准备机器,信息如下:
root@server:~# hostnamectl
Static hostname: server.local
Icon name: computer-vm
Chassis: vm
Machine ID: 7b0c392aff5f742bb78a87e65b929466
Boot ID: bef54cfd95454cbc92e14b5091745b67
Virtualization: vmware
Operating System: Ubuntu 16.04.5 LTS
Kernel: Linux 4.4.0-134-generic
Architecture: x86-64
更改ssh server端口,避免与gitlab ssh端口冲突
root@server:~# vim /etc/ssh/sshd_config
...(省略)
# What ports, IPs and protocols we listen for
Port 2222
...(省略)
重启sshd服务变更端口生效
root@server:~# systemctl restart sshd.service
设置从客户端ssh免密到server
#确保通过名称server.local访问到服务器
gitadmin@DESKTOP-PCPO8BK:~$ sudo vim /etc/hosts
192.168.193.200 server.local
#更改ssh客户端连接ssh服务器的默认关口
gitadmin@DESKTOP-PCPO8BK:~$ vim .ssh/config
Host server.local
Port 2222
#生成密钥,-C 备注关联用户
gitadmin@DESKTOP-PCPO8BK:~$ ssh-keygen -C "simon.zhu@xxxx.com"
#copy公钥到服务器
gitadmin@DESKTOP-PCPO8BK:~$ ssh-copy-id root@server.local
#测试免密连接
gitadmin@DESKTOP-PCPO8BK:~$ ssh root@server.local
Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.4.0-134-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
38 packages can be updated.
28 updates are security updates.
New release '18.04.1 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Sat Oct 27 13:00:15 2018 from 192.168.193.1
root@server:~#
在服务器安装Docker
在服务器安装Docker Compose
给服务配置大内存,尽量使用内存,提高性能
以下安装MTA(smtp服务器),为Gitlab准备邮件通知功能
apt install -y postfix
#将docker的ip(一般以172开头)设置为可信网络,以便smtp服务器接收gitlab发出的投递请求
root@server:~# vim /etc/postfix/main.cf
mynetworks = 172.0.0.0/8 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
root@server:~# systemctl restart postfix.service
运行Gitlab Runner
root@runner1:~/runner# vim docker-compose.yml
version: '3.7'
services:
runner:
image: gitlab/gitlab-runner:alpine-v11.4.2
restart: always
extra_hosts:
- "server.local:192.168.193.200"
environment:
- RUNNER_NAME=Docker Executor (Docker in Docker)
volumes:
- /srv/gitlab-runner/config:/etc/gitlab-runner
- /var/run/docker.sock:/var/run/docker.sock
root@runner1:~/runner# docker-compose up -d
启动Gitlab
root@server:~# mkdir -p ci
root@server:~# cd ci/
root@server:~/ci# vim gitlab.yml
version: '3.7'
services:
web:
image: 'gitlab/gitlab-ce:11.4.0-ce.0'
restart: always
hostname: 'server.local'
extra_hosts:
#邮件通知服务器地址
- "smtp.server:192.168.193.200"
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://192.168.193.200'
gitlab_rails['smtp_enable'] = true;
gitlab_rails['smtp_address'] = 'smtp.server';
gitlab_rails['smtp_port'] = 25;
gitlab_rails['smtp_domain'] = 'server.local';
gitlab_rails['smtp_tls'] = false;
gitlab_rails['smtp_openssl_verify_mode'] = 'none'
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_ssl'] = false
gitlab_rails['smtp_force_ssl'] = false
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_servers'] = YAML.load <<-EOS
main:
label: 'ldap.mycom.com'
host: 'ldap'
port: 389
uid: 'uid'
encryption: 'plain'
bind_dn: 'cn=admin,dc=mycom,dc=com'
password: '1'
active_directory: false
allow_username_or_email_login: true
lowercase_usernames: true
base: 'cn=admin,dc=mycom,dc=com'
user_filter: ''
EOS
ports:
- '80:80'
- '443:443'
- '22:22'
volumes:
- './gitlab/config:/etc/gitlab'
- './gitlab/logs:/var/log/gitlab'
- './gitlab/data:/var/opt/gitlab'
#启动Gitlab
root@server:~/ci# docker-compose -f gitlab.yml up -d
增加ldap方式的Gitlab认证授权,启动ldap服务
root@server:~/ci# vim ldap.yml
version: '3.7'
services:
ldap:
image: "osixia/openldap:1.2.2"
restart: always
environment:
LDAP_ORGANISATION: mycom
LDAP_DOMAIN: mycom.com
LDAP_BASE_DN: mycom.com
LDAP_ADMIN_PASSWORD: "admin"
LDAP_OPENLDAP_UID: 0
LDAP_OPENLDAP_GID: 0
LDAP_TLS: "false"
LDAP_CONFIG_PASSWORD: "admin"
volumes:
- /etc/localtime:/etc/localtime:ro
- ./ldap/database:/var/lib/ldap
- ./ldap/conf:/etc/ldap/slapd.d
expose:
- "389"
# network_mode: "host"
# ports:
# - 389:389
phpldapadmin:
image: "osixia/phpldapadmin:0.7.2"
restart: always
environment:
PHPLDAPADMIN_HTTPS: "false"
PHPLDAPADMIN_LDAP_HOSTS: "ldap"
volumes:
- /etc/localtime:/etc/localtime:ro
# network_mode: "host"
ports:
# - 6443:443
- 6080:80
#启动ldap服务
root@server:~/ci# docker-compose -f ldap.yml up -d
在ldap服务添加用户
Login DN:cn=admin,dc=mycom,dc=com;Passwords:admin
image.png
用在ldap中添加的用户登陆GItlab
用邮箱和密码登陆
image.png
启动Runner
准备另一台机器,软件环境与上面Server相同(即安装好Docker和Docker Compose)
root@runner1:~# hostnamectl
Static hostname: runner1.local
Icon name: computer-vm
Chassis: vm
Machine ID: 7b0c392aff5f742bb78a87e65b929466
Boot ID: 11957514ccc14a59ae62789bb4a311fb
Virtualization: vmware
Operating System: Ubuntu 16.04.5 LTS
Kernel: Linux 4.4.0-134-generic
Architecture: x86-64
root@runner1:~# mkdir -p runner/
root@runner1:~# cd runner/
root@runner1:~/runner# vim docker-compose.yml
version: '3.7'
services:
runner:
image: gitlab/gitlab-runner:alpine-v11.4.2
restart: always
extra_hosts:
- "server.local:192.168.193.200"
# - "gitlab.mycom.com:192.168.193.200"
environment:
- RUNNER_NAME=Docker Executor (Docker in Docker)
volumes:
- /srv/gitlab-runner/config:/etc/gitlab-runner
- /var/run/docker.sock:/var/run/docker.sock
root@runner1:~/runner# docker-compose up -d
注册Runner
(token需要GItlab的root用户通过Standard登陆查看)
image.png
root@runner1:~/runner# docker exec -it runner_runner_1 bash
bash-4.4# gitlab-runner register -n \
> --url http://server.local/ \
> --registration-token Qmx8nyxdCypHLpzyH5eH \
> --executor docker \
> --description "My Docker Runner(dind executor)" \
> --docker-image "docker:stable" \
> --docker-privileged
Runtime platform arch=amd64 os=linux pid=17 revision=cf91d5e1 version=11.4.2
Running in system-mode.
Registering runner... succeeded runner=Qmx8nyxd
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
通过Gitlab查看注册的Runner
image.png
登陆Gitlab,注册ssh公钥,创建项目,并克隆到本地,创建.gitlab-ci.yml
gitadmin@DESKTOP-PCPO8BK:~/pj1$ vim .gitlab-ci.yml
push到Gitlab,Gitlab自动运行pipeline(编译,测试,打包,发布)
image.png
后续打算继续如下实验
1,通过redmine提出功能需求
2,基于主分支,创建开发分支,完成开发,静态代码分析,测试
3,创建merge request到master
4,确认merge request通过,自动关闭redmine的issue
待完成。
