Gitlab CE II > OpenShift 자료실

본문 바로가기

사이트 내 전체검색

뒤로가기 OpenShift 자료실

Gitlab CE II

페이지 정보

작성자 꿈꾸는여행자 작성일 23-05-26 13:36 조회 2,957 댓글 0

본문

안녕하세요.



꿈꾸는여행자입니다.


 
OpenShift 환경에서 자주 사용되는 Git Tool, Gitlab CE 환경 구성을 공유 하고자 합니다.

 

해당 내역은 기존 Gitlab 사전 구성  준비 이후, Gitlab 설치 관련된 사항입니다.


상세 내역은 아래와 같습니다.


감사합니다.


> 아래

 

 

2.1.8. DNS
* DNS 정보 확인 
cp ocpcst.ldsproject.com.zone ocpcst.ldsproject.com.zone.20221228_1030
cp rev.ocpcst.ldsproject.com.zone rev.ocpcst.ldsproject.com.zone.20221228_1030
nslookup cicd.ocpcst.ldsproject.com
	[root@bastion named]# pwd
/var/named
[root@bastion named]# ls -al
total 32
drwxrwx--T.  5 root  named 4096 Dec 25 00:00 .
drwxr-xr-x. 22 root  root  4096 Dec 15 16:10 ..
drwxrwx---.  2 named named   75 Dec 25 00:00 data
drwxrwx---.  2 named named   60 Dec 28 09:58 dynamic
-rw-r-----.  1 root  named 2253 Sep 30 05:09 named.ca
-rw-r-----.  1 root  named  152 Sep 30 05:09 named.empty
-rw-r-----.  1 root  named  152 Sep 30 05:09 named.localhost
-rw-r-----.  1 root  named  168 Sep 30 05:09 named.loopback
-rw-r--r--   1 named named  900 Dec 19 09:58 ocpcst.ldsproject.com.zone
-rw-r--r--   1 named named 1111 Dec 15 16:10 rev.ocpcst.ldsproject.com.zone
drwxrwx---.  2 named named    6 Sep 30 05:09 slaves
[root@bastion named]#
[root@bastion named]# cp ocpcst.ldsproject.com.zone ocpcst.ldsproject.com.zone.20221228_1030
[root@bastion named]# cp rev.ocpcst.ldsproject.com.zone rev.ocpcst.ldsproject.com.zone.20221228_1030
[root@bastion named]# 
[root@bastion named]# nslookup cicd.ocpcst.ldsproject.com
Server:         192.168.120.100
Address:        192.168.120.100#53
** server can't find cicd.ocpcst.ldsproject.com: NXDOMAIN
[root@bastion named]#
* Edit zone file
vi ocpcst.ldsproject.com.zone
	cicd.ocpcst.ldsproject.com.       IN      A       192.168.120.51
* Edit reverse zone file 
vi rev.ocpcst.ldsproject.com.zone
	51.120.168.192.in-addr.arpa.    IN      PTR     cicd.ocpcst.ldsproject.com.
* Restart bind service 
sudo systemctl restart named
* Check lookup 
nslookup cicd.ocpcst.ldsproject.com
	[root@bastion named]# nslookup cicd.ocpcst.ldsproject.com
Server:         192.168.120.100
Address:        192.168.120.100#53
Name:   cicd.ocpcst.ldsproject.com
Address: 192.168.120.51
[root@bastion named]#
2.2. Gitlab CE
* Install and Configure GitLab on RHEL 9 / CentOS Stream 9
   * https://technixleo.com/install-and-configure-gitlab-on-rhel-9-centos-stream-9/
2.2.1. Prerequisite
* Update your system packages
sudo dnf update -y
* Install GitLab dependencies using the following command.
sudo dnf install -y curl policycoreutils perl
* Configure the Firewall to allow HTTP and HTTPS services.
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo systemctl reload firewalld
* Install, start and enable Postfix to send notification emails.
sudo dnf install postfix
sudo systemctl enable postfix
sudo systemctl start postfix
* Check the status of Postfix
sudo systemctl status postfix
2.2.2. Install
* Add the GitLab repository to the system.
vim /etc/yum.repos.d/gitlab_gitlab-ce.repo
	[gitlab_gitlab-ce]
name=gitlab_gitlab-ce
baseurl=https://packages.gitlab.com/gitlab/gitlab-ce/el/8/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
       https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey/gitlab-gitlab-ce-3D645A26AB9FBD22.pub.gpg
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[gitlab_gitlab-ce-source]
name=gitlab_gitlab-ce-source
baseurl=https://packages.gitlab.com/gitlab/gitlab-ce/el/8/SRPMS
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
       https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey/gitlab-gitlab-ce-3D645A26AB9FBD22.pub.gpg
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
* Then install the Gitlab community edition with the following command.
sudo dnf install gitlab-ce -y
2.2.3. Configure GitLab on RHEL 9|CentOS 9
* Set up your DNS to the URL at which you want to access your GitLab instance.
sudo hostnamectl set-hostname gitlab.technixleo.com
* To change the GitLab URL access, edit the configuration file.
   * Change the external URL to your domain name.
   * You can set a password for the initial administrator user account (root).
sudo cp /etc/gitlab/gitlab.rb /etc/gitlab/gitlab.rb.orig
sudo vi /etc/gitlab/gitlab.rb
	external_url 'https://gitlab.technixleo.com'
external_url 'https://cicd.ocpcst.ldsproject.com'
external_url 'http://cicd.ocpcst.ldsproject.com'
gitlab_rails['initial_root_password'] = 'ldssmart1160!!'
* Reconfigure the instance to save changes.
sudo gitlab-ctl reconfigure
2.2.4. Secure GitLab with SSL
* SSL 적용 실패 
* We can secure GitLab with a Self-signed certificate or a Let’s Encrypt certificate.
2.2.4.1. Self-signed Certificate
* Create the following directory to generate a self-signed certificate and set appropriate permissions.
sudo mkdir -p /etc/gitlab/ssl
sudo chmod 755 /etc/gitlab/ssl
* Generate the self-signed certificate and store it in the directory with the following command.
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
    -keyout /etc/gitlab/ssl/cicd.ocpcst.ldsproject.com.key \
    -out /etc/gitlab/ssl/cicd.ocpcst.ldsproject.com.crt
	[root@cicd ~]# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048     -keyout /etc/gitlab/ssl/cicd.ocpcst.ldsproject.com.key     -out /etc/gitlab/ssl/cicd.ocpcst.ldsproject.com.crt
…
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:KR
State or Province Name (full name) []:Seoul
Locality Name (eg, city) [Default City]:GangNam
Organization Name (eg, company) [Default Company Ltd]:Exam
Organizational Unit Name (eg, section) []:Exam
Common Name (eg, your name or your server's hostname) []:cicd.ocpcst.ldsproject.com
Email Address []:ktm@linuxdata.co.kr
[root@cicd ~]#
* Edit the configuration file to provide the SSL certificate paths.
sudo vi /etc/gitlab/gitlab.rb
nginx['enable'] = true
nginx['client_max_body_size'] = '250m'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/cicd.ocpcst.ldsproject.com.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/cicd.ocpcst.ldsproject.com.key"
nginx['ssl_protocols'] = "TLSv1.1 TLSv1.2 TLSv1.3"
* Reconfigure your instance to apply the changes.
sudo gitlab-ctl reconfigure
2.2.4.2. Let’s Encrypt certificate
* Edit the GitLab configuration file with the following settings.
sudo vi /etc/gitlab/gitlab.rb
	letsencrypt['enable'] = true
letsencrypt['contact_emails'] = ['ktm@linuxdata.co.kr'] # This should be an array of email addresses to add as contacts
letsencrypt['auto_renew'] = true
* Then reconfigure the instance to apply changes
sudo gitlab-ctl reconfigure
2.2.5. Start Service 
* Restart
   * https://potato-yong.tistory.com/145
sudo gitlab-ctl restart
	[root@cicd ~]# sudo gitlab-ctl restart
ok: run: alertmanager: (pid 43380) 1s
ok: run: gitaly: (pid 43390) 0s
ok: run: gitlab-exporter: (pid 43404) 0s
ok: run: gitlab-kas: (pid 43494) 0s
ok: run: gitlab-workhorse: (pid 43503) 1s
ok: run: logrotate: (pid 43515) 0s
ok: run: nginx: (pid 43521) 1s
ok: run: node-exporter: (pid 43529) 0s
ok: run: postgres-exporter: (pid 43534) 0s
ok: run: postgresql: (pid 43546) 0s
ok: run: prometheus: (pid 43549) 0s
ok: run: puma: (pid 43566) 0s
ok: run: redis: (pid 43571) 0s
ok: run: redis-exporter: (pid 43577) 1s
ok: run: sidekiq: (pid 43584) 0s
[root@cicd ~]# 
2.2.6. Connect Service
* Connect Url on Browser 
   * http://cicd.ocpcst.ldsproject.com
2.2.7. Manage - Account
* Create Account 
   * Admin > Overview > Users > New user
      * Account
         * Name : user01
         * Username: user01
            * ID 정보
         * Email
            * user01@example.com
* Login 
   *  Email 기준 수신된 URL로 Password 설정

 

댓글목록 0

등록된 댓글이 없습니다.

Copyright © 소유하신 도메인. All rights reserved.

사이트 정보

회사명 : (주)리눅스데이타시스템 / 대표 : 정정모
서울본사 : 서울특별시 강남구 봉은사로 114길 40 홍선빌딩 2층 / tel : 02-6207-1160
대전지사 : 대전광역시 유성구 노은로174 도원프라자 5층 / tel : 042-331-1161

PC 버전으로 보기