Shulou(Shulou.com)06/03 Report--

GitLab, what is GitLab?

GitLab is an open source distributed version control system, the development language is Ruby, and its functions are to manage project source code, version control, code reuse and lookup.

The difference between GitLab and GitHub

Github distributed online code hosting warehouse, personal version can be used directly online for free, enterprise version is charged and server installation is required.

Gitlab distributed online code warehouse hosting software, divided into community free version and enterprise fee version, all need to be installed on the server

GitLab's advantages and application scenarios are open source and free, so it is suitable for small and medium-sized companies to place code in the system for differentiated version management, offline synchronization, powerful branch management, convenient GUI interface and powerful account rights management. Highly integrated, able to integrate the vast majority of development tools to support built-in HA Ensure high availability under high concurrency GitLab main service composition 1. Nginx static Web server 2. Gitlab-workhorse lightweight reverse proxy server 3. Gitlab-shell is used to process git commands and modify authorized keys list 4. Logrotate log file management tool 5. Postgresql database 6. Redis cache server GitLab workflow 1. Create and clone project 2. Create a feature branch of the project 3. Write code and submit to the branch 4. Push the project branch to the remote gitlab server 5. Check the code and submit the master main branch merger application 6. The project leader reviews the code and confirms that the merge application GitLab installation configuration management 1. Configure a. Turn off the firewall b. Shut down SELINUX and restart the system 2. Install Omnibus Gitlab-ce package a. Install the gitlab dependency package yum-y install curl policycoreutils openssh-server openssh-clients postfix b. Configure yum warehouse wget http://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh chmod + x script.rpm.sh. / script.rpm.sh c. Start the postfix mail service systemctl start postfix d. Install gitlab-ce community version yum-y install gitlab-ce3. Create a local certificate to generate a private key (key file): key is a private key file on the server that is used to encrypt data sent to the client and to decrypt data received from the client. Openssl genrsa-out "/ etc/gitlab/ssl/gitlab.example.com.key" 2048 generates a csr file: csr is a certificate signing request file Used to submit to the certificate authority (CA) to sign the certificate openssl req-new-key "/ etc/gitlab/ssl/gitlab.example.com.key"-out "/ etc/gitlab/ssl/gitlab.example.com.csr" to generate the crt file: crt is a certificate signed by the certificate authority (CA), or a certificate signed by the developer, containing the certificate holder's information and the holder's public key And the signature of the signer and other information such as openssl x509-req-days 365-in "/ etc/gitlab/ssl/gitlab.example.com.csr"-signkey "/ etc/gitlab/ssl/gitlab.example.com.key"-out "/ etc/gitlab/ssl/gitlab.example.com.crt" generates the dh key: openssl dhparam is used to generate and manage dh files. Dh (Diffie-Hellman) is a famous key exchange protocol, or key agreement protocol, which can ensure that both sides of the communication can exchange keys safely. Note, however, that it is not an encryption algorithm, so it does not provide encryption, just the process of protecting key exchange. Openssl dhparam-out / etc/gitlab/ssl/dhparams.pem 2048 modify the above file permissions to 600chmod 600 / etc/gitlab/ssl/*4. Configure load certificate backup cp gitlab.rb gitlab.rb.backup modify vim / etc/gitlab/gitlab.rbexternal_url 'https://gitlab.example.com'nginx['redirect_http_to_https'] = true# nginx [' ssl_certificate'] = "/ etc/gitlab/ssl/gitlab.example.com.crt" # nginx ['ssl_certificate_key'] = "/ etc/gitlab/ssl/gitlab.example.com.key" # nginx [' ssl_dhparam'] = / etc/gitlab/ssl/dhparams.pem5. Gitlab initializes gitlab-ctl reconfigure6. Configure nginx backup cp / var/opt/gitlab/nginx/conf/gitlab-http.conf {, .backup} server section to add vim / var/opt/gitlab/nginx/conf/gitlab-http.conf rewrite ^ (. *) $https://$host$1 permanent;7. Reload and start gitlabgitlab-ctl restart8. Add a dns record to the client and add 192.168.143.130 gitlab.example.com9 to / etc/hosts. The client accesses the gitlab.example.com default administrator root through the browser, sets the password for root and logs in

Basic use of GitLab 1. Build a new warehouse

2. Clone the repository in the client to the local-c http.sslVerify: skip the local ssl to check git-c http.sslVerify=false clone https://gitlab.example.com/root/test.git3, Enter the account password [root@node1 devops] # git-c http.sslVerify=false clone https://gitlab.example.com/root/test.gitCloning into 'test'...Username for' https://gitlab.example.com': rootPassword for 'https://root@gitlab.example.com': warning: You appear to have cloned an empty repository.4, and change to the test directory And create the test file [root@node1 devops] # cd test/ [root@node1 test] # vim test.py5, add the test file to the local repository [root@node1 test] # git add. 6, configure global mail and users [root@node1 test] # git config-- global user.email "admin@example.com" [root@node1 test] # git config-- global user.name "jym" 7, Submit the test file to the local mast branch [root@node1 test] # git commit-m "First commit" [master (root-commit) b6581b9] First commit 1 file changed 3 insertions (+) create mode 100644 test.py8, push local master to warehouse [root@node1 test] # git-c http.sslVerify=false push origin master9, view

Ansible

Modular, call specific modules to complete specific tasks; based on python language research and development, by Paramiko, PyYAML and Jinja2 three key modules; simple deployment, master-slave mode, support custom modules; support playbook; idempotency

Architecture diagram

Ansible installation 1. Before installation, configure to turn off firewall turn off selinux each node time synchronization each node hostname is inconsistent each node ssh secret free 2. Ansible2.5+python3.6 installation procedure (centos7)

2.1.Preinstall python3.6

Wget http://www.python.org/ftp/python/3.6.5/Python-3.6.5.tar.xztar xf Python-3.6.5.tar.xz & & cd Python-3.6.5/./configure-- prefix=/usr/local-with-ensurepip=install-- enable-shared LDFLAGS= "- wl,-rpath / usr/local/lib" make & & make altinstall

2.2.install virtualenv

Pip3.6 install virtualenv

Create an ansible user and install the python3.6 version of the virtualenv instance

Useradd deploy & & su-deployvirtualenv-p python3.6 .py3-a2.10-env

2.4.The Git source code installation ansible2.10

Cd / home/deploy/.py3-a2.10-envgit clone https://github.com/ansible/ansible.gitcd ansible & & git checkout stable-2.10

2.5. Load the python3.6 virtualenv environment

Source / home/deploy/.py3-a2.10-env/bin/activate

Install the ansible dependency package

Pip3.6 install paramiko PyYAML jinja2

2.7. load ansible2.10 in python3.6 virtual environment

Source / home/deploy/.py3-a2.10-env/ansible/hacking/env-setup-Q

2.8. verify ansible2.5 installation

Ansible-A brief introduction to versionJenkinsJenkins

Jenkins is an open source CI&CD software that automates a variety of tasks, including building, testing, and deploying software.

Jenkins supports a variety of modes of operation, which can be deployed through a system package, Docker, or through a separate Java program.

Jenkins is a mainstream operation and maintenance development platform, compatible with all mainstream development environments; it can be integrated with a large number of mainstream development tools in the industry through plug-ins; through job configuration units and log management, developers and operation and maintenance personnel can work together; through rights management, different job roles are divided; powerful load balancing functions ensure the reliability of the project.

Jenkins installation 1, install java8.0 or above yum install java2, install dockeryum install docker-ce3, install jenkins download address: https://pkg.jenkins.io/redhat-stable/yum install jenkins-2.199-1.1.noarch.rpm4, launch jenkinssystemctl start jenkins

Check the startup status

Systemctl status jenkins.service-L5. Unlock jenkins for the first visit

Browsers access jenkins address http::8080

When you access a new jenkins instance for the first time, the system requires you to unlock it with an automatically generated password

View initial password

[root@node1 jenkins] # cat / var/lib/jenkins/secrets/initialAdminPassword

Acd7e8eef641433b87e3358d8d6d1e34

6. Install the plug-in

Two options can be set:

Install recommended plug-ins-install a recommended set of plug-ins based on the most common use cases.

Select plug-ins to install-Select the set of plug-ins to install. When you visit the plugin selection page for the first time, the recommended plug-in is selected by default.

Note: you can install (or remove) other Jenkins plug-ins at a later point in time through the Manage Jenkins > Manage Plugins page in Jenkins

7. Create an administrator user

Reference article:

Https://jenkins.io/zh/

Https://www.bilibili.com/video/av71123251/?p=1

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.