初始化操作
- 说在前面
Gitlab安装需要部署很多依赖和其他服务来协作,很麻烦。
所以懒人想懒招,所以直接用Docker来部署,简单,省事,TNND还不用担心断电重启的问题!
操作系统
- 内核版本信息
$ uname -a
- 输出如下
Linux yang-PowerEdge-R730 4.4.0-116-generic #140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
安装Docker
- 此处使用的是阿里源
- step 1: 安装必要的一些系统工具
$ apt-get update $ apt-get -y install apt-transport-https ca-certificates curl software-properties-common
- step 2: 安装GPG证书
$ curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
- Step 3: 写入软件源信息
$ add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
- Step 4: 更新并安装 Docker-CE
$ apt-get -y update $ apt-get -y install docker-ce
- 安装好之后,来看看Docker的版本。
$ docker version
- 输出如下
Client: Version: 17.03.2-ce API version: 1.27 Go version: go1.7.5 Git commit: f5ec1e2 Built: Tue Jun 27 03:35:14 2017 OS/Arch: linux/amd64 Server: Version: 17.03.2-ce API version: 1.27 (minimum version 1.12) Go version: go1.7.5 Git commit: f5ec1e2 Built: Tue Jun 27 03:35:14 2017 OS/Arch: linux/amd64 Experimental: false
这样Docker就安装成功了。
当然路走多了也会踩到坑的!下面是我碰到的一个小坑
- 异常处理
# 出现如下报错提示: Depends: libseccomp2 (>= 2.3.0) but 2.2.3-3ubuntu3 is to be installed Recommends: aufs-tools but it is not going to be installed
- 解决方法
# 安装指定版本的docker-ce $ apt-cache madison docker-ce docker-ce | 18.03.0~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.12.1~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.12.0~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.09.1~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.09.0~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.06.2~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.06.1~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.06.0~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.03.2~ce-0~ubuntu-xenial | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.03.1~ce-0~ubuntu-xenial | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages docker-ce | 17.03.0~ce-0~ubuntu-xenial | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages # 获取<17.03.0~ce-0~ubuntu-xenia>版本 $ apt install docker-ce=17.03.2~ce-0~ubuntu-xenial
安装Gitlab-ce
拉取Gitlab-ce镜像
- 拉取最近Gitlab-ce镜像
$ docker pull gitlab-ce # 镜像很大,1.46 GB
- 从本地导入
$ docker load < gitlab-ce_docker_images.tar.gz # 我自己的镜像备份gitlab-ce_docker_images.tar.gz
- 创建容器
$ docker run -d --hostname 10.10.1.70 \ # 指定容器域名,未知功能:创建镜像仓库的时候使用到 -p 8443:443 \ # 将容器内443端口映射到主机8443,提供https服务 -p 8080:80 \ # 将容器内80端口映射到主机8080,提供http服务 -p 2222:22 \ # 将容器内22端口映射到主机2222,提供ssh服务 -p 9090:9090 \ # 将容器内9090端口映射到主机9090,提供prometheus服务 --name gitlab \ # 指定容器名称 --restart always \ # 容器退出时,自动重启 -v /home/gitlab/config:/etc/gitlab \ # 将本地/home/gitlab/config挂载到容器内/etc/gitlab -v /home/gitlab/logs:/var/log/gitlab \ # 将本地/home/gitlab/logs挂载到容器内/var/log/gitlab -v /home/gitlab/data:/var/opt/gitlab \ # 将本地/home/gitlab/data挂载到容器内/var/opt/gitlab gitlab/gitlab-ce:latest # 镜像名称:版本
此处我单独给
/home/gitlab
目录mount了一个独立硬盘,强烈建议Gitlab
目录和系统盘使用不同的物理硬盘
。 - 查看Gitlab容器运行情况
$ docker inspect gitlab --format "{{.State.Status}}"
输出结果如下就好
running
详细配置说明文档请参考官方
- 配置Gitlab
首先,备份默认gitlab.rb
$ cd /home/gitlab/config; $ cp gitlab.rb gitlab.rb.default
本次Gitlab只对外提供http服务
- 配置web请求地址
external_url http://10.10.1.70
- 时区设置
gitlab_rails[‘time_zone‘] = ‘Asia/Shanghai‘
- Gitlab镜像自带nginx配置
nginx[‘enable‘] = true nginx[‘client_max_body_size‘] = ‘250m‘ nginx[‘redirect_http_to_https‘] = false nginx[‘listen_addresses‘] = [‘0.0.0.0‘, ‘[::]‘] nginx[‘listen_port‘] = 80 nginx[‘listen_https‘] = false nginx[‘custom_gitlab_server_config‘] = "location ^~ /foo-namespace/bar-project/raw/ {\n deny all;\n}\n" nginx[‘custom_nginx_config‘] = "include /etc/nginx/conf.d/*.conf;" nginx[‘proxy_read_timeout‘] = 3600 nginx[‘proxy_connect_timeout‘] = 300 nginx[‘proxy_set_headers‘] = { "Host" => "$http_host_with_default", "X-Real-IP" => "$remote_addr", "X-Forwarded-For" => "$proxy_add_x_forwarded_for", "Upgrade" => "$http_upgrade", "Connection" => "$connection_upgrade" } nginx[‘proxy_cache_path‘] = ‘proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2‘ nginx[‘proxy_cache‘] = ‘gitlab‘ nginx[‘http2_enabled‘] = false nginx[‘real_ip_trusted_addresses‘] = [‘172.16.0.0/16‘] nginx[‘real_ip_header‘] = ‘X-Real-IP‘ nginx[‘real_ip_recursive‘] = on nginx[‘custom_error_pages‘] = { ‘404‘ => { ‘title‘ => ‘Example title‘, ‘header‘ => ‘Example header‘, ‘message‘ => ‘Example message‘ } } nginx[‘dir‘] = "/var/opt/gitlab/nginx" nginx[‘log_directory‘] = "/var/log/gitlab/nginx" nginx[‘worker_processes‘] = 4 nginx[‘worker_connections‘] = 10240 nginx[‘log_format‘] = ‘$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"‘ nginx[‘sendfile‘] = ‘on‘ nginx[‘tcp_nopush‘] = ‘on‘ nginx[‘tcp_nodelay‘] = ‘on‘ nginx[‘gzip‘] = "on" nginx[‘gzip_http_version‘] = "1.0" nginx[‘gzip_comp_level‘] = "2" nginx[‘gzip_proxied‘] = "any" nginx[‘gzip_types‘] = [ "text/plain", "text/css", "application/x-javascript", "text/xml", "application/xml", "application/xml+rss", "text/javascript", "application/json" ] nginx[‘keepalive_timeout‘] = 65 nginx[‘cache_max_size‘] = ‘5000m‘ nginx[‘server_names_hash_bucket_size‘] = 64 nginx[‘status‘] = { "enable" => false, }
- 配置邮件服务
gitlab_rails[‘smtp_enable‘] = true gitlab_rails[‘smtp_address‘] = "smtp.163.com" gitlab_rails[‘smtp_port‘] = 25 gitlab_rails[‘smtp_user_name‘] = "[email protected]" gitlab_rails[‘smtp_password‘] = "xxxx" gitlab_rails[‘smtp_domain‘] = "163.com" gitlab_rails[‘smtp_authentication‘] = "login" gitlab_rails[‘smtp_enable_starttls_auto‘] = true gitlab_rails[‘smtp_tls‘] = false gitlab_rails[‘smtp_openssl_verify_mode‘] = ‘none‘
邮件部分参考小狐濡尾特此注明出处
- Gitlab镜像自带Postgresql配置
postgresql[‘enable‘] = true postgresql[‘ssl‘] = ‘off‘
- Gitlab镜像自带Redis配置
gitlab_rails[‘redis_host‘] = "127.0.0.1" gitlab_rails[‘redis_port‘] = 6379 gitlab_rails[‘redis_password‘] = ‘00e05611e8f68d6e9c9cc62f‘ gitlab_rails[‘redis_database‘] = 0 redis[‘enable‘] = true redis[‘username‘] = "gitlab-redis" redis[‘maxclients‘] = "10000" redis[‘maxmemory‘] = "1gb" redis[‘maxmemory_policy‘] = "allkeys-lru" redis[‘maxmemory_samples‘] = "5" redis[‘tcp_timeout‘] = "60" redis[‘tcp_keepalive‘] = "300" redis[‘port‘] = 6379 redis[‘password‘] = ‘00e05611e8f68d6e9c9cc62f‘
- Gitlab备份路径配置
gitlab_rails[‘manage_backup_path‘] = true gitlab_rails[‘backup_path‘] = "/var/opt/gitlab/backups"
- 监控Prometheus配置
prometheus[‘enable‘] = true prometheus[‘monitor_kubernetes‘] = false # 如果用k8s安装Gitlab,此处应设置为true prometheus[‘username‘] = ‘gitlab-prometheus‘ prometheus[‘uid‘] = nil prometheus[‘gid‘] = nil prometheus[‘shell‘] = ‘/bin/sh‘ prometheus[‘home‘] = ‘/var/opt/gitlab/prometheus‘ prometheus[‘log_directory‘] = ‘/var/log/gitlab/prometheus‘ prometheus[‘scrape_interval‘] = 15 prometheus[‘scrape_timeout‘] = 15 prometheus[‘chunk_encoding_version‘] = 2 prometheus[‘listen_address‘] = ‘0.0.0.0:9090‘ # 注意端口和之前docker run -p 9090一致 prometheus_monitoring[‘enable‘] = true # 以下为设置加入Prometheus的开关和配置项 node_exporter[‘enable‘] = true redis_exporter[‘enable‘] = true redis_exporter[‘log_directory‘] = ‘/var/log/gitlab/redis-exporter‘ redis_exporter[‘flags‘] = { ‘redis.addr‘ => "127.0.0.1:6379", ‘redis.password‘ => ‘00e05611e8f68d6e9c9cc62f‘ } postgres_exporter[‘enable‘] = true gitlab_monitor[‘enable‘] = true
- 配置重载
docker exec -t gitlab gitlab-ctl reconfigure docker exec -t gitlab gitlab-ctl restart
- 结束
配置到处为止
内网使用,暂时不开启HTTPS
自签证书实现Gitlab HTTPS双向认证部分等有空了再说吧
日常管理
- 配置重载
docker exec -t gitlab gitlab-ctl reconfigure docker exec -t gitlab gitlab-ctl restart
- 备份恢复
# 备份 docker exec -t gitlab gitlab-rake gitlab:backup:create # gitlab还原 docker exec -t gitlab gitlab-ctl stop unicorn docker exec -t gitlab gitlab-ctl stop sidekiq docker exec -t gitlab gitlab-rake gitlab:backup:restore BACKUP=1521789664_2018_03_23_10.5.6 docker exec -t gitlab gitlab-ctl restart docker exec -t gitlab gitlab-rake gitlab:check SANITIZE=true
参考资料
Docker安装报错参考docker.libseccomp2
配置文件参考官网配置Gitlab.doc
Gitlab镜像自带的监控Prometheus配置可以参照官方Gitlab.Prometheus.doc
邮件部分参考小狐濡尾特此注明出处
原文地址:http://blog.51cto.com/8456082/2090423
时间: 2024-10-09 20:33:05