极客时间运维进阶训练营第三周作业
1、基于 docker-compose 实现对 Nginx+Tomcat Web 服务的单机编排
BASE_DIR="/opt/20221111/homework1"
if [[ ! -d ${BASE_DIR} ]]; then
mkdir -p ${BASE_DIR}
fi
cd ${BASE_DIR}
tee ${BASE_DIR}/docker-compose.yml << "EOF"
version: '3.8'
services:
nginx-server:
image: nginx:1.20.0-alpine
container_name: nginx-web1
expose:
- 80
- 443
ports:
- "80:80"
- "443:443"
networks:
- homework1
links:
- tomcat-server
tomcat-server:
image: registry.cn-hangzhou.aliyuncs.com/zhangshijie/tomcat-myapp:v1
container_name: tomcat-app1
networks:
- homework1
networks:
homework1:
driver: bridge
EOF
2、安装 GitLab、创建 group、user 和 project 并授权
安装
cd /usr/local/src/ &&\ wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/ubuntu/jammy/gitlab-ce_15.5.1-ce.0_amd64.deb/download.deb & dpkg -c gitlab-ce_15.5.1-ce.0_amd64.deb ###注:gitlab的主目录在/opt/gitlab dpkg -i gitlab-ce_15.5.1-ce.0_amd64.deb #gitlab主配置文件 /etc/gitlab/gitlab.rb ##配置gitlab sed -i 's/gitlab.example.com/gitlab.iclinux.com/' /etc/gitlab/gitlab.rb sed -i 's/http/https/' /etc/gitlab/gitlab.rb tee -a /etc/gitlab/gitlab.rb << "EOF" gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_address'] = "smtp.mxhichina.com" gitlab_rails['smtp_port'] = 465 gitlab_rails['smtp_user_name'] = "git@iclinux.com" gitlab_rails['smtp_password'] = "xxxxxxx" gitlab_rails['smtp_domain'] = "iclinux.com" gitlab_rails['smtp_authentication'] = :login gitlab_rails['smtp_enable_starttls_auto'] = true gitlab_rails['smtp_tls'] = true gitlab_rails['gitlab_email_from'] = "git@iclinux.com" user["git_user_email"] = "git@iclinux.com" EOF #配置gitlab gitlab-ctl reconfigure # cat /etc/gitlab/initial_root_password a3osW55oPE/FP3nv47Uk4Ev5Xgv7nDYC29tdDCPXtuA=
创建组
创建用户
创建项目
授权
3、熟练 Git 命令的基本使用,通过 Git 命令实现源代码的 clone、push 等基本操作
拉取代码
BASE_DIR="/data"
if [[ ! -d ${BASE_DIR} ]]; then
mkdir -p ${BASE_DIR}
fi
cd ${BASE_DIR}
### 克隆代码
git clone https://gitlab.iclinux.com/linux/docker
root@u-test:/data# ls
docker
设置git全局变量
git config --global user.email "git@iclinux.com"
git config --global user.name "root"
# 查看当前用户
git config user.name
# 列出用户配置
上传文件
git add .
git commit -m "add index.html"
root@u-test:/data/docker# git push
Username for 'https://gitlab.iclinux.com': root
Password for 'https://root@gitlab.iclinux.com':
warning: redirecting to https://gitlab.iclinux.com/linux/docker.git/
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Delta compression using up to 2 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 387 bytes | 387.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
To https://gitlab.iclinux.com/linux/docker
b80374a..674cb10 main -> main
查看工作去状态
git status
更新代码
git pull
-- 只现在变化的版本
回退到当前版本
git reset --hard HEAD^
##HEAD^ 上一个版本 HEAD^^ 上上个版本
获取代码提交信息
git reflog
代码回退到指定版本
git reset --hard f97904e
查看当前分支
git branch
创建并切换到一个新分支
git checkout -b develop
上传新分支
git push --set-upstream origin develop
切换分支
git checkout develop
查看操作日志
git log
4、熟练掌握对 GitLab 服务的数据备份与恢复
备份
gitlab-ctl stop unicorn sidekiq gitlab-rake gitlab:backup:create # 默认备份路径 tar czf gitlab_conf.tgz /etc/gitlab/ gitlab-ctl start unicorn sidekiq
还原
gitlab-ctl stop unicorn sidekiq gitlab-rake gitlab:backup:restore BACKUP=1668237713_2022_11_12_15.5.1 gitlab-ctl start unicorn sidekiq
5、部署 Jenkins 服务器并安装 GitLab 插件、实现代码免秘钥代码 clone
部署jenkins
apt update apt install -y openjdk-11-jdk cd /usr/local/src/ &&\ curl -O https://mirrors.jenkins.io/debian-stable/jenkins_2.361.2_all.deb dpkg -c jenkins_2.361.2_all.deb dpkg -i jenkins_2.361.2_all.deb && systemctl stop jenkins sed -i s'/User=jenkins/User=root/g' /lib/systemd/system/jenkins.service sed -i s'/Group=jenkins/Group=root/g' /lib/systemd/system/jenkins.service sed -i s'/Environment="JAVA_OPTS=-Djava.awt.headless=true"/Environment="JAVA_OPTS=-Djava.awt.headless=true -Dhudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION=true"/g' /lib/systemd/system/jenkins.service systemctl daemon-reload && systemctl restart jenkins.service ##检查可知已经生效完毕 root@jenkins:/tmp# ps -ef|grep jenkins root 12077 1 99 17:24 ? 00:01:17 /usr/bin/java -Djava.awt.headless=true -Dhudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION=true -jar /usr/share/java/jenkins.war --webroot=/var/cache/jenkins/war --httpPort=8080
安装gitlab插件
免密克隆
Jenkins 操作
ssh-keygen oot@jenkins:/data/scripts# cat /root/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdtYq4j1PwfTLegHf7RmWv5r5oP6ZU25nkLdts3gV9EAZZz+sN1tFN+AySjL4AMr1JIXF/ax+P3XUrtW6akgdzriYaY23Gd95lslNuddGmQ2ume1IwvOKvVWM+PBqrho+Rg40z8xXY1Cb/6txyZ4i1h3Lk8HynW0MlDLEgxtX7VfHsGz55+tkgTTLyLCwiNTe9Lx/619mN7LfwyALc3i3A9xDzYIbIMWNrMbbWqCjQWLFDkXDec9ZCNl3Zr4+xnTATcUWn+uPMg4gypDERBCywSS6tDt7o691Spsg3Cfi77CoEekXoW8ogMOz5IKR9E56Bziu2WvYww8esb9anM/XMdXEIfQQVusBP4owHQrKVd2vfxdJ0N+/+2SXfrrtoiX3HLJcqhoKAIE3U2qlJYTs2cUN5PLa6kIqBg0hymtVl0eU14Vu18aCCwxmKwV9A96ZVRIuZW/eMsy4B1pxO3F9aB24K9j5OScToYfLTwe6PAwFZ4JS/BjnpJ3rOuMMhQYk= root@jenkins.iclinux.comg
Gitlab操作
验证
root@jenkins:/tmp# git clone git@gitlab.iclinux.com:linux/docker.git
root@jenkins:/tmp# ls -d docker/
docker/
BASE_DIR="/data/gitdata"
if [[ ! -d ${BASE_DIR} ]]; then
mkdir -p ${BASE_DIR}
fi
ssh-copy-id 192.168.56.4
tee /data/scripts/docker.sh << "EOF"
#!/bin/bash
cd /data/gitdata/
rm -fr docker
git clone git@gitlab.iclinux.com:linux/docker.git
scp docker/* 192.168.56.4:/var/www/html
EOF
/bin/bash /data/scripts/docker.sh
jenkins 页面操作,gitlab 插件获取代码
