极客时间运维进阶训练营第三周作业
1、基于 docker-compose 实现对 Nginx+Tomcat Web 服务的单机编排
BASE_DIR="/opt/20221111/homework1" if [[ ! -d ${BASE_DIR} ]]; then mkdir -p ${BASE_DIR} fi cd ${BASE_DIR} tee ${BASE_DIR}/docker-compose.yml << "EOF" version: '3.8' services: nginx-server: image: nginx:1.20.0-alpine container_name: nginx-web1 expose: - 80 - 443 ports: - "80:80" - "443:443" networks: - homework1 links: - tomcat-server tomcat-server: image: registry.cn-hangzhou.aliyuncs.com/zhangshijie/tomcat-myapp:v1 container_name: tomcat-app1 networks: - homework1 networks: homework1: driver: bridge EOF
2、安装 GitLab、创建 group、user 和 project 并授权
安装
cd /usr/local/src/ &&\ wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/ubuntu/jammy/gitlab-ce_15.5.1-ce.0_amd64.deb/download.deb & dpkg -c gitlab-ce_15.5.1-ce.0_amd64.deb ###注:gitlab的主目录在/opt/gitlab dpkg -i gitlab-ce_15.5.1-ce.0_amd64.deb #gitlab主配置文件 /etc/gitlab/gitlab.rb ##配置gitlab sed -i 's/gitlab.example.com/gitlab.iclinux.com/' /etc/gitlab/gitlab.rb sed -i 's/http/https/' /etc/gitlab/gitlab.rb tee -a /etc/gitlab/gitlab.rb << "EOF" gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_address'] = "smtp.mxhichina.com" gitlab_rails['smtp_port'] = 465 gitlab_rails['smtp_user_name'] = "git@iclinux.com" gitlab_rails['smtp_password'] = "xxxxxxx" gitlab_rails['smtp_domain'] = "iclinux.com" gitlab_rails['smtp_authentication'] = :login gitlab_rails['smtp_enable_starttls_auto'] = true gitlab_rails['smtp_tls'] = true gitlab_rails['gitlab_email_from'] = "git@iclinux.com" user["git_user_email"] = "git@iclinux.com" EOF #配置gitlab gitlab-ctl reconfigure # cat /etc/gitlab/initial_root_password a3osW55oPE/FP3nv47Uk4Ev5Xgv7nDYC29tdDCPXtuA=
创建组
创建用户
创建项目
授权
3、熟练 Git 命令的基本使用,通过 Git 命令实现源代码的 clone、push 等基本操作
拉取代码 BASE_DIR="/data" if [[ ! -d ${BASE_DIR} ]]; then mkdir -p ${BASE_DIR} fi cd ${BASE_DIR} ### 克隆代码 git clone https://gitlab.iclinux.com/linux/docker root@u-test:/data# ls docker 设置git全局变量 git config --global user.email "git@iclinux.com" git config --global user.name "root" # 查看当前用户 git config user.name # 列出用户配置 上传文件 git add . git commit -m "add index.html" root@u-test:/data/docker# git push Username for 'https://gitlab.iclinux.com': root Password for 'https://root@gitlab.iclinux.com': warning: redirecting to https://gitlab.iclinux.com/linux/docker.git/ Enumerating objects: 4, done. Counting objects: 100% (4/4), done. Delta compression using up to 2 threads Compressing objects: 100% (3/3), done. Writing objects: 100% (3/3), 387 bytes | 387.00 KiB/s, done. Total 3 (delta 0), reused 0 (delta 0), pack-reused 0 To https://gitlab.iclinux.com/linux/docker b80374a..674cb10 main -> main 查看工作去状态 git status 更新代码 git pull -- 只现在变化的版本 回退到当前版本 git reset --hard HEAD^ ##HEAD^ 上一个版本 HEAD^^ 上上个版本 获取代码提交信息 git reflog 代码回退到指定版本 git reset --hard f97904e 查看当前分支 git branch 创建并切换到一个新分支 git checkout -b develop 上传新分支 git push --set-upstream origin develop 切换分支 git checkout develop 查看操作日志 git log
4、熟练掌握对 GitLab 服务的数据备份与恢复
备份
gitlab-ctl stop unicorn sidekiq gitlab-rake gitlab:backup:create # 默认备份路径 tar czf gitlab_conf.tgz /etc/gitlab/ gitlab-ctl start unicorn sidekiq
还原
gitlab-ctl stop unicorn sidekiq gitlab-rake gitlab:backup:restore BACKUP=1668237713_2022_11_12_15.5.1 gitlab-ctl start unicorn sidekiq
5、部署 Jenkins 服务器并安装 GitLab 插件、实现代码免秘钥代码 clone
部署jenkins
apt update apt install -y openjdk-11-jdk cd /usr/local/src/ &&\ curl -O https://mirrors.jenkins.io/debian-stable/jenkins_2.361.2_all.deb dpkg -c jenkins_2.361.2_all.deb dpkg -i jenkins_2.361.2_all.deb && systemctl stop jenkins sed -i s'/User=jenkins/User=root/g' /lib/systemd/system/jenkins.service sed -i s'/Group=jenkins/Group=root/g' /lib/systemd/system/jenkins.service sed -i s'/Environment="JAVA_OPTS=-Djava.awt.headless=true"/Environment="JAVA_OPTS=-Djava.awt.headless=true -Dhudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION=true"/g' /lib/systemd/system/jenkins.service systemctl daemon-reload && systemctl restart jenkins.service ##检查可知已经生效完毕 root@jenkins:/tmp# ps -ef|grep jenkins root 12077 1 99 17:24 ? 00:01:17 /usr/bin/java -Djava.awt.headless=true -Dhudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION=true -jar /usr/share/java/jenkins.war --webroot=/var/cache/jenkins/war --httpPort=8080
安装gitlab插件
免密克隆
Jenkins 操作
ssh-keygen oot@jenkins:/data/scripts# cat /root/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDdtYq4j1PwfTLegHf7RmWv5r5oP6ZU25nkLdts3gV9EAZZz+sN1tFN+AySjL4AMr1JIXF/ax+P3XUrtW6akgdzriYaY23Gd95lslNuddGmQ2ume1IwvOKvVWM+PBqrho+Rg40z8xXY1Cb/6txyZ4i1h3Lk8HynW0MlDLEgxtX7VfHsGz55+tkgTTLyLCwiNTe9Lx/619mN7LfwyALc3i3A9xDzYIbIMWNrMbbWqCjQWLFDkXDec9ZCNl3Zr4+xnTATcUWn+uPMg4gypDERBCywSS6tDt7o691Spsg3Cfi77CoEekXoW8ogMOz5IKR9E56Bziu2WvYww8esb9anM/XMdXEIfQQVusBP4owHQrKVd2vfxdJ0N+/+2SXfrrtoiX3HLJcqhoKAIE3U2qlJYTs2cUN5PLa6kIqBg0hymtVl0eU14Vu18aCCwxmKwV9A96ZVRIuZW/eMsy4B1pxO3F9aB24K9j5OScToYfLTwe6PAwFZ4JS/BjnpJ3rOuMMhQYk= root@jenkins.iclinux.comg
Gitlab操作
验证
root@jenkins:/tmp# git clone git@gitlab.iclinux.com:linux/docker.git root@jenkins:/tmp# ls -d docker/ docker/ BASE_DIR="/data/gitdata" if [[ ! -d ${BASE_DIR} ]]; then mkdir -p ${BASE_DIR} fi ssh-copy-id 192.168.56.4 tee /data/scripts/docker.sh << "EOF" #!/bin/bash cd /data/gitdata/ rm -fr docker git clone git@gitlab.iclinux.com:linux/docker.git scp docker/* 192.168.56.4:/var/www/html EOF /bin/bash /data/scripts/docker.sh
jenkins 页面操作,gitlab 插件获取代码