zoukankan      html  css  js  c++  java
  • Linux安装Gitlab,附iSCSI分区挂载说明

    因为Gitlab数据要存放在共享存储,所以本次配置的重头戏倒变成了挂载ISCSI了。

    OS:CentOS 7.2
    IP:172.16.1.191/192.168.2.191

    iSCSI分Target(服务端)[磁盘柜]及Initiator(客户端)[windows,linux],本次安装的是客户端。

    1、安装iSCSI-Initiator工具包:

    [root@gitxx-gitlab /]# yum -y install iscsi-initiator-utils
    

    2、配置本机iSCSI名称:

    [root@gitxx-gitlab /]# vim /etc/iscsi/initiatorname.iscsi
    

    修改Initiator名称如下:

    InitiatorName=iqn.1994-05.com.redhat:gitlab.gitxx.net
    

    3、扫描Target设备的共享卷:

    [root@gitxx-gitlab /]# iscsiadm -m discovery -t sendtargets -p 192.168.2.1
    
    192.168.2.1:3260,5 iqn.1995-03.com.dothill:01.array.00c0ff261fd6
    192.168.2.2:3260,6 iqn.1995-03.com.dothill:01.array.00c0ff261fd6
    192.168.3.1:3260,7 iqn.1995-03.com.dothill:01.array.00c0ff261fd6
    192.168.3.2:3260,8 iqn.1995-03.com.dothill:01.array.00c0ff261fd6
    

    4、删除192.168.3.x网段的连接(用2.x网段连接就够用了)

    [root@gitxx-gitlab /]# rm -rf /var/lib/iscsi/nodes/iqn.1995-03.com.dothill:01.array.00c0ff261fd6/192.168.3.1\,3260\,7/
    [root@gitxx-gitlab /]# rm -rf /var/lib/iscsi/nodes/iqn.1995-03.com.dothill:01.array.00c0ff261fd6/192.168.3.2\,3260\,8/
    

    5、挂载Target设备的共享卷:

    [root@gitxx-gitlab /]# iscsiadm -m node -p 192.168.2.1 --login
    

    6、查看挂载存储信息:

    [root@gitxx-gitlab /]# fdisk -l
    
    Disk /dev/sdb: 32.0 GB, 31998345216 bytes, 62496768 sectors
    Units = sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 4096 bytes
    I/O size (minimum/optimal): 4096 bytes / 1048576 bytes
    
    Disk /dev/sda: 32.0 GB, 31998345216 bytes, 62496768 sectors
    Units = sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 4096 bytes
    I/O size (minimum/optimal): 4096 bytes / 1048576 bytes
    

    7、安装多路径冗余程序:

    [root@gitxx-gitlab /]# yum -y install device-mapper-multipath
    

    8、配置多路径冗余(MultiPath)

    [root@gitxx-gitlab /]# vim /etc/multipath.conf
    

    写入如下内容:

    defaults {
            udev_dir                /dev
            polling_interval        10
            path_selector           "round-robin 0"
            path_grouping_policy    multibus
            prio                    alua
            path_checker            readsector0
            failback                immediate
            no_path_retry           fail
            user_friendly_names     yes
    }
    

    9、重启多路径冗余服务:

    [root@gitxx-gitlab /]# systemctl restart multipathd.service
    

    10、查看多路径虚拟硬盘:

    [root@gitxx-gitlab /]# fdisk -l
    
    Disk /dev/mapper/mpatha: 32.0 GB, 31998345216 bytes, 62496768 sectors
    Units = sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 4096 bytes
    I/O size (minimum/optimal): 4096 bytes / 1048576 bytes
    

    11、格式化硬盘:

    [root@gitxx-gitlab /]# mkfs.ext4 /dev/mapper/mpatha
    

    12、挂载硬盘:

    [root@gitxx-gitlab /]# mkdir /data
    [root@gitxx-gitlab /]# mount /dev/mapper/mpatha /data
    

    13、添加硬盘自动挂载到启动项:

    [root@gitxx-gitlab /]# vim /etc/fstab
    

    在文档末尾添加如下条目(注意设备类型不是Default,而是_netdev)

    /dev/mapper/mpatha /data                        ext4    _netdev         0 0
    

    iscsiadm常用命令:

    1.发现iscsi存储: iscsiadm -m discovery -t st -p ISCSI_IP
    iscsiadm -m discovery -t sendtargets -p 192.168.1.1
    
    2.查看iscsi发现记录 iscsiadm -m node
    iscsiadm -m node
    iscsiadm -m node -L all
    
    3.删除iscsi发现记录 iscsiadm -m node -o delete -T LUN_NAME -p ISCSI_IP
    iscsiadm -m node -U all
    
    4.登录iscsi存储 iscsiadm -m node -T LUN_NAME -p ISCSI_IP -l
    iscsiadm -m node -T iqn.2001-04.com.example-test -p 192.168.1.1 --login
    
    5.登出iscsi存储 iscsiadm -m node -T LUN_NAME -p ISCSI_IP -u
    iscsiadm -m node -T iqn.2001-04.com.example-test -p 192.168.1.1 --logout
    
    6 显示会话情况  iscsiadm -m session
    

    --------------------------------------------------------------------------配置Gitlab开始-----------------------------------------------------------------------------

    14、添加清华gitlab源

    [root@gitxx-gitlab /]# vim /etc/yum.repos.d/gitlab-ce.repo
    

    在文档中添加如下条目:

    [gitlab-ce]
    name=Gitlab CE Repository
    baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
    gpgcheck=0
    enabled=1
    
    [root@gitxx-gitlab /]# yum makecache
    

     15、安装Gitlab社区版:

    [root@gitxx-gitlab /]# yum install gitlab-ce
    

    16、初始化Gitlab服务:

    [root@gitxx-gitlab /]# gitlab-ctl reconfigure 
    

    # 到这里为止就可以通过ip地址来访问Gitlab服务了。接下来配置https服务。

    17、创建证书目录,并放入证书:

    [root@gitxx-gitlab /]# mkdir /etc/gitlab/ssl
    [root@gitxx-gitlab /]# ll /etc/gitlab/ssl
    total 16
    -rw-r--r-- 1 root root 4023 Jul 28 14:33 gitxx.crt
    -rw-r--r-- 1 root root 1957 Jul 28 14:33 gitxx.key
    -rw-r--r-- 1 root root 3083 Jul 28 14:33 gitxx.pfx
    -rw-r--r-- 1 root root  769 Jul 28 14:33 gitxx.pem
    

    18、修改Gitlab配置文件:

    [root@gitxx-gitlab /]# vim /etc/gitlab/gitlab.rb
    

    修改如下项目:

    external_url 'https://git.gitxx.net:8099/'
    
    gitlab_rails['gitlab_email_enabled'] = true
    gitlab_rails['gitlab_email_from'] = 'admin@gitxx.cn'
    gitlab_rails['gitlab_email_display_name'] = 'admin'
    gitlab_rails['gitlab_email_reply_to'] = 'admin@gitxx.cn'
    gitlab_rails['gitlab_email_subject_suffix'] = ''
    
    git_data_dirs({ "default" => { "path" => "/data/gitlab-repository", 'gitaly_address' => 'unix:/var/opt/gitlab/gitaly/gitaly.socket' } })
    
    gitlab_rails['smtp_enable'] = true
    gitlab_rails['smtp_address'] = "smtp.exmail.qq.com"
    gitlab_rails['smtp_port'] = 465
    gitlab_rails['smtp_user_name'] = "alert@gitxx.cn"
    gitlab_rails['smtp_password'] = "gitxx"
    gitlab_rails['smtp_authentication'] = "login"
    gitlab_rails['smtp_enable_starttls_auto'] = true
    gitlab_rails['smtp_tls'] = true
    gitlab_rails['gitlab_email_from'] = 'alert@gitxx.cn'
    
    nginx['enable'] = true
    nginx['client_max_body_size'] = '8m'
    nginx['redirect_http_to_https'] = true
    nginx['redirect_http_to_https'] = true
    
    nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitxx.crt"
    nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitxx.key"
    nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
    nginx['ssl_protocols'] = "TLSv1 TLSv1.1 TLSv1.2"
    nginx['ssl_session_cache'] = "builtin:1000  shared:SSL:10m"
    
    nginx['hsts_max_age'] = 31536000
    nginx['hsts_include_subdomains'] = true
    
    logrotate['enable'] = true
    
    
    pages_external_url "https://site.gitxx.net:8098/"
    gitlab_pages['enable'] = true
    
    gitlab_pages['use_http2'] = true
    
    pages_nginx['enable'] = false
    gitlab_rails['pages_path'] = "/data/gitlab-pages"
    

    19、修改ningx配置文件:

    [root@gitxx-gitlab /]# vim /opt/gitlab/embedded/conf/nginx.conf
    

    删除server项目相关项目,添加如下内容:

        # HTTPS server
        #
        server {
            listen       443 ssl;
            server_name  git.17track.net;
    
            ssl_certificate      /etc/gitlab/trusted-certs/dhparam.pem;
            ssl_certificate_key  /etc/gitlab/trusted-certs/17track.key;
    
            ssl on;
            ssl_session_cache    shared:SSL:1m;
            ssl_session_timeout  5m;
    
            ssl_ciphers  HIGH:!aNULL:!MD5;
            ssl_prefer_server_ciphers  on;
    
            location / {
                root   html;
                index  index.html index.htm;
            }
        }
    
        server {
            listen*:80;
            server_name git.gitxx.net;
            rewrite^(.*)$https://$host$1permanent;
        }
    

    20、重启Gitlab服务:

    [root@gitxx-gitlab /]# gitlab-ctl restart
    

    21、访问Gitlab服务;
    https://172.16.1.191:8099/
    root/*******

    [THE END]

  • 相关阅读:
    《Java基础学习笔记》JAVA修饰符之私有化(Private)
    《Java基础学习笔记》JAVA之静态代码块
    《Java基础学习笔记》JAVA之构造函数和构造代码块
    《Java基础学习笔记》JAVA面向对象
    在C#.NET中,如何生成PDF文件?主要有以下几个途径:(转)
    ckeditor与ckfinder的使用方法 .NET (转载)
    ckeditor3.3.1编辑区自动换行(转)
    iTextSharp 使用详解(转)
    .net DataGrid绑定列手动添加数据
    操作必须使用一个可更新的查询
  • 原文地址:https://www.cnblogs.com/configure/p/7346542.html
Copyright © 2011-2022 走看看