2022. 6. 20. 15:20ㆍ서버 프로그래밍
아주 좋은 레퍼런스가 있어서 큰 도움이 되었다.
GitLab CI/CD 파이프라인에서 Docker 이미지를 빌드한 다음 Container Registry에 저장을 하고, 테스트 서버나 프로덕션 서버에서 Container Registry에 저장된 Docker 이미지를 pull 해서 실행을 시키도록 만들면 된다.
https://taylor.callsen.me/how-to-dockerize-a-nodejs-app-and-deploy-it-using-gitlab-ci/
How to Dockerize a NodeJS App and Deploy it using GitLab CI/CD - Taylor Callsen
Covers one way to containerize a NodeJS REST API into a Docker Image, and automate deployments of the image over SSH using GitLab CI.
taylor.callsen.me
먼저 GitLab CI/CD에서 Docker Image를 빌드하는 방법은 두가지가 있다.
- Shell executor
- Docker-in-Docker (dind)
https://docs.gitlab.com/ee/ci/docker/using_docker_build.html
Use Docker to build Docker images | GitLab
Documentation for GitLab Community Edition, GitLab Enterprise Edition, Omnibus GitLab, and GitLab Runner.
docs.gitlab.com
또한 Container Registry에 대한 정보는 다음을 참고하면 된다.
https://docs.gitlab.com/ee/user/packages/container_registry/
GitLab Container Registry | GitLab
Documentation for GitLab Community Edition, GitLab Enterprise Edition, Omnibus GitLab, and GitLab Runner.
docs.gitlab.com
https://docs.gitlab.com/ee/administration/packages/container_registry.html
GitLab Container Registry administration | GitLab
Documentation for GitLab Community Edition, GitLab Enterprise Edition, Omnibus GitLab, and GitLab Runner.
docs.gitlab.com
Index · Container registry · Packages · User · Help
Baltic Large-Scale Computing Project Repository
www.balticlsc.eu
예전에 참고했던 다음 레퍼런스가 Container Registry 설정에 도움이 된다.
https://allroundplaying.tistory.com/31
GitLab Container Registry 활성화 하기
ref1 : GitLab Documentation ref2 : Docker 개인저장소 구축 Gitlab Container Registry는 Gitlab 8.8(2016.05)에서 처음 소개되었습니다 Notes: Introduced in GitLab 8.8. Docker Registry manifest v1 sup..
allroundplaying.tistory.com
GitLab Runner에서 앞서 설정한 Container Registry에 docker login이 안되는 문제가 발생해서 삽질을 해보니, gitlab이 실행되는 서버가 http만으로 동작하고 있기 때문에 발생한 것이었다. Container Registry는 디폴트로 https를 사용하기 때문에, http로도 동작하도록 수정해주지 않으면 안된다.
This procedure configures Docker to entirely disregard security for your registry. This is very insecure and is not recommended. It exposes your registry to trivial man-in-the-middle (MITM) attacks. Only use this solution for isolated testing or in a tightly controlled, air-gapped environment.
- Edit the daemon.json file, whose default location is /etc/docker/daemon.json on Linux or C:\ProgramData\docker\config\daemon.json on Windows Server. If you use Docker Desktop for Mac or Docker Desktop for Windows, click the Docker icon, choose Preferences (Mac) or Settings (Windows), and choose Docker Engine.
Substitute the address of your insecure registry for the one in the example.
{ "insecure-registries" : ["myregistrydomain.com:5000"] }- First, try using HTTPS.
- If HTTPS is available but the certificate is invalid, ignore the error about the certificate.
- If HTTPS is not available, fall back to HTTP.
- First, try using HTTPS.
- With insecure registries enabled, Docker goes through the following steps:
- If the daemon.json file does not exist, create it. Assuming there are no other settings in the file, it should have the following contents:
- Restart Docker for the changes to take effect.
Repeat these steps on every Engine host that wants to access your registry.
https://docs.docker.com/registry/insecure/
Test an insecure registry
docs.docker.com