000
volumes:
- gitea_data:/data
ports:
- "3000:3000"
networks:
- devops-net
restart: unless-stopped
# 4. MinIO
minio:
image: minio/minio:latest
container_name: minio
command: server /data --console-address ":9001"
environment:
- MINIO_ROOT_USER=admin
- MINIO_ROOT_PASSWORD=admin123
volumes:
- minio_data:/data
ports:
- "9000:9000"
- "9001:9001"
networks:
- devops-net
restart: unless-stopped
# 5. Nexus
nexus:
image: sonatype/nexus3:latest
container_name: nexus
volumes:
- nexus_data:/nexus-data
ports:
- "8082:8081"
networks:
- devops-net
restart: unless-stopped
EOF
# 创建.env文件
cat > .env << 'EOF'
DRONE_CLIENT_ID=generate-from-gitea
DRONE_CLIENT_SECRET=generate-from-gitea
DRONE_RPC_SECRET=$(openssl rand -hex 16)
EOF
# 启动所有服务
docker-compose up -d
🔗 服务连接配置
Drone连接Gerrit(如果使用Gerrit而不是Gitea)
# Drone配置需要改为Gerrit
environment:
- DRONE_GERRIT_SERVER=http://gerrit:8080
- DRONE_GERRIT_USERNAME=admin
- DRONE_GERRIT_PASSWORD=password
📝 选择建议
推荐方案:分别部署
优点:
- 独立性:各服务独立,互不影响
- 易于管理:单独启动/停止/更新
- 故障隔离:一个服务出问题不影响其他
- 学习曲线平缓:更容易理解和调试
部署步骤:
- 先部署基础服务(Gitea/MinIO/Nexus)
- 再部署Gerrit
- 最后部署Drone CI(依赖Gitea/Gerrit)
何时使用统一编排:
- 所有服务紧密耦合
- 需要统一的网络配置
- 生产环境,有运维团队管理
- 使用Kubernetes等编排平台
🚀 快速开始建议
# 1. 先创建Gitea
mkdir -p ~/devops/gitea && cd ~/devops/gitea
# ... 创建docker-compose.yml
# 2. 再创建Gerrit(如果需要)
mkdir -p ~/devops/gerrit && cd ~/devops/gerrit
# ... 创建docker-compose.yml
# 3. 最后创建Drone
mkdir -p ~/devops/drone && cd ~/devops/drone
# ... 创建docker-compose.yml
# 4. 创建共享网络
docker network create devops-net
# 5. 在每个目录的docker-compose.yml中使用外部网络
# networks:
# default:
# external:
# name: devops-net
总结:从简单开始,先分别部署,熟练后再考虑统一编排。