安装Gitlab(via dockerimage),实现Auto Pipeline

准备机器,信息如下:

root@server:~# hostnamectl
   Static hostname: server.local
         Icon name: computer-vm
           Chassis: vm
        Machine ID: 7b0c392aff5f742bb78a87e65b929466
           Boot ID: bef54cfd95454cbc92e14b5091745b67
    Virtualization: vmware
  Operating System: Ubuntu 16.04.5 LTS
            Kernel: Linux 4.4.0-134-generic
      Architecture: x86-64

更改ssh server端口,避免与gitlab ssh端口冲突

root@server:~# vim /etc/ssh/sshd_config
...(省略)
# What ports, IPs and protocols we listen for
Port 2222
...(省略)

重启sshd服务变更端口生效

root@server:~# systemctl restart sshd.service

设置从客户端ssh免密到server

#确保通过名称server.local访问到服务器
gitadmin@DESKTOP-PCPO8BK:~$ sudo vim /etc/hosts
192.168.193.200 server.local

#更改ssh客户端连接ssh服务器的默认关口
gitadmin@DESKTOP-PCPO8BK:~$ vim .ssh/config
Host server.local
    Port 2222

#生成密钥,-C 备注关联用户
gitadmin@DESKTOP-PCPO8BK:~$ ssh-keygen -C "simon.zhu@xxxx.com"

#copy公钥到服务器
gitadmin@DESKTOP-PCPO8BK:~$ ssh-copy-id root@server.local

#测试免密连接
gitadmin@DESKTOP-PCPO8BK:~$ ssh root@server.local
Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.4.0-134-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

38 packages can be updated.
28 updates are security updates.

New release '18.04.1 LTS' available.
Run 'do-release-upgrade' to upgrade to it.


Last login: Sat Oct 27 13:00:15 2018 from 192.168.193.1
root@server:~#

在服务器安装Docker
在服务器安装Docker Compose
给服务配置大内存,尽量使用内存,提高性能

以下安装MTA(smtp服务器),为Gitlab准备邮件通知功能

apt install -y postfix
#将docker的ip(一般以172开头)设置为可信网络,以便smtp服务器接收gitlab发出的投递请求
root@server:~# vim /etc/postfix/main.cf
mynetworks = 172.0.0.0/8 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
root@server:~# systemctl restart postfix.service

运行Gitlab Runner

root@runner1:~/runner# vim docker-compose.yml
version: '3.7'
services:
  runner:
    image: gitlab/gitlab-runner:alpine-v11.4.2
    restart: always
    extra_hosts:
      - "server.local:192.168.193.200"
    environment:
      - RUNNER_NAME=Docker Executor (Docker in Docker)
    volumes:
      - /srv/gitlab-runner/config:/etc/gitlab-runner
      - /var/run/docker.sock:/var/run/docker.sock
root@runner1:~/runner# docker-compose up -d

启动Gitlab

root@server:~# mkdir -p ci
root@server:~# cd ci/
root@server:~/ci# vim gitlab.yml
version: '3.7'
services:
  web:
    image: 'gitlab/gitlab-ce:11.4.0-ce.0'
    restart: always
    hostname: 'server.local'
    extra_hosts:
      #邮件通知服务器地址
      - "smtp.server:192.168.193.200"
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://192.168.193.200'
        gitlab_rails['smtp_enable'] = true;
        gitlab_rails['smtp_address'] = 'smtp.server';
        gitlab_rails['smtp_port'] = 25;
        gitlab_rails['smtp_domain'] = 'server.local';
        gitlab_rails['smtp_tls'] = false;
        gitlab_rails['smtp_openssl_verify_mode'] = 'none'
        gitlab_rails['smtp_enable_starttls_auto'] = false
        gitlab_rails['smtp_ssl'] = false
        gitlab_rails['smtp_force_ssl'] = false
        gitlab_rails['ldap_enabled'] = true
        gitlab_rails['ldap_servers'] = YAML.load <<-EOS
        main:
          label: 'ldap.mycom.com'
          host: 'ldap'
          port: 389
          uid: 'uid'
          encryption: 'plain'
          bind_dn: 'cn=admin,dc=mycom,dc=com'
          password: '1'
          active_directory: false
          allow_username_or_email_login: true
          lowercase_usernames: true
          base: 'cn=admin,dc=mycom,dc=com'
          user_filter: ''
        EOS
    ports:
      - '80:80'
      - '443:443'
      - '22:22'
    volumes:
      - './gitlab/config:/etc/gitlab'
      - './gitlab/logs:/var/log/gitlab'
      - './gitlab/data:/var/opt/gitlab'

#启动Gitlab
root@server:~/ci# docker-compose -f gitlab.yml up -d

增加ldap方式的Gitlab认证授权,启动ldap服务

root@server:~/ci# vim ldap.yml
version: '3.7'

services:
  ldap:
    image: "osixia/openldap:1.2.2"
    restart: always
    environment:
      LDAP_ORGANISATION: mycom
      LDAP_DOMAIN: mycom.com
      LDAP_BASE_DN: mycom.com
      LDAP_ADMIN_PASSWORD: "admin"
      LDAP_OPENLDAP_UID: 0
      LDAP_OPENLDAP_GID: 0
      LDAP_TLS: "false"
      LDAP_CONFIG_PASSWORD: "admin"
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./ldap/database:/var/lib/ldap
      - ./ldap/conf:/etc/ldap/slapd.d
    expose:
      - "389"
#    network_mode: "host"
#    ports:
#      - 389:389

  phpldapadmin:
    image: "osixia/phpldapadmin:0.7.2"
    restart: always
    environment:
      PHPLDAPADMIN_HTTPS: "false"
      PHPLDAPADMIN_LDAP_HOSTS: "ldap"
    volumes:
      - /etc/localtime:/etc/localtime:ro
#    network_mode: "host"
    ports:
#      - 6443:443
      - 6080:80

#启动ldap服务
root@server:~/ci# docker-compose -f ldap.yml up -d

在ldap服务添加用户


Login DN:cn=admin,dc=mycom,dc=com;Passwords:admin

image.png

用在ldap中添加的用户登陆GItlab


用邮箱和密码登陆

image.png

启动Runner
准备另一台机器,软件环境与上面Server相同(即安装好Docker和Docker Compose)

root@runner1:~# hostnamectl
   Static hostname: runner1.local
         Icon name: computer-vm
           Chassis: vm
        Machine ID: 7b0c392aff5f742bb78a87e65b929466
           Boot ID: 11957514ccc14a59ae62789bb4a311fb
    Virtualization: vmware
  Operating System: Ubuntu 16.04.5 LTS
            Kernel: Linux 4.4.0-134-generic
      Architecture: x86-64
root@runner1:~# mkdir -p runner/
root@runner1:~# cd runner/
root@runner1:~/runner# vim docker-compose.yml
version: '3.7'
services:
  runner:
    image: gitlab/gitlab-runner:alpine-v11.4.2
    restart: always
    extra_hosts:
      - "server.local:192.168.193.200"
#      - "gitlab.mycom.com:192.168.193.200"
    environment:
      - RUNNER_NAME=Docker Executor (Docker in Docker)
    volumes:
      - /srv/gitlab-runner/config:/etc/gitlab-runner
      - /var/run/docker.sock:/var/run/docker.sock
root@runner1:~/runner# docker-compose up -d

注册Runner
(token需要GItlab的root用户通过Standard登陆查看)


image.png
root@runner1:~/runner# docker exec -it runner_runner_1 bash
bash-4.4# gitlab-runner register -n \
>   --url http://server.local/ \
>   --registration-token Qmx8nyxdCypHLpzyH5eH \
>   --executor docker \
>   --description "My Docker Runner(dind executor)" \
>   --docker-image "docker:stable" \
>   --docker-privileged
Runtime platform                                    arch=amd64 os=linux pid=17 revision=cf91d5e1 version=11.4.2
Running in system-mode.

Registering runner... succeeded                     runner=Qmx8nyxd
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!

通过Gitlab查看注册的Runner


image.png

登陆Gitlab,注册ssh公钥,创建项目,并克隆到本地,创建.gitlab-ci.yml

gitadmin@DESKTOP-PCPO8BK:~/pj1$ vim .gitlab-ci.yml

push到Gitlab,Gitlab自动运行pipeline(编译,测试,打包,发布)

image.png

后续打算继续如下实验
1,通过redmine提出功能需求
2,基于主分支,创建开发分支,完成开发,静态代码分析,测试
3,创建merge request到master
4,确认merge request通过,自动关闭redmine的issue

待完成。