" name="sm-site-verification"/>
侧边栏壁纸
博主头像
PySuper 博主等级

千里之行,始于足下

  • 累计撰写 231 篇文章
  • 累计创建 15 个标签
  • 累计收到 2 条评论

目 录CONTENT

文章目录

GitLab、Jenkins、Harbor 安装 | CentOS、Docker

PySuper
2021-07-03 / 0 评论 / 0 点赞 / 10 阅读 / 0 字
温馨提示:
本文最后更新于2024-05-28,若内容或图片失效,请留言反馈。 所有牛逼的人都有一段苦逼的岁月。 但是你只要像SB一样去坚持,终将牛逼!!! ✊✊✊

内网IP

外网情况下,直接修改网卡为静态IP就好了

  • 1、 使用VirtualBox的时候,设置两个网卡,第一个Net,第二个桥接
  • 2、启动虚拟机后,修改第一个网卡信息的 最后一行,改为yes
  • 3、service network restart
  • 4、配置第二块网卡的IP信息,IPADDR等信息(配置的是桥接网卡)
  • 5、重启网卡
  • 6、安装net-tools
  • 7、ifconfig查看IP信息

CentOS

GitLab

# 添加源
vim /etc/yum.repos.d/gitlab-ce.repo

[gitlab-ce]
name=gitlab-ce
baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
repo_gpgcheck=0
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/gpg.key

# 更新本地yum缓存
sudo yum makecache

# 安装依赖
yum install vim curl openssh-server openssh-clients gcc-c++ zlib1g-dev zlib-devel curl-devel expat-devel gettext-devel opgcc perl-ExtUtils-MakeMaker

# 安装GitLab
sudo yum install gitlab-ce # 自动安装最新版
sudo yum install gitlab-ce-8.8.4-ce.0.el6 # 安装指定版本

# 配置
vi /etc/gitlab/gitlab.rb 
# 找到 external_url 'http://000.00.00.00:8081' # 修改成你的地址
# gitlab_rails['time_zone']= 'Asia/Shanghai' # 修改这里的时区

# 日志路径配置(指定日志位置)
# mv /var/log/gitlab /data/logs/
# ln -s /data/logs/gitlab /var/log/gitlab

# 首次启动也需要以下命令加载配置,完成初始化
sudo gitlab-ctl reconfigure

# 启动gitlab
sudo gitlab-ctl restart

# 开机自启
systemctl enable gitlab-runsvdir.service

# 配置防火墙 80
firewall-cmd --add-port=80/tcp --permanent

# 重启防火墙
firewall-cmd --reload

# 设置密码
sudo gitlab-rake "gitlab:password:reset[root]"

# 所有的配置在 /etc/gitlab/gitlab.rb 中修改,修改完配置后执行 gitlab-ctl reconfigure 生效

# 生成SSH秘钥
ssh-keygen

# 查看(在指定用户目录下)
cat ~/.ssh/id_rsa.pub

# runner中使用本地image
vi /etc/gitlab-runner/config.toml

# 在volumes下面添加 pull_policy = “if-not-present”

Jenkins

# 安装依赖
yum -y install git wget maven

# 下载java
# https://download.oracle.com/otn/java/jdk/8u291-b10/d7fc238d0cbf4b0dac67be84580cfb4b/jdk-8u291-linux-x64.tar.gz?AuthParam=1625574678_9c6016adf70cfb2a34064b6dff1bf953

# 创建java目录
mkdir /usr/local/java/

# 解压至安装目录
tar -zxvf jdk-8u171-linux-x64.tar.gz -C /usr/local/java/

# 设置环境变量
vim /etc/profile

# 末尾添加
export JAVA_HOME=/usr/local/java/jdk1.8.0_171
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:$PATH
    
# 使配置生效
source /etc/profile

# 添加软连接
ln -s /usr/local/java/jdk1.8.0_171/bin/java /usr/bin/java

# 查看java版本
java -version
# 添加 jenkins 源
wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat/jenkins.repo

# 查看 repo 文件
cat /etc/yum.repos.d/jenkins.repo
# [jenkins]
# name=Jenkins
# baseurl=http://pkg.jenkins.io/redhat
# gpgcheck=1

# 安装 jenkins key
rpm --import https://pkg.jenkins.io/redhat/jenkins.io.key

# 安装 jenkins
yum install jenkins -y

# 启动jenkins
systemctl start jenkins

# 查看jenkins状态
systemctl status jenkins.service

# 将 8080 端口添加到 firewalld 防火墙中
firewall-cmd --add-port=8080/tcp --permanent

# 重启防火墙
firewall-cmd --reload

# 查看jenkins密码
cat /var/lib/jenkins/secrets/initialAdminPassword

# 修改jenkins配置
vim /etc/sysconfig/jenkins

# 查看jenkins安装目录
cd /var/lib/jenkins/
# jobs: 浏览器上创建的任务存放目录
# logs: 存放 jenkins 相关日志
# nodes: 多节点时用到
# plugins: 插件存放目录
# secrets: 密码和秘钥存放目录
# jenkins 存放数据不依靠数据库,所以在移植时只需要拷贝整个程序主目录即可。

Harbor

# 安装依赖
yum install -y yum-utils device-mapper-persistent-data lvm2 wget

# 添加阿里云安装源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# yum -y install yum-utils

# 安装Docker
yum install -y docker-ce

# 编辑
vi /etc/docker/daemon.json
{
    "registry-mirrors": ["https://giuzc4qh.mirror.aliyuncs.com"],
    "insecure-registries": ["192.168.30.24"] # 不需要使用HTTPS
}


# 启动docker
systemctl restart docker.service

# 如果 docker ps 报错没有权限, 创建docker用户组
sudo groupadd docker

# 将当前登陆用户加入到docker用户组中
sudo gpasswd -a $USER docker

# 更新用户组
newgrp docker

# 下载docker-compose
# wget https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64

# 获取docker-compose
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

# 给docker-compose添加执行权限
chmod +x /usr/local/bin/docker-compose

#查看docker-compose版本
docker-compose version

# 下载harbor
# https://github.com/goharbor/harbor/releases/download/v2.3.0/harbor-offline-installer-v2.3.0.tgz

# 解压
tar zxf harbor-offline-installer-v2.3.0.tgz -C /usr/local/

# 进入harbor目录
cd /usr/local/harbor/

# 拷贝模板配置文件
cp harbor.yml.tmpl harbor.yml

#  编辑harbor配置文件
vi harbor.yml

# 安装harbor
./install.sh
# 修改的本机IP
hostname: 本机IP

# HTTPS 设置
# http:
#   port: 80
# https:
#   port: 443
#   certificate: /your/certificate/path
#   private_key: /your/private/key/path

# 密码
harbor_admin_password: Harbor12345

database:
  password: root123
  max_idle_conns: 100
  max_open_conns: 900

data_volume: /data

trivy:
  ignore_unfixed: false
  skip_update: false
  insecure: false

jobservice:
  max_job_workers: 10

notification:
  webhook_job_max_retry: 10

chart:
  absolute_url: disabled

log:
  level: info
  local:
    rotate_count: 50
    rotate_size: 200M
    location: /var/log/harbor

_version: 2.3.0

proxy:
  http_proxy:
  https_proxy:
  no_proxy:
  components:
    - core
    - jobservice
    - trivy

配置开机自启

vi /lib/systemd/system/harbor.service


#####
[Unit]
Description=Harbor
After=docker.service systemd-networkd.service systemd-resolved.service
Requires=docker.service
Documentation=http://github.com/vmware/harbor

[Service]
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/local/bin/docker-compose -f  /usr/local/harbor/docker-compose.yml up
ExecStop=/usr/local/bin/docker-compose -f /usr/local/harbor/docker-compose.yml down

[Install]
WantedBy=multi-user.target
#####

systemctl enable harbor

systemctl start harbor

Docker

GitLab

安装

# 下载镜像
docker pull gitlab/gitlab-ce:latest

# 查看日志运行详情
docker logs -f DockerName

# 创建并后台启动容器
sudo docker run --detach --hostname gitlab.epgn.com --publish 443:443 --publish 8000:80 --publish 222:22 --name gitlab --restart always --volume /root/dev/gitlab/config:/etc/gitlab --volume /root/dev/gitlab/logs:/var/log/gitlab --volume /root/dev/gitlab/data:/var/opt/gitlab gitlab/gitlab-ce:latest

修改密码

# 如果使用容器安装,先进入容器
docker exec -it gitlab /bin/bash

# 进入gitlab后台
gitlab-rails console -e production

# 指定user对象
user = User.where(id:1).first

# 修改user的密码,密码不能简单,否则会报错
user.password=12345678

# 保存
user.save!

# 退出
quit

gitlab runner

# 下载镜像
docker pull gitlab/gitlab-runner:latest

# 创建并启动
sudo docker run -d --name gitlab-runner --restart always -v /root/dev/gitlab-runner/config:/etc/gitlab-runner -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-runner:latest

# 注册runner
docker run --rm -v /root/dev/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner register --non-interactive --executor "docker" --docker-image alpine:latest --url "http://1.11.111.123:8000/" --registration-token "xon9QPnDEDz_7gAxPdw9" --description "first-register-runner" --tag-list "test-cicd1,dockercicd1" --run-untagged="true" --locked="false" --access-level="not_protected"

# 这里的url和registration-token, 是从GitLab中获取的
# Runtime platform	arch=amd64 os=linux pid=8 revision=c1edb478 version=14.0.1
# Running in system-mode.

# Registering runner... succeeded	runner=xon9QPnD
# Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded! 

Jenkins

# 更新
sudo apt-get -y upgrade
sudo apt-get -y update

# 安装Docker
sudo apt-get install -y curl
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88    # 检验
sudo vim /etc/apt/sources.list

# 添加到 文件最后一行
deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/debian jessie stable

sudo apt-get update
sudo apt-get install -y docker-ce

# 将登陆用户加入到 docker 用户组中
sudo gpasswd -a $USER docker

# 更新用户组
newgrp docker

# 下载镜像
docker pull jenkinsci/blueocean

# 打包、解压镜像
docker save -o jenkins.tar jenkinsci/blueocean:latest
docker load -i jenkins.tar

# 运行容器
docker run -u root --rm -d -p 8080:8080 -p 50000:50000 -v jenkins-data:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock jenkinsci/blueocean 

# 进入Docker中查看密码
docker exec -it lucid_khorana bash
cat /var/jenkins_home/secrets/initialAdminPassword

Harbor

docker-compose

# 更新
sudo apt-get -y upgrade
sudo apt-get -y update
sudo apt update

# 安装Docker
sudo apt-get install -y curl
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88    # 检验
sudo vim /etc/apt/sources.list
deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/debian jessie stable
sudo apt-get update
sudo apt-get install -y docker-ce

# 更改权限
sudo gpasswd -a $USER docker
newgrp docker

# 安装Docker-Compose
sudo curl -L https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64 -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

docekr-harbor

# 打包、加载所有镜像
docker save $(docker images | grep -v REPOSITORY | awk 'BEGIN{OFS=":";ORS=" "}{print $1,$2}') -o all_harbor.tar

# 准备好镜像文件(300M)、harbor压缩包
docker load -i harbor.tar
tar zxvf harbor-offline-installer-v2.3.0.tgz

cd harbor

# 修改harbor.yml的配置文件
cp harbor.yml.tmpl harbor.yml
vim harbor.yml

# 准备环境
./prepare

# 开始安装
./install.sh

# 启动所有的容器命令
docker start $(docker ps -a | awk '{ print $1}' | tail -n +2)

# 关闭所有的容器命令
docker stop $(docker ps -a | awk '{ print $1}' | tail -n +2)

# 删除所有的容器命令
docker rm $(docker ps -a | awk '{ print $1}' | tail -n +2)

# 删除所有的镜像
docker rmi $(docker images | awk '{print $3}' |tail -n +2)

修改配置文件

# 修改的本机IP
hostname: 本机IP

# HTTPS 设置
# http:
#   port: 80
# https:
#   port: 443
#   certificate: /your/certificate/path
#   private_key: /your/private/key/path

# 密码
harbor_admin_password: Harbor12345

database:
  password: root123
  max_idle_conns: 100
  max_open_conns: 900

data_volume: /data

trivy:
  ignore_unfixed: false
  skip_update: false
  insecure: false

jobservice:
  max_job_workers: 10

notification:
  webhook_job_max_retry: 10

chart:
  absolute_url: disabled

log:
  level: info
  local:
    rotate_count: 50
    rotate_size: 200M
    location: /var/log/harbor

_version: 2.3.0

proxy:
  http_proxy:
  https_proxy:
  no_proxy:
  components:
    - core
    - jobservice
    - trivy
0

评论区