<code>版本控制系統 Gitlab 持續集成工具 Jenkins 部署工具 Ansible Saltstack Chef /<code>
本文通過Jenkins + Ansible + Gitlab實現自動化部署。
環境準備
需要3臺機器做環境準備。
- 角色劃分:
<code>Jenkins + Ansible 192.168.174.129 test host 192.168.174.128 gitlab 192.168.174.130 /<code>
- 關閉防火牆和selinux:
<code># systemctl stop firewalld && systemctl disable firewalld # setenforce 0 && sed -i 's/=enforcing/=disabled/g' /etc/selinux/config /<code>
- 添加本地dns:
<code># vim /etc/hosts 192.168.174.128 jekins.lyklinux.com 192.168.174.129 test.lyklinux.com 192.168.174.130 gitlab.lyklinux.com /<code>
在Windows電腦hosts文件中添加本地dns:
<code>192.168.174.128 jekins.lyklinux.com 192.168.174.129 test.lyklinux.com 192.168.174.130 gitlab.lyklinux.com /<code>
Gitlab安裝配置管理
- 安裝gitlab-ce:
<code># yum install -y curl policycoreutils openssh-server openssh-clients postfix #安裝gitlab組件 # curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash #配置yum倉庫 # systemctl start postfix && systemctl enable postfix #啟動postfix郵件服務 # yum install -y gitlab-ce /<code>
- 證書創建與配置加載:
<code> mkdir -p /etc/gitlab/ssl openssl genrsa -out "/etc/gitlab/ssl/gitlab.lyklinux.com.key" 2048 openssl req -new -key "/etc/gitlab/ssl/gitlab.lyklinux.com.key" -out "/etc/gitlab/ssl/gitlab.lyklinux.com.csr" Country Name (2 letter code) [XX]:cn State or Province Name (full name) []:sd Locality Name (eg, city) [Default City]:qd Organization Name (eg, company) [Default Company Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []:gitlab.lyklinux.com Email Address []:[email protected] Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:aaaaaa An optional company name []:lyk /<code>
<code>openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.lyklinux.com.csr" -signkey "/etc/gitlab/ssl/gitlab.lyklinux.com.key" -out "/etc/gitlab/ssl/gitlab.lyklinux.com.crt" openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048 chmod 600 /etc/gitlab/ssl/* ll /etc/gitlab/ssl /<code>
- nginx SSL代理服務配置:
<code>vim /etc/gitlab/gitlab.rb #修改下面內容 external_url 'https://gitlab.lyklinux.com' nginx['redirect_http_to_https'] = true nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.lyklinux.com.crt" nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.lyklinux.com.key" nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem" unicorn['port'] = 9090 /<code>
- 初始化gitlab相關服務並完成安裝:
<code># gitlab-ctl reconfigure # vim /var/opt/gitlab/nginx/conf/gitlab-http.conf #第一個 server_name gitlab.lyklinux.com; 下添加該行 rewrite ^(.*)$ https://$host$1 permanent; # gitlab-ctl restart #重啟gitlab /<code>
- 打開網頁,訪問 gitlab.lyklinux.com
- 訪問GitLab一直502, 最後發現是虛擬機內存不夠, 法克!! 必須保證 4G 內存以上 , 否則跑不起來.
- 第一次訪問提示設置密碼,設置密碼後登錄,默認用戶名是root。
- 點擊右上方+ → New porject,Project name輸入test-repo,Visibility Level選擇默認的Private即可,最後點擊Create project創建項目。
gitlab工作流程
- 任選一臺其它機器,192.168.174.129 test
<code>yum install -y git echo '192.168.174.130 gitlab.lyklinux.com' >> /etc/hosts mkdir /home/repo && cd /home/repo git config --global user.name "admin" git config --global user.email "[email protected]" git -c http.sslVerify=false clone https://gitlab.lyklinux.com/root/test-pro.git /<code>
<code>cd test-pro/ vim readme.md git add . git commit -m "First commit" > [master(根提交) 800a609] First commit > 1 file changed, 1 insertion(+) > create mode 100644 readme.md git -c http.sslVerify=false push origin master > Username for 'https://gitlab.lyklinux.com': root > Password for 'https://[email protected]': > Counting objects: 3, done. > Compressing objects: 100% (2/2), done. > Writing objects: 100% (3/3), 555 bytes | 0 bytes/s, done. > Total 3 (delta 0), reused 0 (delta 0) > To https://gitlab.lyklinux.com/root/test-pro.git > * [new branch] master -> master /<code>
- 刷新瀏覽器,即可看到剛推送到gitlab服務端的代碼。
Gitlab的使用
- 檢查gitlab健康狀態:
點擊左上方Admin Area → Monitoring
- 創建開發人員與項目領導的賬號並分配各自角色權限:
點擊左上方Admin Area → New user,首先創建開發人員的賬號。 填入用戶名和郵箱地址後,其餘保持默認,點擊Create user創建用戶。 同樣方式創建項目領導的賬號。 接著將新增用戶加入到之前創建的項目test-repo中。點擊左側Projects → test-repo →Members 選中dev賬號,然後分配Developer角色權限,點擊Add to project添加該用戶到項目中。 同樣方法添加lead賬號到項目中。接著修改兩個賬號的密碼,設置初始密碼為12345678
- 開發人員提交代碼到feature分支併發出合併master分支申請: 選擇之前git提交過代碼的機器,
<code>cd /home/repo rm -rf test-pro/ git -c http.sslVerify=false clone https://gitlab.lyklinux.com/root/test-pro.git > 正克隆到 'test-pro'... > Username for 'https://gitlab.lyklinux.com': dev #使用dev賬號 > Password for 'https://[email protected]': > remote: Enumerating objects: 3, done. > remote: Counting objects: 100% (3/3), done. > remote: Compressing objects: 100% (2/2), done. > remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0 > Unpacking objects: 100% (3/3), done. cd test-pro/ git checkout -b release-1.0 > 切換到一個新分支 'release-1.0' ls > readme.md vim test.py > print "This is a test code for release-1.0" git add . git commit -m "release-1.0" > [release-1.0 750696a] release-1.0 > 1 file changed, 1 insertion(+) > create mode 100644 test.py git -c http.sslVerify=false push origin release-1.0 > Username for 'https://gitlab.lyklinux.com': dev > Password for 'https://[email protected]': > Counting objects: 4, done. > Compressing objects: 100% (2/2), done. > Writing objects: 100% (3/3), 302 bytes | 0 bytes/s, done. > Total 3 (delta 0), reused 0 (delta 0) > remote: > remote: To create a merge request for release-1.0, visit: > remote: https://gitlab.lyklinux.com/root/test-pro/-/merge_requests/new?merge_request%5Bsource_branch%5D=release-1.0 > remote: > To https://gitlab.lyklinux.com/root/test-pro.git > * [new branch] release-1.0 -> release-1.0 /<code>
接下來使用dev賬號登錄gitlab,點擊Create merge request提交合並申請。
- 項目領導審批合併申請: 使用leader賬號登錄gitlab,登入後右上角有Merge requests消息提示。 點擊Merge immediately,寫入一些內容,最後點擊Comment。 然後點擊Projects → Your projects → test-repo,
可以看到,release-1.0分支的代碼已經合併到master分支。
gitlab的大致使用過程就是這樣,開發人員與運維人員各司其職。運維人員負責gitlab系統正常運行,管理賬號及項目權限;開發人員負責代碼編寫,各自分支代碼的提交與合併申請。