基础环境配置
系统信息
ID | 主机名 | ip | 开放端口 |
---|---|---|---|
1 | gitlab-ci | 172.24.3.241 | 443、2022 |
2 | gitlab-runner-1 | 172.24.3.242 | |
3 | gitlab-registry | 172.24.3.243 | 5000 |
4 | gitlab-runner-2 | 172.24.3.244 |
通用配置
以下操作所有主机节点执行
添加/etc/hosts文件内容
172.24.3.241 gitlab-ci
172.24.3.242 gitlab-runner-1
172.24.3.243 gitlab-registry
172.24.3.244 gitlab-runner-2
安装docker
sudo yum -y install docker
添加Docker镜像加速节点
使用root用户安装,执行下面命令:
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": [
"http://docker.mirrors.ustc.edu.cn",
"http://hub-mirror.c.163.com",
"https://registry.docker-cn.com"
],
"insecure-registries": ["gitlab-registry:5000"] ##为本地镜像仓库
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
使用非root用户安装,同时执行以下命令:
mkdir -p ~/.config/docker
tee ~/.config/docker/daemon.json <<-'EOF'
{
"registry-mirrors": [
"http://docker.mirrors.ustc.edu.cn",
"http://hub-mirror.c.163.com",
"https://registry.docker-cn.com"
],
"insecure-registries": ["gitlab-registry:5000"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
环境部署
部署GitLab CI/CD
本步骤操作在 172.24.3.241 gitlab-ce 节点执行
官方版本安装方法
docker pull gitlab/gitlab-ce
docker run -d \
--hostname gitlab.bgctv.com.cn \
--name gitlab-ce \
--restart always \
-p 443:443 -p 2022:22 \
-v /etc/localtime:/etc/localtime:ro \
-v /usr/local/gitlab/gitlab-ce/config:/etc/gitlab \
-v /usr/local/gitlab/gitlab-ce/logs:/var/log/gitlab \
-v /usr/local/gitlab/gitlab-ce/opt:/var/opt/gitlab \
gitlab/gitlab-ce
国内极狐(中文)版本安装方法
docker pull registry.gitlab.cn/omnibus/gitlab-jh
docker run -d \
--hostname gitlab.bgctv.com.cn \
--name gitlab-jh \
--restart always \
-p 443:443 -p 2022:22 \
-v /etc/localtime:/etc/localtime:ro \
-v /usr/local/gitlab/gitlab-jh/config:/etc/gitlab \
-v /usr/local/gitlab/gitlab-jh/logs:/var/log/gitlab \
-v /usr/local/gitlab/gitlab-jh/opt:/var/opt/gitlab \
registry.gitlab.cn/omnibus/gitlab-jh
默认root用户密码
cat /usr/local/gitlab/gitlab-ce/config/initial_root_password #安装完成24小时后自动删除
Db54Gi2NN/kWzHAhba1DrtJzNkxXi5S/09xJLDzGGbI=
# 首先看一下本机的IP地址,并且记录下来,这里假定是192.168.xxx.xxx
ifconfig
# 进入容器内部
docker exec -it gitlab bash
# 修改gitlab.rb
vi /etc/gitlab/gitlab.rb
# 修改下面的配置
# gitlab访问地址,可以写域名。如果端口不写的话默认为80端口
external_url 'http://192.168.xxx.xxx'
# ssh主机ip
gitlab_rails['gitlab_ssh_host'] = '192.168.xxx.xxx'
#设置时区为北京时间
gitlab_rails['time_zone'] = 'UTC +8'
# ssh连接端口
gitlab_rails['gitlab_shell_ssh_port'] = 2022
#开启https
nginx['redirect_http_to_https'] = true
#配置证书
nginx['ssl_certificate'] = "/etc/gitlab/ssl/9167262__bgctv.com.cn.pem"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/9167262__bgctv.com.cn.key"
##邮箱配置##按需配置
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.163.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "xxxx@163.com"
gitlab_rails['smtp_password'] = "XXXXX通过邮箱网站生成专用密码,密码获取方式见下文##"
gitlab_rails['smtp_domain'] = "163.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true ##邮箱要求开启ssl即开启此选项
gitlab_rails['gitlab_email_enabled'] = true
##配置发送邮件的邮箱、发件人名称
gitlab_rails['gitlab_email_from'] = 'xx@163.com'
gitlab_rails['gitlab_email_display_name'] = 'Gitlab server'
user['git_user_email'] = 'XX@163.com'
gitlab_rails['gitlab_default_can_create_group'] = true
gitlab_rails['gitlab_username_changing_enabled'] = true
# 让配置生效
gitlab-ctl reconfigure
gitlab-ctl restart
#重新配置后会/etc/gitlab/gitlab.rb文件会更新gitlab.yml这个文件。
邮箱测试方法
#进入console模式
gitlab-rails console
#发送短信(收件人,主题,内容)
Notify.test_email('xxx@163.com', 'test123', 'test123').deliver_now
获取163邮箱的密码
报错处理
WARNING: IPv4 forwarding is disabled. Networking will not work.
执行下述命令解决:
echo "net.ipv4.ip_forward=1" >>/usr/lib/sysctl.d/00-system.conf
systemctl restart network
部署Gitlab-Runner
本步骤操作在 172.24.3.242 gitlab-Runner 节点执行
Gitlab-runner容器需要挂载一个路径:config,用来保存配置数据。同时我们需要指定宿主机运行docker的sock文件,这样runner在启动docker容器的时候会调用宿主机的docker-daemon,不需要再Gitlab-runner中再安装docker-daemon
docker pull gitlab/gitlab-runner
docker run -d \
--name gitlab-runner \
--restart always \
-v /usr/local/gitlab/gitlab-runner/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner
向Gitlab注册Runner
- 登录Gitlab,并修改初始密码
- 获取Runner的token
#登陆容器内部
docker exec -it gitlab-runner /bin/bash
#注册runner
root@c6653ec7e562:/# gitlab-runner register
Runtime platform arch=amd64 os=linux pid=51 revision=5316d4ac version=14.6.0
Running in system-mode.
Enter the GitLab instance URL (for example, https://gitlab.com/):
https://gitlab.bgctv.com.cn
Enter the registration token:
-RvmES-yp7zqNT-CnQBX
Enter a description for the runner:
[c6653ec7e562]: runner-1
Enter tags for the runner (comma-separated):
Test
Registering runner... succeeded runner=-RvmES-y
Enter an executor: virtualbox, docker+machine, kubernetes, custom, parallels, shell, docker-ssh+machine, docker, docker-ssh, ssh:
docker
Enter the default Docker image (for example, ruby:2.6):
docker:20.10.16
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
root@c6653ec7e562:/#
root@c6653ec7e562:/# exit
exit
验证
部署Gitlab-Registry
本步骤操作在 172.24.3.243 Gitlab-Registry 节点执行
docker pull registry
docker run -d \
--name gitlab-registry \
--restart always \
-p 5000:5000 \
-v /usr/local/gitlab/gitlab-registry:/var/lib/registry \
registry