Gitlab部署(docker)

1.环境配置

(1)系统:centos7.8

(2)服务器配置:8H16G/1T

(3)IP地址:192.168.176.233

2.系统初始化

(1)关闭selinux 

  cat /etc/selinux/config | grep -w SELINUX

  SELINUX=disabled

(2)修改ssh端口号

  grep -rw "Port 16384" /etc/ssh/sshd_config

  Port 16384

(3)启动firewalld,放行端口 

  firewall-cmd --zone=public --add-port=80/tcp
  firewall-cmd --zone=public --add-port=80/tcp --permanent
  firewall-cmd --zone=public --add-port=20022/tcp
  firewall-cmd --zone=public --add-port=20022/tcp --permanent
  firewall-cmd --zone=public --add-port=16384/tcp
  firewall-cmd --zone=public --add-port=16384/tcp --permanent
  firewall-cmd --reload

(4)修改主机名

  hostnamectl set-hostname gitlab

(5)磁盘格式化

parted /dev/sdb <<EOF #磁盘名称按实际安装填写
mklabel #创建分区表
gpt #修改分区表格式gpt
mkpart #创建一个part-type类型的分区
primary #将整块磁盘设置为主分区
ext4 #设置文件系统类型
1 #从1开始
1000G #此数值要根据客户提供磁盘大小更改
quit
EOF

#格式化磁盘
mkfs.xfs -f -n ftype=1 /dev/sdb 
mkdir -p /data/
# 创建逻辑分区(磁盘同上)
yes|pvcreate /dev/sdb #此步骤需要y确认
vgcreate vgdata /dev/sdb # 此处将该卷组全部剩余空间划入本逻辑卷
lvcreate -l +100%FREE -n lvdata vgdata
# 格式化逻辑卷
mkfs.xfs -f /dev/vgdata/lvdata
# 设置开机自动挂载(手动)
echo "/dev/vgdata/lvdata /data xfs defaults 0 0" >> /etc/fstab
mount -a && df -Th

(6)内核优化

cat >> /etc/security/limits.conf <<EOF
root soft nofile 100001
root hard nofile 100002
* soft core 10240
* hard core 10240
* soft data unlimited
* hard data unlimited
* soft fsize unlimited
* hard fsize unlimited
* soft memlock unlimited
* hard memlock unlimited
* soft nofile 1024000
* hard nofile 1024000
* soft rss unlimited
* hard rss unlimited
* soft stack 8194
docker soft nproc 102400
docker hard nproc 102400
* soft locks unlimited
* hard locks unlimited
* soft sigpending unlimited
* hard sigpending unlimited
* soft msgqueue unlimited
* hard msgqueue unlimited
EOF

 

cat >> /etc/sysctl.conf <<EOF
kernel.shmmax = 50000000000
#kernel.shmmni = 409600
kernel.shmall = 400000000000
kernel.sem = 500 20480 200 4096
kernel.sysrq = 1
kernel.core_uses_pid = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.msgmni = 2048
net.ipv4.tcp_syncookies = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.tcp_max_syn_backlog = 4096
net.ipv4.conf.all.arp_filter = 1
net.ipv4.ip_local_port_range = 10000 65535
net.core.netdev_max_backlog = 10000
net.core.rmem_max = 2097152
net.core.wmem_max = 2097152
#vm.overcommit_memory = 2
#vm.swdatainess = 10
vm.zone_reclaim_mode = 0
vm.dirty_expire_centisecs = 500
vm.dirty_writeback_centisecs = 100
vm.dirty_background_ratio = 0
vm.dirty_ratio = 0
vm.dirty_background_bytes = 1610612736
vm.dirty_bytes = 4294967296
# ES配置
vm.max_map_count=262144
EOF
# 执行命令生效
sysctl -p

(7)安装docker服务

#关闭swap交换分区
swapoff -a # 临时关闭
# vim /etc/fstab # 永久关闭,注释swap行
sed -i 's/.*swap.*/#&/' /etc/fstab

#关闭NetworkManager
systemctl stop NetworkManager.service
systemctl disable NetworkManager.service

#安装docker服务
#Install required packages.
yum install -y yum-utils device-mdataer-persistent-data lvm2

# Add Docker repository.
yum-config-manager --add-repo \
https://download.docker.com/linux/centos/docker-ce.repo

# Install Docker CE.
yum install -y containerd.io-1.2.13 docker-ce-19.03.8 docker-ce-cli-19.03.8
# yum -y install docker-ce-19.03.4 docker-ce-cli-19.03.4 containerd.io-1.2.10

## Create /etc/docker directory.
mkdir /etc/docker
# Setup daemon
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"graph": "/data/docker_storage",
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"insecure-registries" : ["192.168.176.130:8090","49.233.23.168:8090","192.168.27.141"],
"registry-mirrors": ["https://g427vmjy.mirror.aliyuncs.com"],
"live-restore": true
}
EOF

mkdir -p /etc/systemd/system/docker.service.d

#打开docker的api监听端口
cp /usr/lib/systemd/system/docker.service{,.bak}
#  /usr/lib/systemd/system/docker.service
sed -i 's/^ExecStart.*/#&/' /lib/systemd/system/docker.service
sed -i '15i ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock -H fd:// --containerd=/run/containerd/containerd.sock' /lib/systemd/system/docker.service

# Restart Docker
systemctl daemon-reload
systemctl restart docker
systemctl enable docker

(8)同步时间

  yum -y install ntpdate
  ntpdate cn.pool.ntp.org

(9)下载并启动gitlab容器

docker run -itd -p 80:80 -p 443:443 -p 20022:22 -v /data/gitlab/etc:/etc/gitlab  -v /data/gitlab/log:/var/log/gitlab -v /data/gitlab/opt:/var/opt/gitlab \
-v /etc/localtime:/etc/localtime:ro --restart always --privileged=true --name gitlab 192.168.176.111:8090/oa_software/gitlab-ce:v14.6.1_20220411

(10)gitlab配置文件修改

cat /data/gitlab/etc/gitlab.rb
external_url 'http://192.168.176.233'
gitlab_rails['gitlab_ssh_host'] = '192.168.176.233'
gitlab_rails['gitlab_shell_ssh_port'] = 20022

(11)gitlab目录说明

/var/opt/gitlab/git-data/repositories/:仓库默认存储目录 
/opt/gitlab:应用程序代码和相应的依赖程序 
/var/opt/gitlab:gitlab数据存放路径 gitlab-ctl reconfigure命令编译后的应用数据和配置文件,不需要人为修改配置
/etc/gitlab: 配置文件目录
/etc/gitlab/gitlab.rb gitlab配置文件 
/var/log/gitlab:此目录下存放了 gitlab各个组件产生的日志 
/var/opt/gitlab/backups/:备份文件生成的目录

(12)部署gitlab参考文档:

  https://www.cnblogs.com/liuqingzheng/p/15325288.html

(13)查看gitlab版本号

  cat /opt/gitlab/embedded/service/gitlab-rails/VERSION

(14)gitlab邮箱配置

  参考文档:https://blog.csdn.net/qq_37398834/article/details/115674903

cat /data/gitlab/etc
gitlab_rails['gitlab_email_from'] = 'test@test-ai.com' #企业微信邮箱
gitlab_rails['gitlab_email_display_name'] = 'Gitlab'
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.exmail.qq.com"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "test@test-ai.com"    #企业微信邮箱
gitlab_rails['smtp_password'] = "idY7a8g7JCEgqkm4"     #在企业邮箱网页版中获得客户端登录认证码
gitlab_rails['smtp_domain'] = "test-ai.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
#重载配置文件
gitlab-ctl reconfigure
#邮箱测试
gitlab-rails console
Notify.test_email('test@test.com', 'Message Subject', 'Message Body').deliver_now

(15)修改root密码

# 进入容器内部
docker exec -it gitlab /bin/bash

# 进入控制台
gitlab-rails console -e production

# 查询id为1的用户,id为1的用户是超级管理员
user = User.where(id:1).first
# 修改密码为lqz123456
user.password='lqz123456'
# 保存
user.save!
# 退出
exit

 

(16)gitlab备份与还原

  参考文档:https://www.cnblogs.com/cheyunhua/p/14875506.html

 

(17)登录配置

http://192.168.176.233

 

posted @ 2022-04-12 21:49  Leonardo-li  阅读(750)  评论(0编辑  收藏  举报