1 缘起
最近在折腾公司的开发流程。 随着公司开发任务越来越重,我们需要更多的、更加灵活有自主性的配置管理系统。 公司之前用码云管理代码。但是由于码云本身的用户数量限制文件大小限制问题。 自主性很差。 为此公司决定使用自己的Gitlab服务器。
此文章记录了这个基本的安装过程。 建议读者通读后再安装。
2 服务器
- 阿里云服务器配置:2核(vCPU) 4 GiB
- 阿里云操作系统:CentOS 7.9 64位
这里简要说明没有使用CentOS8 或者号称全面兼容CentOS的Alibaba Cloud Linux 3.2104 LTS 64位操作系统的原因是:- 不是特别熟悉Alibaba Cloud Liunx这个操作系统。
- 不同的Linux发行版本的软件安装差异还是比较大的。 如果是通过脚本安装,未做操作系统适配的话,很多脚本运行会出问题。 所以保险起见,还是使用了CentOS
- gitlab的安装包使用的是清华的镜像,不知为何,没有支持el8的安装包。所以为避免麻烦,直接使用最高版本的CentOS 7
3 安装前准备
3.1 更新操作系统
3.1.1 命令
yum update -y
3.1.2 执行过程
[root@ecs-tdouya-cicd ~]# yum update -y
Loaded plugins: fastestmirror
Determining fastest mirrors
base | 3.6 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/7): base/7/x86_64/group_gz | 153 kB 00:00:00
(2/7): epel/x86_64/group_gz | 96 kB 00:00:00
(3/7): epel/x86_64/updateinfo | 1.0 MB 00:00:00
(4/7): base/7/x86_64/primary_db | 6.1 MB 00:00:00
(5/7): epel/x86_64/primary_db | 7.0 MB 00:00:00
(6/7): extras/7/x86_64/primary_db | 247 kB 00:00:00
(7/7): updates/7/x86_64/primary_db | 16 MB 00:00:00
Resolving Dependencies
--> Running transaction check
---> Package at.x86_64 0:3.1.13-24.el7 will be updated
---> Package at.x86_64 0:3.1.13-25.el7_9 will be an update
---> Package glibc.x86_64 0:2.17-325.el7_9 will be updated
---> Package glibc.x86_64 0:2.17-326.el7_9 will be an update
---> Package glibc-common.x86_64 0:2.17-325.el7_9 will be updated
---> Package glibc-common.x86_64 0:2.17-326.el7_9 will be an update
---> Package glibc-devel.x86_64 0:2.17-325.el7_9 will be updated
---> Package glibc-devel.x86_64 0:2.17-326.el7_9 will be an update
---> Package glibc-headers.x86_64 0:2.17-325.el7_9 will be updated
---> Package glibc-headers.x86_64 0:2.17-326.el7_9 will be an update
---> Package grub2.x86_64 1:2.02-0.87.el7.centos.7 will be updated
---> Package grub2.x86_64 1:2.02-0.87.0.1.el7.centos.9 will be an update
---> Package grub2-common.noarch 1:2.02-0.87.el7.centos.7 will be updated
---> Package grub2-common.noarch 1:2.02-0.87.0.1.el7.centos.9 will be an update
---> Package grub2-pc.x86_64 1:2.02-0.87.el7.centos.7 will be updated
---> Package grub2-pc.x86_64 1:2.02-0.87.0.1.el7.centos.9 will be an update
---> Package grub2-pc-modules.noarch 1:2.02-0.87.el7.centos.7 will be updated
---> Package grub2-pc-modules.noarch 1:2.02-0.87.0.1.el7.centos.9 will be an update
---> Package grub2-tools.x86_64 1:2.02-0.87.el7.centos.7 will be updated
---> Package grub2-tools.x86_64 1:2.02-0.87.0.1.el7.centos.9 will be an update
---> Package grub2-tools-extra.x86_64 1:2.02-0.87.el7.centos.7 will be updated
---> Package grub2-tools-extra.x86_64 1:2.02-0.87.0.1.el7.centos.9 will be an update
---> Package grub2-tools-minimal.x86_64 1:2.02-0.87.el7.centos.7 will be updated
---> Package grub2-tools-minimal.x86_64 1:2.02-0.87.0.1.el7.centos.9 will be an update
---> Package gzip.x86_64 0:1.5-10.el7 will be updated
---> Package gzip.x86_64 0:1.5-11.el7_9 will be an update
---> Package kernel.x86_64 0:3.10.0-1160.66.1.el7 will be installed
---> Package kernel-devel.x86_64 0:3.10.0-1160.66.1.el7 will be installed
---> Package kernel-headers.x86_64 0:3.10.0-1160.62.1.el7 will be updated
---> Package kernel-headers.x86_64 0:3.10.0-1160.66.1.el7 will be an update
---> Package kernel-tools.x86_64 0:3.10.0-1160.62.1.el7 will be updated
---> Package kernel-tools.x86_64 0:3.10.0-1160.66.1.el7 will be an update
---> Package kernel-tools-libs.x86_64 0:3.10.0-1160.62.1.el7 will be updated
---> Package kernel-tools-libs.x86_64 0:3.10.0-1160.66.1.el7 will be an update
---> Package nscd.x86_64 0:2.17-325.el7_9 will be updated
---> Package nscd.x86_64 0:2.17-326.el7_9 will be an update
---> Package python-perf.x86_64 0:3.10.0-1160.62.1.el7 will be updated
---> Package python-perf.x86_64 0:3.10.0-1160.66.1.el7 will be an update
---> Package zlib.x86_64 0:1.2.7-19.el7_9 will be updated
---> Package zlib.x86_64 0:1.2.7-20.el7_9 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================================================================================
Package Arch Version Repository Size
================================================================================================================================================
Installing:
kernel x86_64 3.10.0-1160.66.1.el7 updates 50 M
kernel-devel x86_64 3.10.0-1160.66.1.el7 updates 18 M
Updating:
at x86_64 3.1.13-25.el7_9 updates 51 k
glibc x86_64 2.17-326.el7_9 updates 3.6 M
glibc-common x86_64 2.17-326.el7_9 updates 12 M
glibc-devel x86_64 2.17-326.el7_9 updates 1.1 M
glibc-headers x86_64 2.17-326.el7_9 updates 691 k
grub2 x86_64 1:2.02-0.87.0.1.el7.centos.9 updates 34 k
grub2-common noarch 1:2.02-0.87.0.1.el7.centos.9 updates 732 k
grub2-pc x86_64 1:2.02-0.87.0.1.el7.centos.9 updates 34 k
grub2-pc-modules noarch 1:2.02-0.87.0.1.el7.centos.9 updates 858 k
grub2-tools x86_64 1:2.02-0.87.0.1.el7.centos.9 updates 1.8 M
grub2-tools-extra x86_64 1:2.02-0.87.0.1.el7.centos.9 updates 1.0 M
grub2-tools-minimal x86_64 1:2.02-0.87.0.1.el7.centos.9 updates 177 k
gzip x86_64 1.5-11.el7_9 updates 130 k
kernel-headers x86_64 3.10.0-1160.66.1.el7 updates 9.1 M
kernel-tools x86_64 3.10.0-1160.66.1.el7 updates 8.2 M
kernel-tools-libs x86_64 3.10.0-1160.66.1.el7 updates 8.1 M
nscd x86_64 2.17-326.el7_9 updates 289 k
python-perf x86_64 3.10.0-1160.66.1.el7 updates 8.2 M
zlib x86_64 1.2.7-20.el7_9 updates 90 k
Transaction Summary
================================================================================================================================================
Install 2 Packages
Upgrade 19 Packages
Total download size: 124 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/21): at-3.1.13-25.el7_9.x86_64.rpm | 51 kB 00:00:00
(2/21): glibc-common-2.17-326.el7_9.x86_64.rpm | 12 MB 00:00:00
(3/21): glibc-2.17-326.el7_9.x86_64.rpm | 3.6 MB 00:00:00
(4/21): glibc-devel-2.17-326.el7_9.x86_64.rpm | 1.1 MB 00:00:00
(5/21): glibc-headers-2.17-326.el7_9.x86_64.rpm | 691 kB 00:00:00
(6/21): grub2-common-2.02-0.87.0.1.el7.centos.9.noarch.rpm | 732 kB 00:00:00
(7/21): grub2-2.02-0.87.0.1.el7.centos.9.x86_64.rpm | 34 kB 00:00:00
(8/21): grub2-pc-2.02-0.87.0.1.el7.centos.9.x86_64.rpm | 34 kB 00:00:00
(9/21): grub2-pc-modules-2.02-0.87.0.1.el7.centos.9.noarch.rpm | 858 kB 00:00:00
(10/21): grub2-tools-extra-2.02-0.87.0.1.el7.centos.9.x86_64.rpm | 1.0 MB 00:00:00
(11/21): grub2-tools-2.02-0.87.0.1.el7.centos.9.x86_64.rpm | 1.8 MB 00:00:00
(12/21): grub2-tools-minimal-2.02-0.87.0.1.el7.centos.9.x86_64.rpm | 177 kB 00:00:00
(13/21): gzip-1.5-11.el7_9.x86_64.rpm | 130 kB 00:00:00
(14/21): kernel-devel-3.10.0-1160.66.1.el7.x86_64.rpm | 18 MB 00:00:00
(15/21): kernel-3.10.0-1160.66.1.el7.x86_64.rpm | 50 MB 00:00:00
(16/21): kernel-headers-3.10.0-1160.66.1.el7.x86_64.rpm | 9.1 MB 00:00:00
(17/21): kernel-tools-3.10.0-1160.66.1.el7.x86_64.rpm | 8.2 MB 00:00:00
(18/21): nscd-2.17-326.el7_9.x86_64.rpm | 289 kB 00:00:00
(19/21): kernel-tools-libs-3.10.0-1160.66.1.el7.x86_64.rpm | 8.1 MB 00:00:00
(20/21): python-perf-3.10.0-1160.66.1.el7.x86_64.rpm | 8.2 MB 00:00:00
(21/21): zlib-1.2.7-20.el7_9.x86_64.rpm | 90 kB 00:00:00
------------------------------------------------------------------------------------------------------------------------------------------------
Total 106 MB/s | 124 MB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : glibc-common-2.17-326.el7_9.x86_64 1/40
Updating : glibc-2.17-326.el7_9.x86_64 2/40
Updating : 1:grub2-common-2.02-0.87.0.1.el7.centos.9.noarch 3/40
Updating : 1:grub2-tools-minimal-2.02-0.87.0.1.el7.centos.9.x86_64 4/40
Updating : 1:grub2-tools-2.02-0.87.0.1.el7.centos.9.x86_64 5/40
Updating : 1:grub2-tools-extra-2.02-0.87.0.1.el7.centos.9.x86_64 6/40
Updating : 1:grub2-pc-modules-2.02-0.87.0.1.el7.centos.9.noarch 7/40
Updating : 1:grub2-pc-2.02-0.87.0.1.el7.centos.9.x86_64 8/40
Updating : kernel-tools-libs-3.10.0-1160.66.1.el7.x86_64 9/40
Updating : kernel-headers-3.10.0-1160.66.1.el7.x86_64 10/40
Updating : glibc-headers-2.17-326.el7_9.x86_64 11/40
Updating : glibc-devel-2.17-326.el7_9.x86_64 12/40
Updating : kernel-tools-3.10.0-1160.66.1.el7.x86_64 13/40
Updating : 1:grub2-2.02-0.87.0.1.el7.centos.9.x86_64 14/40
Updating : at-3.1.13-25.el7_9.x86_64 15/40
Updating : nscd-2.17-326.el7_9.x86_64 16/40
Updating : gzip-1.5-11.el7_9.x86_64 17/40
Updating : zlib-1.2.7-20.el7_9.x86_64 18/40
Updating : python-perf-3.10.0-1160.66.1.el7.x86_64 19/40
Installing : kernel-devel-3.10.0-1160.66.1.el7.x86_64 20/40
Installing : kernel-3.10.0-1160.66.1.el7.x86_64 21/40
Cleanup : kernel-tools-3.10.0-1160.62.1.el7.x86_64 22/40
Cleanup : glibc-devel-2.17-325.el7_9.x86_64 23/40
Cleanup : glibc-headers-2.17-325.el7_9.x86_64 24/40
Cleanup : 1:grub2-2.02-0.87.el7.centos.7.x86_64 25/40
Cleanup : 1:grub2-pc-2.02-0.87.el7.centos.7.x86_64 26/40
Cleanup : 1:grub2-tools-extra-2.02-0.87.el7.centos.7.x86_64 27/40
Cleanup : 1:grub2-pc-modules-2.02-0.87.el7.centos.7.noarch 28/40
Cleanup : 1:grub2-tools-2.02-0.87.el7.centos.7.x86_64 29/40
Cleanup : 1:grub2-tools-minimal-2.02-0.87.el7.centos.7.x86_64 30/40
Cleanup : kernel-tools-libs-3.10.0-1160.62.1.el7.x86_64 31/40
Cleanup : python-perf-3.10.0-1160.62.1.el7.x86_64 32/40
Cleanup : zlib-1.2.7-19.el7_9.x86_64 33/40
Cleanup : gzip-1.5-10.el7.x86_64 34/40
Cleanup : nscd-2.17-325.el7_9.x86_64 35/40
Cleanup : at-3.1.13-24.el7.x86_64 36/40
Cleanup : 1:grub2-common-2.02-0.87.el7.centos.7.noarch 37/40
Cleanup : kernel-headers-3.10.0-1160.62.1.el7.x86_64 38/40
Cleanup : glibc-common-2.17-325.el7_9.x86_64 39/40
Cleanup : glibc-2.17-325.el7_9.x86_64 40/40
Verifying : kernel-tools-3.10.0-1160.66.1.el7.x86_64 1/40
Verifying : glibc-headers-2.17-326.el7_9.x86_64 2/40
Verifying : 1:grub2-pc-2.02-0.87.0.1.el7.centos.9.x86_64 3/40
Verifying : 1:grub2-tools-extra-2.02-0.87.0.1.el7.centos.9.x86_64 4/40
Verifying : 1:grub2-tools-minimal-2.02-0.87.0.1.el7.centos.9.x86_64 5/40
Verifying : 1:grub2-tools-2.02-0.87.0.1.el7.centos.9.x86_64 6/40
Verifying : kernel-3.10.0-1160.66.1.el7.x86_64 7/40
Verifying : at-3.1.13-25.el7_9.x86_64 8/40
Verifying : nscd-2.17-326.el7_9.x86_64 9/40
Verifying : 1:grub2-pc-modules-2.02-0.87.0.1.el7.centos.9.noarch 10/40
Verifying : kernel-tools-libs-3.10.0-1160.66.1.el7.x86_64 11/40
Verifying : gzip-1.5-11.el7_9.x86_64 12/40
Verifying : glibc-2.17-326.el7_9.x86_64 13/40
Verifying : 1:grub2-2.02-0.87.0.1.el7.centos.9.x86_64 14/40
Verifying : glibc-common-2.17-326.el7_9.x86_64 15/40
Verifying : kernel-headers-3.10.0-1160.66.1.el7.x86_64 16/40
Verifying : 1:grub2-common-2.02-0.87.0.1.el7.centos.9.noarch 17/40
Verifying : zlib-1.2.7-20.el7_9.x86_64 18/40
Verifying : glibc-devel-2.17-326.el7_9.x86_64 19/40
Verifying : kernel-devel-3.10.0-1160.66.1.el7.x86_64 20/40
Verifying : python-perf-3.10.0-1160.66.1.el7.x86_64 21/40
Verifying : 1:grub2-pc-modules-2.02-0.87.el7.centos.7.noarch 22/40
Verifying : zlib-1.2.7-19.el7_9.x86_64 23/40
Verifying : kernel-tools-libs-3.10.0-1160.62.1.el7.x86_64 24/40
Verifying : gzip-1.5-10.el7.x86_64 25/40
Verifying : 1:grub2-tools-2.02-0.87.el7.centos.7.x86_64 26/40
Verifying : 1:grub2-tools-minimal-2.02-0.87.el7.centos.7.x86_64 27/40
Verifying : 1:grub2-tools-extra-2.02-0.87.el7.centos.7.x86_64 28/40
Verifying : kernel-tools-3.10.0-1160.62.1.el7.x86_64 29/40
Verifying : glibc-devel-2.17-325.el7_9.x86_64 30/40
Verifying : python-perf-3.10.0-1160.62.1.el7.x86_64 31/40
Verifying : glibc-headers-2.17-325.el7_9.x86_64 32/40
Verifying : nscd-2.17-325.el7_9.x86_64 33/40
Verifying : glibc-common-2.17-325.el7_9.x86_64 34/40
Verifying : at-3.1.13-24.el7.x86_64 35/40
Verifying : kernel-headers-3.10.0-1160.62.1.el7.x86_64 36/40
Verifying : glibc-2.17-325.el7_9.x86_64 37/40
Verifying : 1:grub2-2.02-0.87.el7.centos.7.x86_64 38/40
Verifying : 1:grub2-pc-2.02-0.87.el7.centos.7.x86_64 39/40
Verifying : 1:grub2-common-2.02-0.87.el7.centos.7.noarch 40/40
Installed:
kernel.x86_64 0:3.10.0-1160.66.1.el7 kernel-devel.x86_64 0:3.10.0-1160.66.1.el7
Updated:
at.x86_64 0:3.1.13-25.el7_9 glibc.x86_64 0:2.17-326.el7_9
glibc-common.x86_64 0:2.17-326.el7_9 glibc-devel.x86_64 0:2.17-326.el7_9
glibc-headers.x86_64 0:2.17-326.el7_9 grub2.x86_64 1:2.02-0.87.0.1.el7.centos.9
grub2-common.noarch 1:2.02-0.87.0.1.el7.centos.9 grub2-pc.x86_64 1:2.02-0.87.0.1.el7.centos.9
grub2-pc-modules.noarch 1:2.02-0.87.0.1.el7.centos.9 grub2-tools.x86_64 1:2.02-0.87.0.1.el7.centos.9
grub2-tools-extra.x86_64 1:2.02-0.87.0.1.el7.centos.9 grub2-tools-minimal.x86_64 1:2.02-0.87.0.1.el7.centos.9
gzip.x86_64 0:1.5-11.el7_9 kernel-headers.x86_64 0:3.10.0-1160.66.1.el7
kernel-tools.x86_64 0:3.10.0-1160.66.1.el7 kernel-tools-libs.x86_64 0:3.10.0-1160.66.1.el7
nscd.x86_64 0:2.17-326.el7_9 python-perf.x86_64 0:3.10.0-1160.66.1.el7
zlib.x86_64 0:1.2.7-20.el7_9
Complete!
[root@ecs-tdouya-cicd ~]#
3.2 安装依赖组件
- policycoreutils:SELinux项目,是对 Linux 的安全增强,它允许用户和管理员对访问控制进行更多控制。
- openssh-server / openssh-clients:OpenSSH是SSH(Secure SHell)的免费版本,是一个用于登录远程计算机并在其上执行命令的程序。此包包括与SSH服务器进行加密连接所需的客户端。
- postfix:一种流行的开源邮件传输代理(MTA),可用于在Linux系统上路由和传递电子邮件。据估计,互联网上大约25%的公共邮件服务器运行Postfix。
3.2.1 命令
yum -y install policycoreutils openssh-server openssh-clients postfix
yum -y install policycoreutils-python
3.2.2 执行过程
[root@ecs-tdouya-cicd ~]# yum -y install policycoreutils openssh-server openssh-clients postfix
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Package policycoreutils-2.5-34.el7.x86_64 already installed and latest version
Package openssh-server-7.4p1-22.el7_9.x86_64 already installed and latest version
Package openssh-clients-7.4p1-22.el7_9.x86_64 already installed and latest version
Nothing to do
[root@ecs-tdouya-cicd ~]# yum -y install policycoreutils-python
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package policycoreutils-python.x86_64 0:2.5-34.el7 will be installed
--> Processing Dependency: setools-libs >= 3.3.8-4 for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libsemanage-python >= 2.5-14 for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libcgroup for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-34.el7.x86_64
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.8.5-4.el7 will be installed
---> Package checkpolicy.x86_64 0:2.5-8.el7 will be installed
---> Package libcgroup.x86_64 0:0.41-21.el7 will be installed
---> Package libsemanage-python.x86_64 0:2.5-14.el7 will be installed
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
---> Package setools-libs.x86_64 0:3.3.8-4.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================================================================================
Package Arch Version Repository Size
================================================================================================================================================
Installing:
policycoreutils-python x86_64 2.5-34.el7 base 457 k
Installing for dependencies:
audit-libs-python x86_64 2.8.5-4.el7 base 76 k
checkpolicy x86_64 2.5-8.el7 base 295 k
libcgroup x86_64 0.41-21.el7 base 66 k
libsemanage-python x86_64 2.5-14.el7 base 113 k
python-IPy noarch 0.75-6.el7 base 32 k
setools-libs x86_64 3.3.8-4.el7 base 620 k
Transaction Summary
================================================================================================================================================
Install 1 Package (+6 Dependent packages)
Total download size: 1.6 M
Installed size: 5.3 M
Downloading packages:
(1/7): audit-libs-python-2.8.5-4.el7.x86_64.rpm | 76 kB 00:00:00
(2/7): libcgroup-0.41-21.el7.x86_64.rpm | 66 kB 00:00:00
(3/7): libsemanage-python-2.5-14.el7.x86_64.rpm | 113 kB 00:00:00
(4/7): policycoreutils-python-2.5-34.el7.x86_64.rpm | 457 kB 00:00:00
(5/7): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:00:00
(6/7): checkpolicy-2.5-8.el7.x86_64.rpm | 295 kB 00:00:00
(7/7): setools-libs-3.3.8-4.el7.x86_64.rpm | 620 kB 00:00:00
------------------------------------------------------------------------------------------------------------------------------------------------
Total 8.8 MB/s | 1.6 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
Installing : libcgroup-0.41-21.el7.x86_64 1/7
Installing : setools-libs-3.3.8-4.el7.x86_64 2/7
Installing : audit-libs-python-2.8.5-4.el7.x86_64 3/7
Installing : python-IPy-0.75-6.el7.noarch 4/7
Installing : libsemanage-python-2.5-14.el7.x86_64 5/7
Installing : checkpolicy-2.5-8.el7.x86_64 6/7
Installing : policycoreutils-python-2.5-34.el7.x86_64 7/7
Verifying : checkpolicy-2.5-8.el7.x86_64 1/7
Verifying : libsemanage-python-2.5-14.el7.x86_64 2/7
Verifying : python-IPy-0.75-6.el7.noarch 3/7
Verifying : policycoreutils-python-2.5-34.el7.x86_64 4/7
Verifying : audit-libs-python-2.8.5-4.el7.x86_64 5/7
Verifying : setools-libs-3.3.8-4.el7.x86_64 6/7
Verifying : libcgroup-0.41-21.el7.x86_64 7/7
Installed:
policycoreutils-python.x86_64 0:2.5-34.el7
Dependency Installed:
audit-libs-python.x86_64 0:2.8.5-4.el7 checkpolicy.x86_64 0:2.5-8.el7 libcgroup.x86_64 0:0.41-21.el7
libsemanage-python.x86_64 0:2.5-14.el7 python-IPy.noarch 0:0.75-6.el7 setools-libs.x86_64 0:3.3.8-4.el7
Complete!
[root@ecs-tdouya-cicd opt]#
3.2.3 安装后设定自动启动服务
[root@ecs-tdouya-cicd ~]# systemctl enable sshd && sudo systemctl start sshd
[root@ecs-tdouya-cicd ~]# systemctl enable postfix && systemctl start postfix
[root@ecs-tdouya-cicd ~]#
3.3 安装JDK
3.3.1 检查系统已安装JDK
[root@ecs-tdouya-cicd opt]# rpm -qa|grep java
[root@ecs-tdouya-cicd opt]#
- 以上说明阿里云的CentOS7.9公共镜像没有安装任何jdk或openjdk。这点还挺好的。
3.3.2 安装JDK
- 本想去oracle安装最新的1.8,但是orcale.com总是无法登录。 于是在网上找了一个版本。
- 注意:下面的阿里云OSS地址是假的,只是我不喜欢用sftp工具,放到了自己的OSS地址上。
[root@ecs-tdouya-cicd opt]# wget https://damioss.oss-cn-area.aliyuncs.com/software/jdk/jdk-8u221-linux-x64.rpm
--2022-06-05 10:27:57-- https://damioss.oss-cn-area.aliyuncs.com/software/jdk/jdk-8u221-linux-x64.rpm
Resolving damioss.oss-cn-area.aliyuncs.com (damioss.oss-cn-area.aliyuncs.com)... 59.110.185.111
Connecting to damioss.oss-cn-area.aliyuncs.com (damioss.oss-cn-area.aliyuncs.com)|59.110.185.111|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 179505388 (171M) [application/x-redhat-package-manager]
Saving to: ‘jdk-8u221-linux-x64.rpm’
100%[======================================================================================================>] 179,505,388 11.4MB/s in 14s
2022-06-05 10:28:11 (12.3 MB/s) - ‘jdk-8u221-linux-x64.rpm’ saved [179505388/179505388]
[root@ecs-tdouya-cicd opt]# ll
total 334792
-rw-r--r-- 1 root root 163310504 Apr 27 02:41 jdk-18_linux-x64_bin.rpm
-rw-r--r-- 1 root root 179505388 Jun 5 10:27 jdk-8u221-linux-x64.rpm
[root@ecs-tdouya-cicd opt]# rm -f jdk-18_linux-x64_bin.rpm
[root@ecs-tdouya-cicd opt]# ll
total 175304
-rw-r--r-- 1 root root 179505388 Jun 5 10:27 jdk-8u221-linux-x64.rpm
[root@ecs-tdouya-cicd opt]# rpm -ivh jdk-8u221-linux-x64.rpm
warning: jdk-8u221-linux-x64.rpm: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:jdk1.8-2000:1.8.0_221-fcs ################################# [100%]
Unpacking JAR files...
tools.jar...
plugin.jar...
javaws.jar...
deploy.jar...
rt.jar...
jsse.jar...
charsets.jar...
localedata.jar...
[root@ecs-tdouya-cicd opt]#
3.3.3 安装后验证
[root@ecs-tdouya-cicd opt]# java -version
java version "1.8.0_221"
Java(TM) SE Runtime Environment (build 1.8.0_221-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.221-b11, mixed mode)
[root@ecs-tdouya-cicd opt]#
4 安装Gitlab
4.1 下载
去清华镜像,找最新的Gitlab安装包。最新的是gitlab-ce-15.0.1-ce.0.el7.x86_64.rpm (截至2022/06/05)
[root@ecs-tdouya-cicd opt]# wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-15.0.1-ce.0.el7.x86_64.rpm
--2022-06-05 10:33:21-- https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-15.0.1-ce.0.el7.x86_64.rpm
Resolving mirrors.tuna.tsinghua.edu.cn (mirrors.tuna.tsinghua.edu.cn)... 101.6.15.130, 2402:f000:1:400::2
Connecting to mirrors.tuna.tsinghua.edu.cn (mirrors.tuna.tsinghua.edu.cn)|101.6.15.130|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1070774287 (1021M) [application/x-redhat-package-manager]
Saving to: ‘gitlab-ce-15.0.1-ce.0.el7.x86_64.rpm’
100%[====================================================================================================>] 1,070,774,287 11.7MB/s in 87s
2022-06-05 10:34:48 (11.8 MB/s) - ‘gitlab-ce-15.0.1-ce.0.el7.x86_64.rpm’ saved [1070774287/1070774287]
[root@ecs-tdouya-cicd opt]#
4.2 安装
4.2.1 命令
rpm -ivh gitlab-ce-15.0.1-ce.0.el7.x86_64.rpm
4.2.2 执行过程
[root@ecs-tdouya-cicd opt]# rpm -ivh gitlab-ce-15.0.1-ce.0.el7.x86_64.rpm
warning: gitlab-ce-15.0.1-ce.0.el7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID f27eab47: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:gitlab-ce-15.0.1-ce.0.el7 ################################# [100%]
It looks like GitLab has not been configured yet; skipping the upgrade script.
*. *.
*** ***
***** *****
.****** *******
******** ********
,,,,,,,,,***********,,,,,,,,,
,,,,,,,,,,,*********,,,,,,,,,,,
.,,,,,,,,,,,*******,,,,,,,,,,,,
,,,,,,,,,*****,,,,,,,,,.
,,,,,,,****,,,,,,
.,,,***,,,,
,*,.
_______ __ __ __
/ ____(_) /_/ / ____ _/ /_
/ / __/ / __/ / / __ `/ __ \
/ /_/ / / /_/ /___/ /_/ / /_/ /
\____/_/\__/_____/\__,_/_.___/
Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
sudo gitlab-ctl reconfigure
For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md
Help us improve the installation experience, let us know how we did with a 1 minute survey:
https://gitlab.fra1.qualtrics.com/jfe/form/SV_6kVqZANThUQ1bZb?installation=omnibus&release=15-0
[root@ecs-tdouya-cicd opt]#
4.3 配置
4.3.1 修改设置文件 gitlab.rb
4.3.1.1 命令
vim /etc/gitlab/gitlab.rb
4.3.1.2 网站域名配置
32 external_url 'http://domain.com:8888'
1439 nginx['listen_port'] = 8888
此处的domain.com和端口号做脱敏处理,32为我的配置文件行号
配置完域名和端口号后,进行了域名解析。 解析完成后,第一次尝试启动Gitlab
命令
gitlab-ctl reconfigure
gitlab-ctl restart
执行启动步骤
[root@ecs-tdouya-cicd opt]# gitlab-ctl reconfigure
Starting Cinc Client, version 15.17.4
resolving cookbooks for run list: ["gitlab"]
Synchronizing Cookbooks:
- gitlab (0.0.1)
- package (0.1.0)
- logrotate (0.1.0)
- postgresql (0.1.0)
- redis (0.1.0)
#######################
#! 这里中间省掉了N多行 !#
#######################
Recipe: gitlab::gitlab-rails
* execute[clear the gitlab-rails cache] action run
- execute /opt/gitlab/bin/gitlab-rake cache:clear
Recipe: gitlab-kas::enable
* runit_service[gitlab-kas] action restart (up to date)
Recipe: nginx::enable
* runit_service[nginx] action restart (up to date)
Recipe: monitoring::grafana
* runit_service[grafana] action restart (up to date)
Running handlers:
Running handlers complete
Cinc Client finished, 11/826 resources updated in 59 seconds
gitlab Reconfigured!
[root@ecs-tdouya-cicd opt]# gitlab-ctl restart
ok: run: alertmanager: (pid 9151) 0s
ok: run: gitaly: (pid 9160) 1s
ok: run: gitlab-exporter: (pid 9174) 0s
ok: run: gitlab-kas: (pid 9176) 0s
ok: run: gitlab-workhorse: (pid 9184) 0s
ok: run: grafana: (pid 9193) 0s
ok: run: logrotate: (pid 9207) 1s
ok: run: nginx: (pid 9214) 0s
ok: run: node-exporter: (pid 9220) 1s
ok: run: postgres-exporter: (pid 9225) 0s
ok: run: postgresql: (pid 9238) 1s
ok: run: prometheus: (pid 9248) 0s
ok: run: puma: (pid 9414) 0s
ok: run: redis: (pid 9419) 0s
ok: run: redis-exporter: (pid 9429) 1s
ok: run: sidekiq: (pid 9444) 0s
[root@ecs-tdouya-cicd opt]#
4.3.1.3 邮件发送设定
邮件配置,在Gitlab中是很重要的内容。如果修改密码、创建组、创建仓库都会用到。最好配置到。
此处,我用的阿里云企业邮箱。 这一步是在整个安装过程中耗时最久的一个步骤。
阿里云邮箱是禁用25端口的。 所以只能用SSL/TLS的方式,走465端口。之前用华为云的时候,25端口是没问题的。
4.3.1.3.1 配置文件
80 gitlab_rails['smtp_enable'] = true
81 gitlab_rails['smtp_address'] = "smtp.mxhichina.com"
82 gitlab_rails['smtp_port'] = 465
83 gitlab_rails['smtp_user_name'] = "gitlab@domain.com"
84 gitlab_rails['smtp_password'] = "XXXXXX"
85 gitlab_rails['smtp_domain'] = "mxhichina.com"
86 gitlab_rails['smtp_authentication'] = "login"
87 gitlab_rails['smtp_enable_starttls_auto'] = true
88 gitlab_rails['smtp_tls'] = true
89 # gitlab_rails['smtp_pool'] = false
90
91 ###! **Can be: 'none', 'peer', 'client_once', 'fail_if_no_peer_cert'**
92 ###! Docs: http://api.rubyonrails.org/classes/ActionMailer/Base.html
93 gitlab_rails['smtp_openssl_verify_mode'] = 'peer'
94
95 # gitlab_rails['smtp_ca_path'] = "/etc/ssl/certs"
96 # gitlab_rails['smtp_ca_file'] = "/etc/ssl/certs/ca-certificates.crt"
97
98 ### Email Settings
99
100 gitlab_rails['gitlab_email_enabled'] = true
101
102 ##! If your SMTP server does not like the default 'From: gitlab@gitlab.example.com'
103 ##! can change the 'From' with this setting.
104 gitlab_rails['gitlab_email_from'] = 'gitlab@domain.com'
105 gitlab_rails['gitlab_email_display_name'] = 'tdouya.biz'
106 gitlab_rails['gitlab_email_reply_to'] = 'gitlab@domain.com'
107 gitlab_rails['gitlab_email_subject_suffix'] = ''
4.3.1.3.2 测试邮件验证
STEP 1. 通过控制台对配置文件进行测试
GitLab 版本不同,命令会有所不同(网上说的而基本都是 gitlab-rails console production ),可以查 GitLab 官网去找对应版本的命令
[root@ecs-tdouya-cicd gitlab]# gitlab-rails console -e production
--------------------------------------------------------------------------------
Ruby: ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux]
GitLab: 15.0.1 (39b217000de) FOSS
GitLab Shell: 14.3.0
PostgreSQL: 13.6
------------------------------------------------------------[ booted in 45.74s ]
Loading production environment (Rails 6.1.4.7)
irb(main):001:0> Notify.test_email('self@email.com','GitLab测试邮件','此邮件只用于GitLab测试').deliver_now
Delivered mail 629c3d034be75_19a745d826b@ecs-tdouya-cicd.mail (870.8ms)
=> #<Mail::Message:270940, Multipart: false, Headers: <Date: Sun, 05 Jun 2022 13:20:03 +0800>, <From: "tdouya.biz" <gitlab@domain.com>>, <Reply-To: "tdouya.biz" <gitlab@domain.com>>, <To: self@email.com>, <Message-ID: <629c3d034be75_19a745d826b@ecs-tdouya-cicd.mail>>, <Subject: GitLab测试邮件>, <Mime-Version: 1.0>, <Content-Type: text/html; charset=UTF-8>, <Content-Transfer-Encoding: 7bit>, <Auto-Submitted: auto-generated>, <X-Auto-Response-Suppress: All>>
irb(main):002:0> quit
[root@ecs-tdouya-cicd gitlab]#
STEP 2. 确实收到邮件
4.3.2 修改root用户密码
我装的是Gitlab的15.0.1。之前第一次进入Gitlab网页的时候,是先让设定root用户的密码。 但是这次安装并没有这个页面, 也不是空密码。 所以只能用控制台进行设置。
直接上修改过程
#### 还是进入控制台,这一步超级慢
[root@ecs-tdouya-cicd gitlab]# gitlab-rails console -e production
--------------------------------------------------------------------------------
Ruby: ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux]
GitLab: 15.0.1 (39b217000de) FOSS
GitLab Shell: 14.3.0
PostgreSQL: 13.6
------------------------------------------------------------[ booted in 45.74s ]
Loading production environment (Rails 6.1.4.7)
irb(main):001:0>User.all #### 列出所有的用户,目前只有root用户一个
=> #<ActiveRecord::Relation [#<User id:1 @root>]>
irb(main):002:0> user = User.where(id:1).first #### 设定操作的user
=> #<User id:1 @root>
irb(main):003:0> user.password = 'T1234567890' #### 修改密码
=> "T1234567890"
irb(main):005:0> user.password_confirmation = 'T1234567890' #### 确认密码
=> "T1234567890"
irb(main):006:0> user.save! #### 保存。 叹号是必须的。 看到true说明修改成功。
=> true
irb(main):007:0> quit
4.3.3 设置ICP备案号
这一点,IT的同学有些同学可能会忽略, 而公司市场部(管公司网站)的同学大概率不会管Gitlab这样的系统。
如果IT的同学在公司内网部署Gitlab,这步完全没有必要。 但是如果是在互联网上,同时你还绑了域名的话,从合规性的角度这一步就是必须的了。 按照规定,国内服务器的站点没有设置备案号的,是要被罚款的哦。
修改方法直接用代码说,需要修改的就是这个 _footer.html.haml 文件。 此文件默认是英文的,那我想汉化的话,就顺便都改成中文了。
[root@ecs-tdouya-cicd shared]# cat /opt/gitlab/embedded/service/gitlab-rails/app/views/devise/shared/_footer.html.haml
%hr.footer-fixed
.container.footer-container
.footer-links
- unless public_visibility_restricted?
= link_to _("浏览公开代码库"), explore_root_path
= link_to _("帮助"), help_path
= link_to _("关于GitLab"), "https://#{ApplicationHelper.promo_host}"
= link_to _("京ICP备XXXXXXX号-1"), "http://beian.miit.gov.cn/"
= footer_message
[root@ecs-tdouya-cicd shared]#
显示出来就是如下这个样子
4.3.4 设置中文
Gitlab的语言设置是分用户的。 并不在管理员设置里面。 任何用户都可以设置自己的语言选项。 修改方法如下图:
5 一些Tips(陆续更新)
5.1 502 | 500错误
- 502 错误首先要排除是否是属于端口冲突。 这一点要首先排查。如果是端口冲突,请参考本文4.3.1.2 网站域名控制。
- 如果是你服务器刚刚启动, 可以稍微等一下。 Gitlab本身非常吃配置。 我用2vCPU+4GB内存的配置已经几乎是最低配置了。 所以,可以等一下,大概1分钟左右,然后F5刷新一下。
1798
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
