首页 > 代码库 > Linux安装Gitlab,附iSCSI分区挂载说明

Linux安装Gitlab,附iSCSI分区挂载说明

因为Gitlab数据要存放在共享存储,所以本次配置的重头戏倒变成了挂载ISCSI了。

OS:CentOS 7.2
IP:172.16.1.191/192.168.2.191

iSCSI分Target(服务端)[磁盘柜]及Initiator(客户端)[windows,linux],本次安装的是客户端。

1、安装iSCSI-Initiator工具包:

[root@yqtrack-gitlab /]# yum -y install iscsi-initiator-utils

2、配置本机iSCSI名称:

[root@yqtrack-gitlab /]# vim /etc/iscsi/initiatorname.iscsi

修改Initiator名称如下:

InitiatorName=iqn.1994-05.com.redhat:gitlab.17track.net

3、扫描Target设备的共享卷:

[root@yqtrack-gitlab /]# iscsiadm -m discovery -t sendtargets -p 192.168.2.1
192.168.2.1:3260,5 iqn.1995-03.com.dothill:01.array.00c0ff261fd6
192.168.2.2:3260,6 iqn.1995-03.com.dothill:01.array.00c0ff261fd6
192.168.3.1:3260,7 iqn.1995-03.com.dothill:01.array.00c0ff261fd6
192.168.3.2:3260,8 iqn.1995-03.com.dothill:01.array.00c0ff261fd6

4、删除192.168.3.x网段的连接(用2.x网段连接就够用了)

[root@yqtrack-gitlab /]# rm -rf /var/lib/iscsi/nodes/iqn.1995-03.com.dothill\:01.array.00c0ff261fd6/192.168.3.1\,3260\,7/
[root@yqtrack-gitlab /]# rm -rf /var/lib/iscsi/nodes/iqn.1995-03.com.dothill\:01.array.00c0ff261fd6/192.168.3.2\,3260\,8/

5、挂载Target设备的共享卷:

[root@yqtrack-gitlab /]# iscsiadm -m node -p 192.168.2.1 --login

6、查看挂载存储信息:

[root@yqtrack-gitlab /]# fdisk -l
Disk /dev/sdb: 32.0 GB, 31998345216 bytes, 62496768 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 1048576 bytes

Disk /dev/sda: 32.0 GB, 31998345216 bytes, 62496768 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 1048576 bytes

7、安装多路径冗余程序:

[root@yqtrack-gitlab /]# yum -y install device-mapper-multipath

8、配置多路径冗余(MultiPath)

[root@yqtrack-gitlab /]# vim /etc/multipath.conf

写入如下内容:

defaults {
        udev_dir                /dev
        polling_interval        10
        path_selector           "round-robin 0"
        path_grouping_policy    multibus
        prio                    alua
        path_checker            readsector0
        failback                immediate
        no_path_retry           fail
        user_friendly_names     yes
}

9、重启多路径冗余服务:

[root@yqtrack-gitlab /]# systemctl restart multipathd.service

10、查看多路径虚拟硬盘:

[root@yqtrack-gitlab /]# fdisk -l
Disk /dev/mapper/mpatha: 32.0 GB, 31998345216 bytes, 62496768 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 1048576 bytes

11、格式化硬盘:

[root@yqtrack-gitlab /]# mkfs.ext4 /dev/mapper/mpatha

12、挂载硬盘:

[root@yqtrack-gitlab /]# mkdir /data
[root@yqtrack-gitlab /]# mount /dev/mapper/mpatha /data

13、添加硬盘自动挂载到启动项:

[root@yqtrack-gitlab /]# vim /etc/fstab

在文档末尾添加如下条目(注意设备类型不是Default,而是_netdev)

/dev/mapper/mpatha /data                        ext4    _netdev         0 0

--------------------------------------------------------------------------配置Gitlab开始-----------------------------------------------------------------------------

14、添加清华gitlab源

[root@yqtrack-gitlab /]# vim /etc/yum.repos.d/gitlab-ce.repo

在文档中添加如下条目:

[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1
[root@yqtrack-gitlab /]# yum makecache

 15、安装Gitlab社区版:

[root@yqtrack-gitlab /]# yum install gitlab-ce

16、初始化Gitlab服务:

[root@yqtrack-gitlab /]# gitlab-ctl reconfigure 

# 到这里为止就可以通过ip地址来访问Gitlab服务了。接下来配置https服务。

17、创建证书目录,并放入证书:

[root@yqtrack-gitlab /]# mkdir /etc/gitlab/ssl
[root@yqtrack-gitlab /]# ll /etc/gitlab/ssl
total 16
-rw-r--r-- 1 root root 4023 Jul 28 14:33 17track.crt
-rw-r--r-- 1 root root 1957 Jul 28 14:33 17track.key
-rw-r--r-- 1 root root 3083 Jul 28 14:33 17track.pfx
-rw-r--r-- 1 root root  769 Jul 28 14:33 dhparam.pem

18、修改Gitlab配置文件:

[root@yqtrack-gitlab /]# vim /etc/gitlab/gitlab.rb

修改如下项目:

external_url ‘https://git.17track.net:8099/‘

gitlab_rails[‘gitlab_email_enabled‘] = true
gitlab_rails[‘gitlab_email_from‘] = ‘admin@17track.cn‘
gitlab_rails[‘gitlab_email_display_name‘] = ‘admin‘
gitlab_rails[‘gitlab_email_reply_to‘] = ‘admin@17track.cn‘
gitlab_rails[‘gitlab_email_subject_suffix‘] = ‘‘

git_data_dirs({ "default" => { "path" => "/data/gitlab-repository", ‘gitaly_address‘ => ‘unix:/var/opt/gitlab/gitaly/gitaly.socket‘ } })

gitlab_rails[‘smtp_enable‘] = true
gitlab_rails[‘smtp_address‘] = "smtp.exmail.qq.com"
gitlab_rails[‘smtp_port‘] = 465
gitlab_rails[‘smtp_user_name‘] = "alert@17track.cn"
gitlab_rails[‘smtp_password‘] = "17Track_neT"
gitlab_rails[‘smtp_authentication‘] = "login"
gitlab_rails[‘smtp_enable_starttls_auto‘] = true
gitlab_rails[‘smtp_tls‘] = true
gitlab_rails[‘gitlab_email_from‘] = ‘alert@17track.cn‘

nginx[‘enable‘] = true
nginx[‘client_max_body_size‘] = ‘8m‘
nginx[‘redirect_http_to_https‘] = true
nginx[‘redirect_http_to_https‘] = true

nginx[‘ssl_certificate‘] = "/etc/gitlab/ssl/17track.crt"
nginx[‘ssl_certificate_key‘] = "/etc/gitlab/ssl/17track.key"
nginx[‘ssl_ciphers‘] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
nginx[‘ssl_protocols‘] = "TLSv1 TLSv1.1 TLSv1.2"
nginx[‘ssl_session_cache‘] = "builtin:1000  shared:SSL:10m"

nginx[‘hsts_max_age‘] = 31536000
nginx[‘hsts_include_subdomains‘] = true

logrotate[‘enable‘] = true


pages_external_url "https://site.17track.net:8098/"
gitlab_pages[‘enable‘] = true

gitlab_pages[‘use_http2‘] = true

pages_nginx[‘enable‘] = false
gitlab_rails[‘pages_path‘] = "/data/gitlab-pages"

 

19、修改ningx配置文件:

[root@yqtrack-gitlab /]# vim /opt/gitlab/embedded/conf/nginx.conf

删除server项目相关项目,添加如下内容:

    # HTTPS server
    #
    server {
        listen       443 ssl;
        server_name  git.17track.net;

        ssl_certificate      /etc/gitlab/trusted-certs/dhparam.pem;
        ssl_certificate_key  /etc/gitlab/trusted-certs/17track.key;

        ssl on;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
            root   html;
            index  index.html index.htm;
        }
    }

    server {
        listen*:80;
        server_name git.17track.net;
        rewrite^(.*)$https://$host$1permanent;
    }

20、重启Gitlab服务:

[root@yqtrack-gitlab /]# gitlab-ctl restart

21、访问Gitlab服务;
https://172.16.1.191:8099/
root/*******

[THE END]

Linux安装Gitlab,附iSCSI分区挂载说明