本文目标:配置gitlab一主二从(master 192.168.117.129,slave 192.168.117.130,192.168.117.131),其中gitlab-master外挂一主两从的数据库postgresql,gitlab-slave130挂载postgresql-130,gitlab-slave131挂载postgresql-131。
在三台机器上部署gitlab
下载安装包链接: https://pan.baidu.com/s/1geCvvWl54kp_5AJ6O8bJ3w 提取码: tser
其中gitlab-ce-zh110104.tar为gitlab-11.1.4,gitlab-ce-zh100604.tar为gitlab-10.6.4
(1)将安装包上传到/home目录,并加载镜像
12 |
docker load -i gitlab-ce-zh110104.tarvim /home/gitlab/docker-compose.yml |
12345678910111213141516171819202122232425262728 |
version: '2'services: gitlab: image: 'twang2218/gitlab-ce-zh:11.1.4' restart: unless-stopped hostname: '192.168.117.129' environment: TZ: 'Asia/Shanghai' GITLAB_OMNIBUS_CONFIG: | external_url 'http://192.168.117.129' gitlab_rails['time_zone'] = 'Asia/Shanghai' gitlab_rails['gitlab_shell_ssh_port'] = 54322 postgresql['enable'] = false gitlab_rails['db_adapter'] = "postgresql" gitlab_rails['db_encoding'] = "utf8" gitlab_rails['db_database'] = "gitlabtest" gitlab_rails['db_username'] = "postgres" gitlab_rails['db_password'] = "postgres" gitlab_rails['db_host'] = "192.168.117.129" gitlab_rails['db_port'] = 5432 ports: - '8080:80' - '843:443' - '54322:22' volumes: - '/data/gitlab/config:/etc/gitlab' - '/data/gitlab/logs:/var/log/gitlab' - '/data/gitlab/config/gitlab/data:/var/opt/gitlab' |
注意:上述postgresql挂载分别为三台机器上各自的postgresql
1 |
docker-compose up -d |
安装keepalived服务
Gitlab-master
(1)为keepalived开启转发
1234 |
[root@localhost ~] net.ipv4.ip_forward = 1 net.ipv4.ip_nonlocal_bind = 1[root@localhost ~]# systemctl restart keepalived |
(2)修改keepalived的配置文档
12345678910111213141516171819202122 |
vim /etc/keepalived/keepalived.confvrrp_script chk_gitlab{ script "/etc/keepalived/check-gitlab.sh" interval 2 }vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 101 authentication { auth_type PASS auth_pass gitlab } track_script { chk_gitlab } virtual_ipaddress { 192.168.117.208 }} |
(3)创建检测脚本
1234567 |
return_code=`curl -s -w "%{http_code}" -o /dev/null http://192.168.117.129`if [[ $return_code -ne 200 ]]; thensystemctl stop keepalivedfi |
(4)重启keepalived
1 |
systemctl restart keepalived |
Gitlab-slave按照上述步骤配置keepalived,只需要把其中的ip换成slave机器的ip,priority值要比master小。
安装Rsyncd服务
安装包下载链接: https://pan.baidu.com/s/1s1nPjzM9w9M8e0V4EqcZog 提取码: gv5w
master-129
(1)安装
1 |
yum localinstall *.rpm |
(2))创建用户名和密码
12 |
useradd forgitlab 创建用户forgitlabpasswd forgitlab 给已创建的用户forgitlab设置密码为pass123 |
(3)修改配置文档
123456789101112131415161718192021222324252627282930 |
vim /etc/rsyncd.conf#设置rsync运行权限为rootuid=root#设置rsync运行权限为rootgid=root#最大连接数max connections=3#默认为true,修改为no,增加对目录文档软连接的备份use chroot=no#日志文档位置,启动rsync后自动产生这个文档,无需提前创建log file=/var/log/rsyncd.log#pid文档的存放位置pid file=/var/run/rsyncd.pid#支持max connections参数的锁文档lock file=/var/run/rsyncd.lock#用户认证配置文档,里面保存用户名称和密码 需要创建(可选)secrets file=/etc/rsync.pass#允许进行数据同步的客户端IP地址,可以设置多个,用英文状态下逗号隔开,可设置所有hosts allow= *#设置rsync服务端文档为读写权限read only = no#不显示rsync服务端资源列表list = no[forgitlab]#需要备份的源主机数据目录路径path = /data/gitlab/data/git-data#执行数据同步的用户名,可以设置多个,用英文状态下逗号隔开 可选配置auth users = forgitlab |
(4)创建认证文档
如果在rsyncd服务中定义了可选配置,则需创建认证文档。
123 |
[root@localhost ~]# vim /etc/rsync.passforgitlab:pass123chmod 600 /etc/rsync.pass |
(5)启动Rsyncd服务
12 |
[root@localhost ~]# systemctl start rsyncd[root@localhost ~]# systemctl enable rsyncd |
(6)开启rsyncd服务端口
123 |
[root@localhost ~]# firewall-cmd --permanent --add-port=873/tcp[root@localhost ~]# firewall-cmd --permanent --add-port=873/udp[root@localhost ~]# firewall-cmd --reload |
slave-130 master备节点
(1)安装
1 |
yum localinstall *.rpm |
(2)创建认证文档
123456 |
[root@localhost ~]# vim /etc/rsync.pass pass123 chmod 600 /etc/rsync.pass(3)手动测试``` bash [root@localhost ~]# rsync -avzrtlp --progress --delete --password-file=/etc/rsync.pass forgitlab@192.168.117.129::forgitlab /data/gitlab/data/git-data |
(4)自动执行
12 |
[root@localhost ~]# crontab -e*/5 * * * * rsync -avzrtlp --progress --delete --password-file=/etc/rsync.pass forgitlab@192.168.117.129::forgitlab /data/gitlab/data/git-data |
【说明1】每5分钟同步一次。
【说明2】如果出现目录可以同步,文本文档类型的文档不能同步,请检查SELinux是否关闭
1、临时关闭:输入命令setenforce 0,重启系统后还会开启。
2、永久关闭:输入命令vi /etc/selinux/config,将SELINUX=enforcing改为SELINUX=disabled,然后保存退出。
原文:大专栏 Gitlab高可用部署文档