Jenkins+gitlab部署参考过程

准备工作

1、关闭selinux和防火墙

1
2
3
4
5
6
7
[root@jenkins ~]# sed -i 's/enforcing/disabled/' /etc/selinux/config #关闭seLinux
或[root@jenkins ~]sed -ri '/^[^#]*SELINUX=/s#=.+$#=disabled#' /etc/selinux/config #关闭seLinux
[root@jenkins ~]# systemctl stop firewalld  
[root@jenkins ~]# systemctl disable firewalld  #关闭防火墙
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@jenkins ~]#reboot  #重启系统

或者防火墙设置,开启gitlab和Jenkins要用的端口和http服务

1
2
3
4
5
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --permanent --zone=public --add-port=80/tcp
sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp
sudo firewall-cmd --reload

2、安装依赖包 (Jenkins和gitlab都装)

1
[root@jenkins ~]yum -y install policycoreutils policycoreutils-python openssh-server openssh-clients postfix

一、开始Jenkins安装配置

1、Java包安装

1
2
3
卸载以前旧的Java 安装Java-11版本的
[root@jenkins ~]yum remove  java*   -y  
[root@jenkins ~]yum install fontconfig java-11-openjdk  -y

2、安装Jenkins

华为云下载稳定版或者阿里云下载都可以

1
2
3
4
5
阿里云Jenkins下载
 [root@jenkins ~]wget https://mirrors.aliyun.com/jenkins/redhat-stable/jenkins-2.346.3-1.1.noarch.rpm

华为云Jenkins下载
 [root@jenkins ~]wget  https://repo.huaweicloud.com/jenkins/redhat-stable/jenkins-2.346.3-1.1.noarch.rpm

安装Jenkins

1
2
3
4
5
6
7
[root@jenkins ~]ls
anaconda-ks.cfg  jenkins-2.346.3-1.1.noarch.rpm
[root@jenkins ~]rpm -ivh   jenkins-2.346.3-1.1.noarch.rpm
警告:jenkins-2.346.3-1.1.noarch.rpm: 头V4 RSA/SHA512 Signature, 密钥 ID 45f2c3d5: NOKEY
准备中...                          ################################# [100%]
正在升级/安装...
   1:jenkins-2.346.3-1.1              ################################# [100%]

3、启动Jenkins服务

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
[root@jenkins ~]#systemctl start jenkins.service
[root@jenkins ~]# systemctl status jenkins.service   #看Jenkins启动状态
● jenkins.service - Jenkins Continuous Integration Server
   Loaded: loaded (/usr/lib/systemd/system/jenkins.service; disabled; vendor preset: disabled)
   Active: active (running) since 三 2023-05-17 11:13:01 CST; 9s ago
 Main PID: 8411 (java)
   CGroup: /system.slice/jenkins.service
           └─8411 /usr/bin/java -Djava.awt.headless=true -jar /usr/share/java/jenkins.war --webroot=%C/jenk...

5月 17 11:12:43 jenkins jenkins[8411]: This may also be found at: /var/lib/jenkins/secrets/initialAdmi...word
5月 17 11:12:43 jenkins jenkins[8411]: *************************************************************
5月 17 11:12:43 jenkins jenkins[8411]: *************************************************************
5月 17 11:12:43 jenkins jenkins[8411]: *************************************************************
5月 17 11:13:01 jenkins jenkins[8411]: 2023-05-17 03:13:01.937+0000 [id=30]        INFO        jenkins...tion
5月 17 11:13:01 jenkins jenkins[8411]: 2023-05-17 03:13:01.991+0000 [id=22]        INFO        hudson....ning
5月 17 11:13:01 jenkins systemd[1]: Started Jenkins Continuous Integration Server.
5月 17 11:13:03 jenkins jenkins[8411]: 2023-05-17 03:13:03.249+0000 [id=45]        INFO        h.m.Dow...ller
5月 17 11:13:03 jenkins jenkins[8411]: 2023-05-17 03:13:03.249+0000 [id=45]        INFO        hudson....t #1
5月 17 11:13:03 jenkins jenkins[8411]: 2023-05-17 03:13:03.251+0000 [id=45]        INFO        hudson....2 ms
Hint: Some lines were ellipsized, use -l to show in full.

4、修改jenkins配置文件

1
2
3
4
5
6
7
8
9
10
11
12
将默认Jenkins用户名修改用户名为root 不改的话后期Jenkins目录没有权限
[root@jenkins ~]#vim /etc/sysconfig/jenkins
JENKINS_USER="root"

[root@jenkins ~]#vim /usr/lib/systemd/system/jenkins.service
User=jenkins   改为root
Group=jenkins  改为root

如果想改Jenkins的端口号在这改
Environment="JENKINS_PORT=8080"   将8080端口更改其他的

#更改完成后加载下配置文件重启Jenkins服务

5、重启Jenkins服务 查看端口是否起来

1
2
3
4
5
6
7
8
9
10
11
12
13
14
[root@jenkins ~]# systemctl daemon-reload
[root@jenkins ~]# systemctl restart jenkins.service
[root@jenkins ~]# ss -ntulp
Netid  State      Recv-Q Send-Q       Local Address:Port                      Peer Address:Port              
udp    UNCONN     0      0                127.0.0.1:323                                  *:*                   users:(("chronyd",pid=678,fd=5))
udp    UNCONN     0      0                    [::1]:323                               [::]:*                   users:(("chronyd",pid=678,fd=6))
tcp    LISTEN     0      128                      *:22                                   *:*                   users:(("sshd",pid=8275,fd=3))
tcp    LISTEN     0      100              127.0.0.1:25                                   *:*                   users:(("master",pid=1215,fd=13))
tcp    LISTEN     0      50                    [::]:8080                              [::]:*                   users:(("java",pid=8557,fd=109))
tcp    LISTEN     0      128                   [::]:22                                [::]:*                   users:(("sshd",pid=8275,fd=4))
tcp    LISTEN     0      100                  [::1]:25                                [::]:*                   users:(("master",pid=1215,fd=14))
[root@jenkins ~]# ps -aux | grep jenkins  ##查看Jenkins路径服务已经为root下 
root       8557  9.0 21.1 4861092 1687124 ?     Ssl  11:17   0:16 /usr/bin/java -Djava.awt.headless=true -jar /usr/share/java/jenkins.war --webroot=%C/jenkins/war --httpPort=8080
root       8673  0.0  0.0 112824   980 pts/0    R+   11:20   0:00 grep --color=auto jenkins

6、浏览器访问Jenkins界面

http://192.168.2.202:8080/login

Jenkins正在配置启动中,比较慢,注意给够配置资源

1
2
[root@jenkins ~]# cat /var/lib/jenkins/secrets/initialAdminPassword   #找到初始密码
905de696e91543139f67d2c551571e65

7、 选择插件来安装

8、选择“无”

9、创建管理员用户

10、配置国内插件地址

选择安装插件路径Manage Jenkins—Manage Plugins—Plugin Manager—Advanced然后下拉到底

1
2
3
4
5
[root@jenkins ~]# cd /var/lib/jenkins/updates
[root@jenkins updates]# ls
default.json  hudson.tasks.Maven.MavenInstaller
[root@jenkins updates]# sed -i 's/http:\/\/updates.jenkinsci.org\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json && sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' default.json
[root@jenkins updates]# systemctl restart jenkins.service

也可以先装中文包(虽然效果等于无)

11、安装插件

1
2
3
4
5
6
7
安装jenkins所需插件
Credentials                # 签名证书管理插件
Gitlab                     # 安装后从 GitLab 获取代码
Git    和 Git Client       # 用于 Jenkins 在 GitLab 中拉取源码                
Gitlab Authentication      # GitLab 和 Jenkins 认证插件
maven              
chinese                    #中文插件

需要一个漫长的等待,安装完插件后重启Jenkins

后因插件兼容性,升级到2.405

12、生成公钥私钥对出来

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
[root@jenkins ~]# ssh-keygen  #无特殊就一路回车到底
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:+bfnTrwGlXZq2vRA8W3ucB+WiqT0aot0ESQNncVm5KE root@jenkins
The key's randomart image is:
+---[RSA 2048]----+
|       o+.=+     |
|        o+o+. .  |
|         Eo.   +.|
|         ..   = =|
|        S.   + =.|
|         o....*+o|
|       ...= o*=*o|
|      . oo +.++.+|
|       ..oo .=+  |
+----[SHA256]-----+
1
2
[root@jenkins ~]# ls /root/.ssh/
id_rsa  id_rsa.pub

13、在Jenkins配置凭据

14、添加JDK,Git,Maven,路径

注:JDK配置路径不识别解决

部署Jenkins(version:2.405)时,全局新装Java-11。虽然centos7.9自带1.8.0,但在Jenkins配置JDK目录是不识别的。

解决方法:官网下载JDK1.8.0包解压放置指定目录

二、开始gitlab安装配置

1、配置yum源地址

注:建议换腾讯源。官方源和清华源速度上不去。

1
2
3
4
5
6
vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.cloud.tencent.com/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1

或者用wget安装

1
wget --no-check-certificate https://mirrors.cloud.tencent.com/gitlab-ce/yum/el7/gitlab-ce-15.9.8-ce.0.el7.x86_64.rpm

2、启动postfix邮件服务

1
2
systemctl start postfix
systemctl enable  postfix

3、修改配置文件

1
2
3
4
vi /etc/gitlab/gitlab.rb
-------------------------------------------
external_url 'http://your_ip:your_port'
nginx['listen_port'] = your_port

4、加载初始化命令执行

1
[root@gitlab ~]# gitlab-ctl reconfigure  #漫长的等待

5、确认gitlab启动情况

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[root@gitlab ~]# gitlab-ctl start
ok: run: alertmanager: (pid 10489) 26s
ok: run: gitaly: (pid 10428) 36s
ok: run: gitlab-exporter: (pid 10466) 27s
ok: run: gitlab-kas: (pid 10444) 29s
ok: run: gitlab-workhorse: (pid 10453) 29s
ok: run: logrotate: (pid 9274) 658s
ok: run: nginx: (pid 10095) 87s
ok: run: node-exporter: (pid 10461) 28s
ok: run: postgres-exporter: (pid 10498) 25s
ok: run: postgresql: (pid 9798) 142s
ok: run: prometheus: (pid 10474) 27s
ok: run: puma: (pid 9998) 105s
ok: run: redis: (pid 9642) 154s
ok: run: redis-exporter: (pid 10468) 27s
ok: run: sidekiq: (pid 10019) 99s

6、取得默认密码 账号:root

1
2
3
4
5
6
7
[root@gitlab ~]# cat  /etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
#          1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
#          2. Password hasn't been changed manually, either via UI or via command line.
#
#          If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.
Password: rJ1tJAQxmWLdHIQWDk85TV4os9tAmnagsfDOv0D5cvk=

7、登录

http://your_ip:your_port

8、修改页面语言

9、修改初始密码

10、创建测试项目

11、配置SSH密钥

三、开始测试