Docker 部署 Gitlab-ce
Docker 部署 Gitlab-ce
文章目录
1. 简介
是一个开源的Git代码仓库系统,可以实现自托管的Github项目,即用于构建私有的代码托管平台和项目管理系统。系统基于Ruby on Rails开发,速度快、安全稳定。它拥有与Github类似的功能,能够浏览源代码,管理缺陷和注释。可以管理团队对仓库的访问,它非常易于浏览提交过的版本并提供一个文件历史库。团队成员可以利用内置的简单聊天程序(Wall)进行交流。它还提供一个代码片段收集功能可以轻松实现代码复用,便于日后有需要的时候进行查找。
2. 安装
2.1 docker 安装 GitLab-ce
GitLab的安装可以直接run,或者通过docker-compose文件指定安装流程,这里使用前者进行快速简单安装,后者后续更新。
拉取
$ docker pull gitlab/gitlab-ce:17.3.1-ce.0 $ docker image ls #配置存储位置
$ mkdir /opt/gitlab $ export GITLAB_HOME=/opt/gitlab $ echo $GITLAB_HOME /opt/gitlab 运行gitlab
$ docker run -d --hostname gitlab.example.com -p 443:443 -p 80:80 -p 22:22 --name gitlab --restart always -v $GITLAB_HOME/config:/etc/gitlab:Z -v $GITLAB_HOME/logs:/var/log/gitlab:Z -v $GITLAB_HOME/data:/var/opt/gitlab:Z --shm-size 256m gitlab/gitlab-ce:17.3.1-ce.0 :Z能够确保有足够的权限的权限创建文件
正常要等1~2分钟。
假如报错bash /opt/gitlab/embedded/bin/runsvdir-start: line 24: ulimit: pending signals: cannot modify limit: Operation not permitted /opt/gitlab/embedded/bin/runsvdir-start: line 37: /proc/sys/fs/file-max: Read-only file system Configuring GitLab package... Configuring GitLab...
解决方法:chmod 2770 /opt/gitlab/data/git-data/repositoriesdocker restart gitlab
查看容器运行情况,出现gitlab运行信息表明启动成功
查看容器状态
$ docker ps 查看进程状态
$ docker exec gitlab-ce gitlab-ctl status run: alertmanager: (pid 783) 757s; run: log: (pid 694) 780s run: gitaly: (pid 293) 841s; run: log: (pid 312) 840s run: gitlab-exporter: (pid 763) 759s; run: log: (pid 622) 796s run: gitlab-kas: (pid 420) 829s; run: log: (pid 432) 828s run: gitlab-workhorse: (pid 753) 759s; run: log: (pid 495) 810s run: logrotate: (pid 263) 854s; run: log: (pid 273) 851s run: nginx: (pid 520) 805s; run: log: (pid 535) 804s run: postgres-exporter: (pid 792) 757s; run: log: (pid 720) 772s run: postgresql: (pid 321) 835s; run: log: (pid 417) 833s run: prometheus: (pid 772) 758s; run: log: (pid 655) 784s run: puma: (pid 436) 823s; run: log: (pid 443) 822s run: redis: (pid 276) 847s; run: log: (pid 285) 846s run: redis-exporter: (pid 765) 758s; run: log: (pid 634) 792s run: sidekiq: (pid 451) 817s; run: log: (pid 467) 816s run: sshd: (pid 32) 864s; run: log: (pid 31) 864s 浏览器进入http://192.168.211.70:8080,使用root账户登录并设置密码即可进入管理员界面
2.1.1 定义环境变量
环境变量GITLAB_OMNIBUS_CONFIG添加到Docker run来预先配置GitLab Docker镜像。这个变量包含任何gitlab.rb设置,,GITLAB_OMNIBUS_CONFIG中包含的设置不写入gitlab.rb配置文件。
下面是一个设置外部URL并在启动容器时启用LFS的例子:
docker run --detach \ --hostname gitlab.example.com \ --env GITLAB_OMNIBUS_CONFIG="external_url 'http://my.domain.com/'; gitlab_rails['lfs_enabled'] = true;" \ --publish 443:443 --publish 80:80 --publish 22:22 \ --name gitlab \ --restart always \ --volume $GITLAB_HOME/config:/etc/gitlab \ --volume $GITLAB_HOME/logs:/var/log/gitlab \ --volume $GITLAB_HOME/data:/var/opt/gitlab \ --shm-size 256m \ gitlab/gitlab-ce:17.3.1-ce.0 2.1.2 映射不同端口
如果你想使用一个不同于80 (HTTP)或443 (HTTPS)的主机端口,你需要添加一个单独的——publish指令到docker运行命令。
$ docker run --detach \ --hostname gitlab.example.com \ --publish 8929:8929 --publish 2289:22 \ --name gitlab \ --restart always \ --volume $GITLAB_HOME/config:/etc/gitlab \ --volume $GITLAB_HOME/logs:/var/log/gitlab \ --volume $GITLAB_HOME/data:/var/opt/gitlab \ --shm-size 256m \ gitlab/gitlab-ce:17.3.1-ce.0 $ docker exec -it gitlab /bin/bash $ vi /etc/gitlab/gitlab.rb # For HTTP external_url "http://gitlab.example.com:8929" or # For HTTPS (notice the https) external_url "https://gitlab.example.com:8929" gitlab_rails['gitlab_shell_ssh_port'] = 2289 #重载配置 $ gitlab-ctl reconfigure 端映射格式为“hostPort:containerPort”。更多信息请此external_url中指定的端口必须与Docker发布给主机的端口相匹配。此外,如果NGINX监听端口没有在NGINX ['listen_port']中显式设置,它将从external_url中拉出。要了解更多信息,。
2.1.3 对接外部 postgres
创建数据存储目录
mkdir -p /opt/gitlab/postgresql/data 创建 postgres
docker run --name=postgresql -tid -p 5432:5432 --restart=always -e POSTGRES_DB=gitlab -e POSTGRES_USER=gitlab -e POSTGRES_PASSWORD='Bsgchina@2023' -e POSTGRES_ADMIN_PASSWORD='Bsgchina@2023' -v /opt/gitlab/postgresql/data:/var/lib/postgresql/data --name postgres postgres:latest 测试连接
yum -y install postgresql psql -h 192.168.21.21 -p 5432 -W -U gitlab gitlab 创建 gitlab-ce
docker run -tid --hostname gitlab.example.com -p 443:443 -p 80:80 -p 2200:22 --name gitlab-ce --restart always -v $GITLAB_HOME/config:/etc/gitlab:Z -v $GITLAB_HOME/logs:/var/log/gitlab:Z -v $GITLAB_HOME/data:/var/opt/gitlab:Z gitlab/gitlab-ce:17.3.1-ce.0 定义配置文件 gitlab.rb
$ vim $GITLAB_HOME/config/gitlab.rb ..... external_url 'http://gitlab.example.com' ..... ### GitLab database settings ###! Docs: https://docs.gitlab.com/omnibus/settings/database.html ###! **Only needed if you use an external database.** postgresql['enable'] = false gitlab_rails['db_adapter'] = "postgresql" gitlab_rails['db_encoding'] = "utf-8" # gitlab_rails['db_collation'] = nil gitlab_rails['db_database'] = "gitlab" gitlab_rails['db_username'] = "gitlab" gitlab_rails['db_password'] = "Bsgchina@2023" gitlab_rails['db_host'] = "192.168.21.21" gitlab_rails['db_port'] = 5432 gitlab_rails['db_pool'] = 100 .... 执⾏以下命令初始化 GitLab,此命令执⾏会消耗⼀段时间,请耐心等待,当提示:gitlab Reconfigured! 时,说明已经初始化完成。
docker exec gitlab-ce gitlab-ctl reconfigure 执⾏以下命令启动 GitLab。
docker exec gitlab-ce gitlab-ctl start 2.2 Docker-compose 安装 gitlab
使用,你可以轻松地配置、安装和升级基于Docker的GitLab安装:
- 安装
- 编排docker-compose.yml
version: '3.6' services: web: image: 'gitlab/gitlab-ce:17.3.1-ce.0' restart: always hostname: 'gitlab.example.com' environment: GITLAB_OMNIBUS_CONFIG: | external_url 'https://gitlab.example.com' # Add any other gitlab.rb configuration here, each on its own line ports: - '80:80' - '443:443' - '22:22' volumes: - '$GITLAB_HOME/config:/etc/gitlab' - '$GITLAB_HOME/logs:/var/log/gitlab' - '$GITLAB_HOME/data:/var/opt/gitlab' shm_size: '256m' docker-compose up -d 3. 管理
3.1 登陆界面
访问:http://192.168.21.21/
3.2 获取密码
$ cat /etc/gitlab/initial_root_password # WARNING: This value is valid only in the following conditions # 1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run). # 2. Password hasn't been changed manually, either via UI or via command line. # # If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password. Password: mmPPA7vlzRPgdEgQXu1LnWbok6OUNgiAgoZvhYnCgrw= # NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours. mmPPA7vlzRPgdEgQXu1LnWbok6OUNgiAgoZvhYnCgrw=是默认的初始密码,
我们可以在/etc/gitlab/gitlab.rb配置文件中设置自己的root密码,也可以用默认的密码登陆再修改自己想要的密码。要注意该文件24小时后自动删除。
3.3 修改密码
修改重新登陆即可。
4. 备份
创建 demo 项目,并写入一个文件
4.1 备份配置文件
$ cd /data/gitlab/ $ ls 总用量 192 -rw------- 1 root root 145009 8月 22 14:19 gitlab.rb -rw------- 1 root root 19404 8月 22 14:19 gitlab-secrets.json -rw------- 1 root root 749 8月 22 14:19 initial_root_password -rw------- 1 root root 525 8月 22 14:19 ssh_host_ecdsa_key -rw-r--r-- 1 root root 188 8月 22 14:19 ssh_host_ecdsa_key.pub -rw------- 1 root root 419 8月 22 14:19 ssh_host_ed25519_key -rw-r--r-- 1 root root 108 8月 22 14:19 ssh_host_ed25519_key.pub -rw------- 1 root root 2610 8月 22 14:19 ssh_host_rsa_key -rw-r--r-- 1 root root 580 8月 22 14:19 ssh_host_rsa_key.pub drwxr-xr-x 2 root root 6 8月 22 14:19 trusted-certs $ tar zcvf gitlab-config.tar config 4.2 备份数据
$ docker exec -ti gitlab gitlab-backup create 或者 $ docker exec -ti gitlab-ce gitlab-rake gitlab:backup:create 2023-05-24 11:33:11 UTC -- Dumping database ... Dumping PostgreSQL database gitlabhq_production ... [DONE] 2023-05-24 11:33:13 UTC -- Dumping database ... done 2023-05-24 11:33:13 UTC -- Dumping repositories ... {"command":"create","gl_project_path":"root/demo","level":"info","msg":"started create","relative_path":"@hashed/6b/86/6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b.git","storage_name":"default","time":"2023-05-24T11:33:13.841Z"} {"command":"create","gl_project_path":"root/demo.wiki","level":"info","msg":"started create","relative_path":"@hashed/6b/86/6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b.wiki.git","storage_name":"default","time":"2023-05-24T11:33:13.842Z"} {"command":"create","error":"manager: repository empty: repository skipped","gl_project_path":"root/demo.wiki","level":"warning","msg":"skipped create","relative_path":"@hashed/6b/86/6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b.wiki.git","storage_name":"default","time":"2023-05-24T11:33:13.845Z"} {"command":"create","gl_project_path":"root/demo","level":"info","msg":"completed create","relative_path":"@hashed/6b/86/6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b.git","storage_name":"default","time":"2023-05-24T11:33:13.853Z"} {"command":"create","gl_project_path":"root/demo.design","level":"info","msg":"started create","relative_path":"@hashed/6b/86/6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b.design.git","storage_name":"default","time":"2023-05-24T11:33:13.858Z"} {"command":"create","error":"manager: repository empty: repository skipped","gl_project_path":"root/demo.design","level":"warning","msg":"skipped create","relative_path":"@hashed/6b/86/6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b.design.git","storage_name":"default","time":"2023-05-24T11:33:13.858Z"} 2023-05-24 11:33:13 UTC -- Dumping repositories ... done 2023-05-24 11:33:13 UTC -- Dumping uploads ... 2023-05-24 11:33:13 UTC -- Dumping uploads ... done 2023-05-24 11:33:13 UTC -- Dumping builds ... 2023-05-24 11:33:13 UTC -- Dumping builds ... done 2023-05-24 11:33:13 UTC -- Dumping artifacts ... 2023-05-24 11:33:13 UTC -- Dumping artifacts ... done 2023-05-24 11:33:13 UTC -- Dumping pages ... 2023-05-24 11:33:13 UTC -- Dumping pages ... done 2023-05-24 11:33:13 UTC -- Dumping lfs objects ... 2023-05-24 11:33:13 UTC -- Dumping lfs objects ... done 2023-05-24 11:33:13 UTC -- Dumping terraform states ... 2023-05-24 11:33:13 UTC -- Dumping terraform states ... done 2023-05-24 11:33:13 UTC -- Dumping container registry images ... [DISABLED] 2023-05-24 11:33:13 UTC -- Dumping packages ... 2023-05-24 11:33:13 UTC -- Dumping packages ... done 2023-05-24 11:33:13 UTC -- Creating backup archive: 1684927991_2023_05_24_16.0.1_gitlab_backup.tar ... 2023-05-24 11:33:13 UTC -- Creating backup archive: 1684927991_2023_05_24_16.0.1_gitlab_backup.tar ... done 2023-05-24 11:33:13 UTC -- Uploading backup archive to remote storage ... [SKIPPED] 2023-05-24 11:33:13 UTC -- Deleting old backups ... [SKIPPED] 2023-05-24 11:33:13 UTC -- Deleting tar staging files ... 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/backup_information.yml 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/db 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/repositories 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/uploads.tar.gz 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/builds.tar.gz 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/artifacts.tar.gz 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/pages.tar.gz 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/lfs.tar.gz 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/terraform_state.tar.gz 2023-05-24 11:33:13 UTC -- Cleaning up /var/opt/gitlab/backups/packages.tar.gz 2023-05-24 11:33:13 UTC -- Deleting tar staging files ... done 2023-05-24 11:33:13 UTC -- Deleting backups/tmp ... 2023-05-24 11:33:13 UTC -- Deleting backups/tmp ... done 2023-05-24 11:33:13 UTC -- Warning: Your gitlab.rb and gitlab-secrets.json files contain sensitive data and are not included in this backup. You will need these files to restore a backup. Please back them up manually. 2023-05-24 11:33:13 UTC -- Backup 1684927991_2023_05_24_16.0.1 is done. 2023-05-24 11:33:13 UTC -- Deleting backup and restore PID file ... done [root@gitlab ~]# ls -l /opt/gitlab/data/backups total 432 -rw------- 1 polkitd render 440320 May 24 19:33 1684927991_2023_05_24_16.0.1_gitlab_backup.tar [root@gitlab ~]# du -sh /opt/gitlab/data/backups 432K /opt/gitlab/data/backups 5. 还原
我们尝试删除项目
从默认备份恢复(backups目录下只有一个备份文件时):
$ ls /data/gitlab/data/backups 1684927991_2023_05_24_16.0.1_gitlab_backup.tar $ docker exec -ti gitlab bash $ gitlab-ctl stop puma $ gitlab-ctl stop sidekiq $ gitlab-ctl status $ gitlab-backup restore BACKUP=1684927991_2023_05_24_16.0.1 Do you want to continue (yes/no)? yes $ gitlab-ctl restart $ gitlab-rake gitlab:check SANITIZE=true $ gitlab-rake gitlab:doctor:secret $ gitlab-rake gitlab:artifacts:check $ gitlab-rake gitlab:lfs:check $ gitlab-rake gitlab:uploads:check 现在刷新页面,项目又回来了。
6. 迁移
- 参考步骤5和6安装一个新的gitlab-ce
- 拷贝配置文件至迁移节点解压。
$ tar zxvf gitlab-config.tar -C /data/gitlab $ ls /data/gitlab/config 通过备份还原
$ cp 1684927991_2023_05_24_16.0.1_gitlab_backup.tar /data/gitlab/data/backups $ ls /data/gitlab/data/backups 1684927991_2023_05_24_16.0.1_gitlab_backup.tar $ docker exec -ti gitlab bash $ chown git:git /var/opt/gitlab/backups/1684927991_2023_05_24_16.0.1_gitlab_backup.tar $ gitlab-ctl stop puma $ gitlab-ctl stop sidekiq $ gitlab-ctl status $ gitlab-backup restore BACKUP=1684927991_2023_05_24_16.0.1 Do you want to continue (yes/no)? yes $ gitlab-ctl restart $ gitlab-rake gitlab:check SANITIZE=true $ gitlab-rake gitlab:doctor:secret $ gitlab-rake gitlab:artifacts:check $ gitlab-rake gitlab:lfs:check $ gitlab-rake gitlab:uploads:check 