版本控制系统 Gitlab 持续集成工具 Jenkins部署工具 Ansible Saltstack Chef
本文通过Jenkins + Ansible + Gitlab实现自动化部署。
环境准备
需要3台机器做环境准备。
- 角色划分:
Jenkins + Ansible 192.168.174.129test host 192.168.174.128gitlab 192.168.174.130
- 关闭防火墙和selinux:
# systemctl stop firewalld && systemctl disable firewalld# setenforce 0 && sed -i 's/=enforcing/=disabled/g' /etc/selinux/config
- 添加本地dns:
# vim /etc/hosts192.168.174.128 jekins.lyklinux.com192.168.174.129 test.lyklinux.com192.168.174.130 gitlab.lyklinux.com
在Windows电脑hosts文件中添加本地dns:
192.168.174.128 jekins.lyklinux.com192.168.174.129 test.lyklinux.com192.168.174.130 gitlab.lyklinux.com
Gitlab安装配置管理
- 安装gitlab-ce:
# yum install -y curl policycoreutils openssh-server openssh-clients postfix #安装gitlab组件# curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash #配置yum仓库# systemctl start postfix && systemctl enable postfix #启动postfix邮件服务# yum install -y gitlab-ce
- 证书创建与配置加载:
mkdir -p /etc/gitlab/ssl openssl genrsa -out "/etc/gitlab/ssl/gitlab.lyklinux.com.key" 2048 openssl req -new -key "/etc/gitlab/ssl/gitlab.lyklinux.com.key" -out "/etc/gitlab/ssl/gitlab.lyklinux.com.csr" Country Name (2 letter code) [XX]:cnState or Province Name (full name) []:sdLocality Name (eg, city) [Default City]:qdOrganization Name (eg, company) [Default Company Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:gitlab.lyklinux.comEmail Address []:admin@lyklinux.comPlease enter the following 'extra' attributesto be sent with your certificate requestA challenge password []:aaaaaaAn optional company name []:lyk
openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.lyklinux.com.csr" -signkey "/etc/gitlab/ssl/gitlab.lyklinux.com.key" -out "/etc/gitlab/ssl/gitlab.lyklinux.com.crt"openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048chmod 600 /etc/gitlab/ssl/*ll /etc/gitlab/ssl
![321080098b4d171c83fc39c8a3b52453.png](https://i-blog.csdnimg.cn/blog_migrate/7921e822b59706a43c6634266e9bb09c.jpeg)
- nginx SSL代理服务配置:
vim /etc/gitlab/gitlab.rb #修改下面内容external_url 'https://gitlab.lyklinux.com'nginx['redirect_http_to_https'] = truenginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.lyklinux.com.crt"nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.lyklinux.com.key"nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"unicorn['port'] = 9090
- 初始化gitlab相关服务并完成安装:
# gitlab-ctl reconfigure# vim /var/opt/gitlab/nginx/conf/gitlab-http.conf #第一个 server_name gitlab.lyklinux.com; 下添加该行rewrite ^(.*)$ https://$host$1 permanent;# gitlab-ctl restart #重启gitlab
- 打开网页,访问 gitlab.lyklinux.com
- 访问GitLab一直502, 最后发现是虚拟机内存不够, 法克!! 必须保证 4G 内存以上 , 否则跑不起来.
- 第一次访问提示设置密码,设置密码后登录,默认用户名是root。
![c6f12d1f329d5c26277c58a56a1b5a58.png](https://i-blog.csdnimg.cn/blog_migrate/01536232dd1035c15931ab0bd2f309b3.jpeg)
- 点击右上方+ → New porject,Project name输入test-repo,Visibility Level选择默认的Private即可,最后点击Create project创建项目。
gitlab工作流程
- 任选一台其它机器,192.168.174.129 test
yum install -y gitecho '192.168.174.130 gitlab.lyklinux.com' >> /etc/hostsmkdir /home/repo && cd /home/repogit config --global user.name "admin"git config --global user.email "admin@lyklinux.com"git -c http.sslVerify=false clone https://gitlab.lyklinux.com/root/test-pro.git
cd test-pro/vim readme.mdgit add .git commit -m "First commit" > [master(根提交) 800a609] First commit> 1 file changed, 1 insertion(+)> create mode 100644 readme.mdgit -c http.sslVerify=false push origin master> Username for 'https://gitlab.lyklinux.com': root> Password for 'https://root@gitlab.lyklinux.com': > Counting objects: 3, done.> Compressing objects: 100% (2/2), done.> Writing objects: 100% (3/3), 555 bytes | 0 bytes/s, done.> Total 3 (delta 0), reused 0 (delta 0)> To https://gitlab.lyklinux.com/root/test-pro.git> * [new branch] master -> master
- 刷新浏览器,即可看到刚推送到gitlab服务端的代码。
Gitlab的使用
- 检查gitlab健康状态:
点击左上方Admin Area → Monitoring
- 创建开发人员与项目领导的账号并分配各自角色权限:
点击左上方Admin Area → New user,首先创建开发人员的账号。 填入用户名和邮箱地址后,其余保持默认,点击Create user创建用户。 同样方式创建项目领导的账号。 接着将新增用户加入到之前创建的项目test-repo中。点击左侧Projects → test-repo →Members 选中dev账号,然后分配Developer角色权限,点击Add to project添加该用户到项目中。 同样方法添加lead账号到项目中。接着修改两个账号的密码,设置初始密码为12345678
- 开发人员提交代码到feature分支并发出合并master分支申请: 选择之前git提交过代码的机器,
cd /home/reporm -rf test-pro/git -c http.sslVerify=false clone https://gitlab.lyklinux.com/root/test-pro.git> 正克隆到 'test-pro'...> Username for 'https://gitlab.lyklinux.com': dev #使用dev账号> Password for 'https://dev@gitlab.lyklinux.com': > remote: Enumerating objects: 3, done.> remote: Counting objects: 100% (3/3), done.> remote: Compressing objects: 100% (2/2), done.> remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0> Unpacking objects: 100% (3/3), done.cd test-pro/git checkout -b release-1.0> 切换到一个新分支 'release-1.0'ls> readme.mdvim test.py > print "This is a test code for release-1.0"git add .git commit -m "release-1.0"> [release-1.0 750696a] release-1.0> 1 file changed, 1 insertion(+)> create mode 100644 test.pygit -c http.sslVerify=false push origin release-1.0> Username for 'https://gitlab.lyklinux.com': dev> Password for 'https://dev@gitlab.lyklinux.com': > Counting objects: 4, done.> Compressing objects: 100% (2/2), done.> Writing objects: 100% (3/3), 302 bytes | 0 bytes/s, done.> Total 3 (delta 0), reused 0 (delta 0)> remote: > remote: To create a merge request for release-1.0, visit:> remote: https://gitlab.lyklinux.com/root/test-pro/-/merge_requests/new?merge_request%5Bsource_branch%5D=release-1.0> remote: > To https://gitlab.lyklinux.com/root/test-pro.git> * [new branch] release-1.0 -> release-1.0
接下来使用dev账号登录gitlab,点击Create merge request提交合并申请。
- 项目领导审批合并申请: 使用leader账号登录gitlab,登入后右上角有Merge requests消息提示。 点击Merge immediately,写入一些内容,最后点击Comment。 然后点击Projects → Your projects → test-repo,
可以看到,release-1.0分支的代码已经合并到master分支。
gitlab的大致使用过程就是这样,开发人员与运维人员各司其职。运维人员负责gitlab系统正常运行,管理账号及项目权限;开发人员负责代码编写,各自分支代码的提交与合并申请。