标签:容器化Gitlab ubuntu gitlab docker gitlab gitlab安装 gitlab配置
初始化操作$ uname -aLinux yang-PowerEdge-R730 4.4.0-116-generic #140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux此处使用的是阿里源
step 1: 安装必要的一些系统工具
$ apt-get update
$ apt-get -y install apt-transport-https ca-certificates curl software-properties-commonstep 2: 安装GPG证书
$ curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -Step 3: 写入软件源信息
$ add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"Step 4: 更新并安装 Docker-CE
$ apt-get -y update
$ apt-get -y install docker-ce安装好之后,来看看Docker的版本。
$ docker version输出如下
Client:
Version: 17.03.2-ce
API version: 1.27
Go version: go1.7.5
Git commit: f5ec1e2
Built: Tue Jun 27 03:35:14 2017
OS/Arch: linux/amd64
Server:
Version: 17.03.2-ce
API version: 1.27 (minimum version 1.12)
Go version: go1.7.5
Git commit: f5ec1e2
Built: Tue Jun 27 03:35:14 2017
OS/Arch: linux/amd64
Experimental: false这样Docker就安装成功了。
当然路走多了也会踩到坑的!下面是我碰到的一个小坑
异常处理
# 出现如下报错提示:
Depends: libseccomp2 (>= 2.3.0) but 2.2.3-3ubuntu3 is to be installed
Recommends: aufs-tools but it is not going to be installed# 安装指定版本的docker-ce
$ apt-cache madison docker-ce
docker-ce | 18.03.0~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.12.1~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.12.0~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.09.1~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.09.0~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.06.2~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.06.1~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.06.0~ce-0~ubuntu | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.03.2~ce-0~ubuntu-xenial | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.03.1~ce-0~ubuntu-xenial | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.03.0~ce-0~ubuntu-xenial | http://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
# 获取<17.03.0~ce-0~ubuntu-xenia>版本
$ apt install docker-ce=17.03.2~ce-0~ubuntu-xenial拉取最近Gitlab-ce镜像
$ docker pull gitlab-ce
# 镜像很大,1.46 GB从本地导入
$ docker load < gitlab-ce_docker_images.tar.gz
# 我自己的镜像备份gitlab-ce_docker_images.tar.gz创建容器
$ docker run -d --hostname 10.10.1.70 \ # 指定容器域名,未知功能:创建镜像仓库的时候使用到
-p 8443:443 \ # 将容器内443端口映射到主机8443,提供https服务
-p 8080:80 \ # 将容器内80端口映射到主机8080,提供http服务
-p 2222:22 \ # 将容器内22端口映射到主机2222,提供ssh服务
-p 9090:9090 \ # 将容器内9090端口映射到主机9090,提供prometheus服务
--name gitlab \ # 指定容器名称
--restart always \ # 容器退出时,自动重启
-v /home/gitlab/config:/etc/gitlab \ # 将本地/home/gitlab/config挂载到容器内/etc/gitlab
-v /home/gitlab/logs:/var/log/gitlab \ # 将本地/home/gitlab/logs挂载到容器内/var/log/gitlab
-v /home/gitlab/data:/var/opt/gitlab \ # 将本地/home/gitlab/data挂载到容器内/var/opt/gitlab
gitlab/gitlab-ce:latest # 镜像名称:版本此处我单独给
/home/gitlab目录mount了一个独立硬盘,强烈建议Gitlab目录和系统盘使用不同的物理硬盘。
$ docker inspect gitlab --format "{{.State.Status}}"输出结果如下就好
running详细配置说明文档请参考官方
配置Gitlab
首先,备份默认gitlab.rb
$ cd /home/gitlab/config;
$ cp gitlab.rb gitlab.rb.default本次Gitlab只对外提供http服务
配置web请求地址
external_url http://10.10.1.70时区设置
gitlab_rails[‘time_zone‘] = ‘Asia/Shanghai‘Gitlab镜像自带nginx配置
nginx[‘enable‘] = true
nginx[‘client_max_body_size‘] = ‘250m‘
nginx[‘redirect_http_to_https‘] = false
nginx[‘listen_addresses‘] = [‘0.0.0.0‘, ‘[::]‘]
nginx[‘listen_port‘] = 80
nginx[‘listen_https‘] = false
nginx[‘custom_gitlab_server_config‘] = "location ^~ /foo-namespace/bar-project/raw/ {\n deny all;\n}\n"
nginx[‘custom_nginx_config‘] = "include /etc/nginx/conf.d/*.conf;"
nginx[‘proxy_read_timeout‘] = 3600
nginx[‘proxy_connect_timeout‘] = 300
nginx[‘proxy_set_headers‘] = {
"Host" => "$http_host_with_default",
"X-Real-IP" => "$remote_addr",
"X-Forwarded-For" => "$proxy_add_x_forwarded_for",
"Upgrade" => "$http_upgrade",
"Connection" => "$connection_upgrade"
}
nginx[‘proxy_cache_path‘] = ‘proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2‘
nginx[‘proxy_cache‘] = ‘gitlab‘
nginx[‘http2_enabled‘] = false
nginx[‘real_ip_trusted_addresses‘] = [‘172.16.0.0/16‘]
nginx[‘real_ip_header‘] = ‘X-Real-IP‘
nginx[‘real_ip_recursive‘] = on
nginx[‘custom_error_pages‘] = {
‘404‘ => {
‘title‘ => ‘Example title‘,
‘header‘ => ‘Example header‘,
‘message‘ => ‘Example message‘
}
}
nginx[‘dir‘] = "/var/opt/gitlab/nginx"
nginx[‘log_directory‘] = "/var/log/gitlab/nginx"
nginx[‘worker_processes‘] = 4
nginx[‘worker_connections‘] = 10240
nginx[‘log_format‘] = ‘$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"‘
nginx[‘sendfile‘] = ‘on‘
nginx[‘tcp_nopush‘] = ‘on‘
nginx[‘tcp_nodelay‘] = ‘on‘
nginx[‘gzip‘] = "on"
nginx[‘gzip_http_version‘] = "1.0"
nginx[‘gzip_comp_level‘] = "2"
nginx[‘gzip_proxied‘] = "any"
nginx[‘gzip_types‘] = [ "text/plain", "text/css", "application/x-javascript", "text/xml", "application/xml", "application/xml+rss", "text/javascript", "application/json" ]
nginx[‘keepalive_timeout‘] = 65
nginx[‘cache_max_size‘] = ‘5000m‘
nginx[‘server_names_hash_bucket_size‘] = 64
nginx[‘status‘] = {
"enable" => false,
}配置邮件服务
gitlab_rails[‘smtp_enable‘] = true
gitlab_rails[‘smtp_address‘] = "smtp.163.com"
gitlab_rails[‘smtp_port‘] = 25
gitlab_rails[‘smtp_user_name‘] = "xiaohuruwei@163.com"
gitlab_rails[‘smtp_password‘] = "xxxx"
gitlab_rails[‘smtp_domain‘] = "163.com"
gitlab_rails[‘smtp_authentication‘] = "login"
gitlab_rails[‘smtp_enable_starttls_auto‘] = true
gitlab_rails[‘smtp_tls‘] = false
gitlab_rails[‘smtp_openssl_verify_mode‘] = ‘none‘邮件部分参考小狐濡尾特此注明出处
Gitlab镜像自带Postgresql配置
postgresql[‘enable‘] = true
postgresql[‘ssl‘] = ‘off‘Gitlab镜像自带Redis配置
gitlab_rails[‘redis_host‘] = "127.0.0.1"
gitlab_rails[‘redis_port‘] = 6379
gitlab_rails[‘redis_password‘] = ‘00e05611e8f68d6e9c9cc62f‘
gitlab_rails[‘redis_database‘] = 0
redis[‘enable‘] = true
redis[‘username‘] = "gitlab-redis"
redis[‘maxclients‘] = "10000"
redis[‘maxmemory‘] = "1gb"
redis[‘maxmemory_policy‘] = "allkeys-lru"
redis[‘maxmemory_samples‘] = "5"
redis[‘tcp_timeout‘] = "60"
redis[‘tcp_keepalive‘] = "300"
redis[‘port‘] = 6379
redis[‘password‘] = ‘00e05611e8f68d6e9c9cc62f‘Gitlab备份路径配置
gitlab_rails[‘manage_backup_path‘] = true
gitlab_rails[‘backup_path‘] = "/var/opt/gitlab/backups"监控Prometheus配置
prometheus[‘enable‘] = true
prometheus[‘monitor_kubernetes‘] = false # 如果用k8s安装Gitlab,此处应设置为true
prometheus[‘username‘] = ‘gitlab-prometheus‘
prometheus[‘uid‘] = nil
prometheus[‘gid‘] = nil
prometheus[‘shell‘] = ‘/bin/sh‘
prometheus[‘home‘] = ‘/var/opt/gitlab/prometheus‘
prometheus[‘log_directory‘] = ‘/var/log/gitlab/prometheus‘
prometheus[‘scrape_interval‘] = 15
prometheus[‘scrape_timeout‘] = 15
prometheus[‘chunk_encoding_version‘] = 2
prometheus[‘listen_address‘] = ‘0.0.0.0:9090‘ # 注意端口和之前docker run -p 9090一致
prometheus_monitoring[‘enable‘] = true
# 以下为设置加入Prometheus的开关和配置项
node_exporter[‘enable‘] = true
redis_exporter[‘enable‘] = true
redis_exporter[‘log_directory‘] = ‘/var/log/gitlab/redis-exporter‘
redis_exporter[‘flags‘] = {
‘redis.addr‘ => "127.0.0.1:6379",
‘redis.password‘ => ‘00e05611e8f68d6e9c9cc62f‘
}
postgres_exporter[‘enable‘] = true
gitlab_monitor[‘enable‘] = true配置重载
docker exec -t gitlab gitlab-ctl reconfigure
docker exec -t gitlab gitlab-ctl restart配置到处为止
内网使用,暂时不开启HTTPS
自签证书实现Gitlab HTTPS双向认证部分等有空了再说吧
配置重载
docker exec -t gitlab gitlab-ctl reconfigure
docker exec -t gitlab gitlab-ctl restart# 备份
docker exec -t gitlab gitlab-rake gitlab:backup:create
# gitlab还原
docker exec -t gitlab gitlab-ctl stop unicorn
docker exec -t gitlab gitlab-ctl stop sidekiq
docker exec -t gitlab gitlab-rake gitlab:backup:restore BACKUP=1521789664_2018_03_23_10.5.6
docker exec -t gitlab gitlab-ctl restart
docker exec -t gitlab gitlab-rake gitlab:check SANITIZE=trueDocker安装报错参考docker.libseccomp2
配置文件参考官网配置Gitlab.doc
Gitlab镜像自带的监控Prometheus配置可以参照官方Gitlab.Prometheus.doc
邮件部分参考小狐濡尾特此注明出处
标签:容器化Gitlab ubuntu gitlab docker gitlab gitlab安装 gitlab配置
原文地址:http://blog.51cto.com/8456082/2090423
