内网IP
外网情况下,直接修改网卡为静态IP就好了
- 1、 使用VirtualBox的时候,设置两个网卡,第一个Net,第二个桥接
- 2、启动虚拟机后,修改第一个网卡信息的 最后一行,改为
yes - 3、service network restart
- 4、配置第二块网卡的IP信息,IPADDR等信息(配置的是
桥接网卡) - 5、重启网卡
- 6、安装net-tools
- 7、ifconfig查看IP信息
CentOS
GitLab
# 添加源
vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=gitlab-ce
baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
repo_gpgcheck=0
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/gpg.key
# 更新本地yum缓存
sudo yum makecache
# 安装依赖
yum install vim curl openssh-server openssh-clients gcc-c++ zlib1g-dev zlib-devel curl-devel expat-devel gettext-devel opgcc perl-ExtUtils-MakeMaker
# 安装GitLab
sudo yum install gitlab-ce # 自动安装最新版
sudo yum install gitlab-ce-8.8.4-ce.0.el6 # 安装指定版本
# 配置
vi /etc/gitlab/gitlab.rb
# 找到 external_url 'http://000.00.00.00:8081' # 修改成你的地址
# gitlab_rails['time_zone']= 'Asia/Shanghai' # 修改这里的时区
# 日志路径配置(指定日志位置)
# mv /var/log/gitlab /data/logs/
# ln -s /data/logs/gitlab /var/log/gitlab
# 首次启动也需要以下命令加载配置,完成初始化
sudo gitlab-ctl reconfigure
# 启动gitlab
sudo gitlab-ctl restart
# 开机自启
systemctl enable gitlab-runsvdir.service
# 配置防火墙 80
firewall-cmd --add-port=80/tcp --permanent
# 重启防火墙
firewall-cmd --reload
# 设置密码
sudo gitlab-rake "gitlab:password:reset[root]"
# 所有的配置在 /etc/gitlab/gitlab.rb 中修改,修改完配置后执行 gitlab-ctl reconfigure 生效
# 生成SSH秘钥
ssh-keygen
# 查看(在指定用户目录下)
cat ~/.ssh/id_rsa.pub
# runner中使用本地image
vi /etc/gitlab-runner/config.toml
# 在volumes下面添加 pull_policy = “if-not-present”
Jenkins
# 安装依赖
yum -y install git wget maven
# 下载java
# https://download.oracle.com/otn/java/jdk/8u291-b10/d7fc238d0cbf4b0dac67be84580cfb4b/jdk-8u291-linux-x64.tar.gz?AuthParam=1625574678_9c6016adf70cfb2a34064b6dff1bf953
# 创建java目录
mkdir /usr/local/java/
# 解压至安装目录
tar -zxvf jdk-8u171-linux-x64.tar.gz -C /usr/local/java/
# 设置环境变量
vim /etc/profile
# 末尾添加
export JAVA_HOME=/usr/local/java/jdk1.8.0_171
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:$PATH
# 使配置生效
source /etc/profile
# 添加软连接
ln -s /usr/local/java/jdk1.8.0_171/bin/java /usr/bin/java
# 查看java版本
java -version
# 添加 jenkins 源
wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat/jenkins.repo
# 查看 repo 文件
cat /etc/yum.repos.d/jenkins.repo
# [jenkins]
# name=Jenkins
# baseurl=http://pkg.jenkins.io/redhat
# gpgcheck=1
# 安装 jenkins key
rpm --import https://pkg.jenkins.io/redhat/jenkins.io.key
# 安装 jenkins
yum install jenkins -y
# 启动jenkins
systemctl start jenkins
# 查看jenkins状态
systemctl status jenkins.service
# 将 8080 端口添加到 firewalld 防火墙中
firewall-cmd --add-port=8080/tcp --permanent
# 重启防火墙
firewall-cmd --reload
# 查看jenkins密码
cat /var/lib/jenkins/secrets/initialAdminPassword
# 修改jenkins配置
vim /etc/sysconfig/jenkins
# 查看jenkins安装目录
cd /var/lib/jenkins/
# jobs: 浏览器上创建的任务存放目录
# logs: 存放 jenkins 相关日志
# nodes: 多节点时用到
# plugins: 插件存放目录
# secrets: 密码和秘钥存放目录
# jenkins 存放数据不依靠数据库,所以在移植时只需要拷贝整个程序主目录即可。
Harbor
# 安装依赖
yum install -y yum-utils device-mapper-persistent-data lvm2 wget
# 添加阿里云安装源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# yum -y install yum-utils
# 安装Docker
yum install -y docker-ce
# 编辑
vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://giuzc4qh.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.30.24"] # 不需要使用HTTPS
}
# 启动docker
systemctl restart docker.service
# 如果 docker ps 报错没有权限, 创建docker用户组
sudo groupadd docker
# 将当前登陆用户加入到docker用户组中
sudo gpasswd -a $USER docker
# 更新用户组
newgrp docker
# 下载docker-compose
# wget https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64
# 获取docker-compose
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
# 给docker-compose添加执行权限
chmod +x /usr/local/bin/docker-compose
#查看docker-compose版本
docker-compose version
# 下载harbor
# https://github.com/goharbor/harbor/releases/download/v2.3.0/harbor-offline-installer-v2.3.0.tgz
# 解压
tar zxf harbor-offline-installer-v2.3.0.tgz -C /usr/local/
# 进入harbor目录
cd /usr/local/harbor/
# 拷贝模板配置文件
cp harbor.yml.tmpl harbor.yml
# 编辑harbor配置文件
vi harbor.yml
# 安装harbor
./install.sh
# 修改的本机IP
hostname: 本机IP
# HTTPS 设置
# http:
# port: 80
# https:
# port: 443
# certificate: /your/certificate/path
# private_key: /your/private/key/path
# 密码
harbor_admin_password: Harbor12345
database:
password: root123
max_idle_conns: 100
max_open_conns: 900
data_volume: /data
trivy:
ignore_unfixed: false
skip_update: false
insecure: false
jobservice:
max_job_workers: 10
notification:
webhook_job_max_retry: 10
chart:
absolute_url: disabled
log:
level: info
local:
rotate_count: 50
rotate_size: 200M
location: /var/log/harbor
_version: 2.3.0
proxy:
http_proxy:
https_proxy:
no_proxy:
components:
- core
- jobservice
- trivy
配置开机自启
vi /lib/systemd/system/harbor.service
#####
[Unit]
Description=Harbor
After=docker.service systemd-networkd.service systemd-resolved.service
Requires=docker.service
Documentation=http://github.com/vmware/harbor
[Service]
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/local/bin/docker-compose -f /usr/local/harbor/docker-compose.yml up
ExecStop=/usr/local/bin/docker-compose -f /usr/local/harbor/docker-compose.yml down
[Install]
WantedBy=multi-user.target
#####
systemctl enable harbor
systemctl start harbor
Docker
GitLab
安装
# 下载镜像
docker pull gitlab/gitlab-ce:latest
# 查看日志运行详情
docker logs -f DockerName
# 创建并后台启动容器
sudo docker run --detach --hostname gitlab.epgn.com --publish 443:443 --publish 8000:80 --publish 222:22 --name gitlab --restart always --volume /root/dev/gitlab/config:/etc/gitlab --volume /root/dev/gitlab/logs:/var/log/gitlab --volume /root/dev/gitlab/data:/var/opt/gitlab gitlab/gitlab-ce:latest
修改密码
# 如果使用容器安装,先进入容器
docker exec -it gitlab /bin/bash
# 进入gitlab后台
gitlab-rails console -e production
# 指定user对象
user = User.where(id:1).first
# 修改user的密码,密码不能简单,否则会报错
user.password=12345678
# 保存
user.save!
# 退出
quit
gitlab runner
# 下载镜像
docker pull gitlab/gitlab-runner:latest
# 创建并启动
sudo docker run -d --name gitlab-runner --restart always -v /root/dev/gitlab-runner/config:/etc/gitlab-runner -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-runner:latest
# 注册runner
docker run --rm -v /root/dev/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner register --non-interactive --executor "docker" --docker-image alpine:latest --url "http://1.11.111.123:8000/" --registration-token "xon9QPnDEDz_7gAxPdw9" --description "first-register-runner" --tag-list "test-cicd1,dockercicd1" --run-untagged="true" --locked="false" --access-level="not_protected"
# 这里的url和registration-token, 是从GitLab中获取的
# Runtime platform arch=amd64 os=linux pid=8 revision=c1edb478 version=14.0.1
# Running in system-mode.
# Registering runner... succeeded runner=xon9QPnD
# Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
Jenkins
# 更新
sudo apt-get -y upgrade
sudo apt-get -y update
# 安装Docker
sudo apt-get install -y curl
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88 # 检验
sudo vim /etc/apt/sources.list
# 添加到 文件最后一行
deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/debian jessie stable
sudo apt-get update
sudo apt-get install -y docker-ce
# 将登陆用户加入到 docker 用户组中
sudo gpasswd -a $USER docker
# 更新用户组
newgrp docker
# 下载镜像
docker pull jenkinsci/blueocean
# 打包、解压镜像
docker save -o jenkins.tar jenkinsci/blueocean:latest
docker load -i jenkins.tar
# 运行容器
docker run -u root --rm -d -p 8080:8080 -p 50000:50000 -v jenkins-data:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock jenkinsci/blueocean
# 进入Docker中查看密码
docker exec -it lucid_khorana bash
cat /var/jenkins_home/secrets/initialAdminPassword
Harbor
docker-compose
# 更新
sudo apt-get -y upgrade
sudo apt-get -y update
sudo apt update
# 安装Docker
sudo apt-get install -y curl
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88 # 检验
sudo vim /etc/apt/sources.list
deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/debian jessie stable
sudo apt-get update
sudo apt-get install -y docker-ce
# 更改权限
sudo gpasswd -a $USER docker
newgrp docker
# 安装Docker-Compose
sudo curl -L https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64 -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docekr-harbor
# 打包、加载所有镜像
docker save $(docker images | grep -v REPOSITORY | awk 'BEGIN{OFS=":";ORS=" "}{print $1,$2}') -o all_harbor.tar
# 准备好镜像文件(300M)、harbor压缩包
docker load -i harbor.tar
tar zxvf harbor-offline-installer-v2.3.0.tgz
cd harbor
# 修改harbor.yml的配置文件
cp harbor.yml.tmpl harbor.yml
vim harbor.yml
# 准备环境
./prepare
# 开始安装
./install.sh
# 启动所有的容器命令
docker start $(docker ps -a | awk '{ print $1}' | tail -n +2)
# 关闭所有的容器命令
docker stop $(docker ps -a | awk '{ print $1}' | tail -n +2)
# 删除所有的容器命令
docker rm $(docker ps -a | awk '{ print $1}' | tail -n +2)
# 删除所有的镜像
docker rmi $(docker images | awk '{print $3}' |tail -n +2)
修改配置文件
# 修改的本机IP
hostname: 本机IP
# HTTPS 设置
# http:
# port: 80
# https:
# port: 443
# certificate: /your/certificate/path
# private_key: /your/private/key/path
# 密码
harbor_admin_password: Harbor12345
database:
password: root123
max_idle_conns: 100
max_open_conns: 900
data_volume: /data
trivy:
ignore_unfixed: false
skip_update: false
insecure: false
jobservice:
max_job_workers: 10
notification:
webhook_job_max_retry: 10
chart:
absolute_url: disabled
log:
level: info
local:
rotate_count: 50
rotate_size: 200M
location: /var/log/harbor
_version: 2.3.0
proxy:
http_proxy:
https_proxy:
no_proxy:
components:
- core
- jobservice
- trivy
评论区