架構和組件
Docker部署
部署腳本:
#!/bin/bash
#
set -u
mkdir -p /srv/gitlab/{config,logs,data} ## 在宿主機上創建數據、日志和配置目錄
docker run --detach \
--hostname gitlab \
--publish 80:80 --publish 2224:22 \
--name gitlab \
--restart always \
--volume /srv/gitlab/config:/etc/gitlab \
--volume /srv/gitlab/logs:/var/log/gitlab \
--volume /srv/gitlab/data:/var/opt/gitlab \
gitlab/gitlab-ce:13.12.4-ce.0
如啟用SeLinux,則執行如下命令:
sudo docker run --detach \
--hostname gitlab.example.com \
--publish 443:443 --publish 80:80 --publish 22:22 \
--name gitlab \
--restart always \
--volume $GITLAB_HOME/config:/etc/gitlab:Z \
--volume $GITLAB_HOME/logs:/var/log/gitlab:Z \
--volume $GITLAB_HOME/data:/var/opt/gitlab:Z \
gitlab/gitlab-ee:latest
查看日志:
sudo docker logs -f gitlab
獲取root管理賬號密碼:
sudo docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password
基本配置
# docker exec -it gitlab /bin/bash ## 進入容器
# vim /etc/gitlab/gitlab.rb ## 在容器中編輯配置文件
...
external_url 'http://<your_domain_or_ip>'
gitlab_rails['gitlab_shell_ssh_port'] = 2224
...
# gitlab-ctl reconfigure ## 重新配置生效
預配置容器示例:
sudo docker run --detach \
--hostname gitlab.example.com \
--env GITLAB_OMNIBUS_CONFIG="external_url 'http://my.domain.com/'; gitlab_rails['lfs_enabled'] = true;" \ ## 使用環境變量配置
--publish 443:443 --publish 80:80 --publish 22:22 \
--name gitlab \
--restart always \
--volume $GITLAB_HOME/config:/etc/gitlab \
--volume $GITLAB_HOME/logs:/var/log/gitlab \
--volume $GITLAB_HOME/data:/var/opt/gitlab \
gitlab/gitlab-ee:latest
配置郵箱
## 私有企業郵箱
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "mail.test.com"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "varden@test.com"
gitlab_rails['smtp_password'] = "123456"
gitlab_rails['smtp_domain'] = "test.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_openssl_verify_mode'] = "peer"
gitlab_rails['gitlab_email_from'] = "varden@test.com"
user['git_user_email'] = "varden@test.com"
## 163企業郵箱
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtphm.qiye.163.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "varden@test.com"
gitlab_rails['smtp_password'] = "123456"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = 'varden@test.com'
gitlab_rails['smtp_domain'] = "test.com"
user['git_user_email'] = "varden@test.com"
## 163個人郵箱
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.ym.163.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "xxxx@xx.com"
gitlab_rails['smtp_password'] = "123456"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = 'xxxx@xx.com'
gitlab_rails['smtp_domain'] = "smtp.ym.163.com"
## QQ郵箱
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.exmail.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "xxxx@xx.com"
gitlab_rails['smtp_password'] = "123456"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = 'xxxx@xx.com'
gitlab_rails['smtp_domain'] = "exmail.qq.com"
權限問題解決辦法
# docker exec gitlab update-permissions
# docker restart gitlab
訪問
http://<your_domain_or_ip>
與Jenkins集成相關配置
訪問權限:這里建議公司內部的代碼倉庫都設置為Internal。
使用GitLab Webhook與Jenkins實現持續交付:
- 第一種方法是為Jenkins專門制作Deploy Keys;
- 第二種方法是在GitLab上增加一個Jenkins賬戶,用戶Jenkins拉取代碼,兩種方法都可以。
這里采用第二種方法,賬戶為:jenkins,密碼為:jenkins。
在Jenkins中配置Webhook:
Repository URL: http://<your_gitlab_server_ip>/jenkins/test.git
Credentials: jenkins/jenkins
配置時區
# vim /etc/gitlab/gitlab.rb
...
gitlab_rails['time_zone'] = 'Asia/Shanghai'
...
重置生效:
# gitlab-ctl reconfigure
或:
# gitlab-ctl restart
其他部署方式
Docker Compose部署
模板示例:
web:
image: 'gitlab/gitlab-ee:latest'
restart: always
hostname: 'gitlab.example.com'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://gitlab.example.com:8929'
gitlab_rails['gitlab_shell_ssh_port'] = 2224
ports:
- '8929:8929'
- '2224:22'
volumes:
- '$GITLAB_HOME/config:/etc/gitlab'
- '$GITLAB_HOME/logs:/var/log/gitlab'
- '$GITLAB_HOME/data:/var/opt/gitlab'
Docker Swarm部署
模板示例:
version: "3.6"
services:
gitlab:
image: gitlab/gitlab-ee:latest
ports:
- "22:22"
- "80:80"
- "443:443"
volumes:
- $GITLAB_HOME/data:/var/opt/gitlab
- $GITLAB_HOME/logs:/var/log/gitlab
- $GITLAB_HOME/config:/etc/gitlab
environment:
GITLAB_OMNIBUS_CONFIG: "from_file('/omnibus_config.rb')"
configs:
- source: gitlab
target: /omnibus_config.rb
secrets:
- gitlab_root_password
gitlab-runner:
image: gitlab/gitlab-runner:alpine
deploy:
mode: replicated
replicas: 4
configs:
gitlab:
file: ./gitlab.rb
secrets:
gitlab_root_password:
file: ./root_password.txt
gitlab.rb文件內容:
external_url 'https://my.domain.com/'
gitlab_rails['initial_root_password'] = File.read('/run/secrets/gitlab_root_password')
root_password.txt文件內容:
MySuperSecretAndSecurePass0rd!
部署命令:
docker stack deploy --compose-file docker-compose.yml mystack