gitlab 注册runner
向GitLab-CI注册一个Runner需要两样东西:GitLab-CI的url和注册token。
其中,token是为了确定你这个Runner是所有工程都能够使用的Shared Runner还是具体某一个工程才能使用的Specific Runner。
如果要注册Shared Runner,你需要到管理界面的Runners页面里面去找注册token。
进入具体的项目->Setting->CI/CD->Runners settings->Expand,如下图所示:
1.创建一个项目monitor,将代码用SourceTree软件克隆下来,提交代码到master分支,注意要包含2个文件
编辑文件
.gitignore内容如下:
#IDEA
.idea/.gitignore文件的作用,就是排除指定的文件,不允许提交
编辑ci文件
.gitlab-ci.yml内容请参考链接
https://cloud.tencent.com/developer/article/1175082
2.设置分支保护
进入具体的项目->Repository->Protected Branches->Expand
选择master分支,点击Protect按钮,效果如下:
3.设置秘密变量
主要是公钥和私钥,主要是为docker使用的,目标服务器,必须事先添加好公钥,并启用了秘钥认证
进入具体的项目->CI/CD->Secret variables->Expand
添加私钥ID_RSA
添加公钥ID_RSA_PUB
完成之后,效果如下:
4.将公钥加入到开发,测试,线上服务器的~/.ssh/authorized_keys
文件权限为600
下面介绍runner的安装步骤:
这里我是用docker安装的
docker的安装参考
https://cloud.tencent.com/developer/article/1175000
由于服务器不够多,我直接在gitlab服务器安装了
下载runner镜像
# docker pull docker.io/gitlab/gitlab-runner创建配置文件目录
# mkdir /data/gitlab/order/config启动一个runner容器
# docker run -d --name gitlab-runner-monitor --restart=always -v "/var/run/docker.sock:/var/run/docker.sock" -v /data/gitlab/order/config:/etc/gitlab-runner gitlab/gitlab-runner:latest查看docker进程
# docker ps
本地搭建的gitlab,访问域名是testgitlab.baidu.com
docker容器访问gitlab,依赖于宿主机的DNS设置。不能直接对docker设置hosts
需要自己搭建一个DNS服务器,参考链接
https://cloud.tencent.com/developer/article/1174686
这里,我是直接在测试服务器搭建的。
配置文件如下:
vim /etc/unbound/local.d/example.conf内容如下:
local-zone: "baidu.com." static
local-data: "baidu.com. 86400 IN SOA ns.baidu.com. root 1 1D 1H 1W 1H"
local-data: "ns.baidu.com. IN A 192.168.1.92"
local-data: "testgitlab.baidu.com. IN A 192.168.1.37"修改gitlab服务器的DNS指向
vim /etc/resolv.conf# Generated by NetworkManager
search kuaidihelp.com
nameserver 192.168.1.92
nameserver 202.96.209.5
#nameserver 202.96.209.133重启nscd服务,如果没有安装nscd,直接用yum安装即可
systemctl restart nscd测试dns解析是否正常
[root@testgitlab config]# nslookup
> testgitlab.baidu.com
Server: 192.168.1.92
Address: 192.168.1.92#53
Name: testgitlab.baidu.com
Address: 192.168.1.37
>注册runner
# docker exec -it gitlab-runner-monitor gitlab-runner registerRunning in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
#这里写gitlab的访问地址
https://testgitlab.baidu.com/
Please enter the gitlab-ci token for this runner:
#这里写Runners页面的token
peR-***********
Please enter the gitlab-ci description for this runner:
#这里写描述信息(项目名)
[7ab5eaf3d2f8]: monitor
Please enter the gitlab-ci tags for this runner (comma separated):
#tags名
vpc
Whether to run untagged builds [true/false]:
#直接回车
[false]:
Whether to lock the Runner to current project [true/false]:
#直接回车
[true]:
Registering runner... succeeded runner=peR-Ujdx
Please enter the executor: docker, kubernetes, shell, ssh, virtualbox, docker+machine, docker-ssh+machine, docker-ssh, parallels:
#输入docker
docker
Please enter the default Docker image (e.g. ruby:2.1):
#输入php
php
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!出现successfully,说明注册完成了
上面只是注册了tags为vpc的(因为测试服务器和线上服务器,是在阿里云的VPC网络里面,请确保runner服务在VPC里面)
还需要注册tags为dev的(公司内部网络)
注册runner
# docker exec -it gitlab-runner-monitor gitlab-runner register注意,tags为dev
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
#这里写gitlab的访问地址
https://testgitlab.baidu.com/
Please enter the gitlab-ci token for this runner:
#这里写Runners页面的token
peR-***********
Please enter the gitlab-ci description for this runner:
#这里写描述信息(项目名)
[7ab5eaf3d2f8]: monitor
Please enter the gitlab-ci tags for this runner (comma separated):
#tags名
dev
Whether to run untagged builds [true/false]:
#直接回车
[false]:
Whether to lock the Runner to current project [true/false]:
#直接回车
[true]:
Registering runner... succeeded runner=peR-Ujdx
Please enter the executor: docker, kubernetes, shell, ssh, virtualbox, docker+machine, docker-ssh+machine, docker-ssh, parallels:
#输入docker
docker
Please enter the default Docker image (e.g. ruby:2.1):
#输入php
php
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!完成之后,效果如下:
进入具体项目->Overview
新建一个分支
输入develop
点击CI/CD,等待任务完成
点击passed->develop_dev 查看任务执行过程
登录开发服务器
查看文件是否同步了
