Jenkins+Ansible+GitLab持续交付平台搭建-第1篇
Jenkins+Ansible+GitLab持续交付平台搭建-第1篇
Criss@陈磊
发布于 2019-10-22 14:21:40
发布于 2019-10-22 14:21:40
这篇文章跟大家介绍Jenkins+Ansible+GitLab持续交付平台搭建。
过程大概这这样的:Jenkins首先从Gitlab去抓取我们写好的具体产品的playbook, 并使用virtualenv下的Ansible相关命令, 保证我们在一个clean的环境下使用stable version去批量部署我们的产品到远程client。
jenkins和ansible安装一个机器,gitlab单独安装。
GitLab安装配置管理
GitLab安装配置
1.关闭firewalld防火墙
# systemctl stop firewalld
# systemctl disable firewalld2.关闭SELINUX并重启系统,关闭强制访问安全策略
# vi /etc/sysconfig/selinux
…
SELINUX=disabled
...
# reboot安装Omnibus Gitlab-ce package
1. 安装Gitlab组件
# yum -y install curl policycoreutils openssh-server openssh-cilents postfix2.配置yum下载仓库
# curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash3.启动postfix邮件服务
# systemctl start postfix && systemctl enable postfix
or
# systemctl start postfix
# systemctl enable postfix4.安装gitlab-ce社区版本
# yum -y install gitlab-ceOmnibus Gitlab相关配置初始化并完成安装
1.证书创建与配置加载
# mkdir –p /etc/gitlab/ssl
# openssl genrsa -out "/etc/gitlab/ssl/gitlab.example.com.key" 2048
# openssl req -new -key "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.csr"
....
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:bj
Locality Name (eg, city) [Default City]:bj
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:gitlab.example.com
Email Address []:admin@example.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []:查看是否创建成功私有秘钥和ssl证书
#ll –a
-rw-r--r-- 1 root root 1074 Sep 24 13:33 gitlab.example.com.csr
-rw-r--r-- 1 root root 1675 Sep 24 13:29 gitlab.example.com.key利用ssl证书和私有秘钥创建天使证书
# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.example.com.csr" -signkey "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.crt"
#ll –a
total 12
-rw-r--r-- 1 root root 1281 Sep 24 13:42 gitlab.example.com.crt
-rw-r--r-- 1 root root 1074 Sep 24 13:33 gitlab.example.com.csr
-rw-r--r-- 1 root root 1675 Sep 24 13:29 gitlab.example.com.key创建pem证书
# openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048更改当前目录证书权限
# chmod 600 *
# ll
total 16
-rw------- 1 root root 424 Sep 24 13:48 dhparams.pem
-rw------- 1 root root 1281 Sep 24 13:42 gitlab.example.com.crt
-rw------- 1 root root 1074 Sep 24 13:33 gitlab.example.com.csr
-rw------- 1 root root 1675 Sep 24 13:29 gitlab.example.com.key编辑gitlab配置文件,将所有生成的证书配置到gitlab配置文件中
# vi /etc/gitlab/gitlab.rb
....
external_url 'https://gitlab.example.com'
....
nginx['redirect_http_to_https'] = true
....
# ['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt"
# nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key"
...
# nginx['ssl_dhparam'] = /etc/gitlab.ssl/dhparams.pem # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem初始化gitlab服务相关配置
# gitlab-ctl reconfigure
.....
.....初始化成功
Chef Client finished, 435/620 resources updated in 04 minutes 07 seconds
gitlab Reconfigured!2.Nginx ssl代理服务配置
找到gitlab代理工具nginx更改gitlab下http配置文件
# vi /var/opt/gitlab/nginx/conf/gitlab-http.conf
# server_name
server {
listen *:80;
server_name gitlab.example.com;
rewrite ^(.*)$ https://$host$1 permanent;使nginx配置文件生效
# gitlab-ctl restart47.98.198.241ip重定向到gitlab.example.com域名
windows: C:\Windows\System32\drivers\etc\hosts
47.98.198.241 gitlab.example.comGitlab服务器启动关闭
初始化配置
# gitlab-ctl reconfiguregitlab日志
# /var/log/gitlab/unicornGitlab主页面:root &12345678
3.初始化Gitlab相关服务并完成安装
GitLab汉化:http://www.cnblogs.com/straycats/p/7707359.html
##关闭Gitlab服务
# gitlab-ctl restart
# gitlab-ctl stop
# gitlab-ctl start
##重新配置GitLab
# gitlab-ctl reconfigure
##下载最新的汉化包
# git clone https://gitlab.com/xhang/gitlab.git
#下载老版本汉化版如果是要下载老版本的汉化包,需要加上老版本的分支,比如今天已经是10.0.4,我依旧想下载10.0.2,可以运行下面的语
# git clone https://gitlab.com/xhang/gitlab.git -b v10.0.2-zh本文参与 腾讯云自媒体分享计划,分享自微信公众号。
原始发表:2019-10-21,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读