Gitlab CE I
페이지 정보
작성자 꿈꾸는여행자 작성일 23-04-04 14:41 조회 3,304 댓글 0본문
안녕하세요.
꿈꾸는여행자입니다.
OpenShift 환경에서 자주 사용되는 Git Tool,
Gitlab CE 환경 구성을 공유 하고자 합니다.
상세 내역은 아래와 같습니다.
감사합니다.
> 아래
2. CICD
2.1. Prepare
2.1.1. Create VM
* Create disk
cd /var/lib/libvirt/images/lds
qemu-img create -f qcow2 \
lds-ocp-demo-cicd.qcow2 \
100G
chown qemu:qemu lds-ocp-demo-cicd.qcow2
[root@lds203 lds]# pwd
/var/lib/libvirt/images/lds
[root@lds203 lds]# qemu-img create -f qcow2 \
> lds-ocp-demo-cicd.qcow2 \
> 100G
Formatting 'lds-ocp-demo-cicd.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=107374182400 lazy_refcounts=off refcount_bits=16
[root@lds203 lds]#
[root@lds203 lds]# chown qemu:qemu lds-ocp-demo-cicd.qcow2
[root@lds203 lds]#
[root@lds203 lds]# ls -al
total 582288968
drwxr-xr-x 2 root root 4096 Dec 27 10:51 .
drwx--x--x. 4 root root 4096 Dec 15 09:49 ..
-rw-r--r-- 1 qemu qemu 152822415360 Dec 27 11:01 lds-ocp-demo-bastion-coreos.qcow2
-rw-r--r-- 1 root root 6520373248 Dec 16 16:13 lds-ocp-demo-bs1-coreos.qcow2
-rw-r--r-- 1 qemu qemu 3323985920 Dec 27 11:01 lds-ocp-demo-cicd.qcow2
-rw-r--r-- 1 qemu qemu 23714004992 Dec 27 11:01 lds-ocp-demo-ms1-coreos.qcow2
-rw-r--r-- 1 qemu qemu 23320133632 Dec 27 11:01 lds-ocp-demo-ms2-coreos.qcow2
-rw-r--r-- 1 qemu qemu 21220360192 Dec 27 11:01 lds-ocp-demo-ms3-coreos.qcow2
-rw-r--r-- 1 qemu qemu 249519079424 Dec 27 11:00 lds-ocp-demo-rhel86.qcow2
-rw-r--r-- 1 qemu qemu 51399688192 Dec 27 11:01 lds-ocp-demo-wkr1-coreos.qcow2
-rw-r--r-- 1 qemu qemu 54186803200 Dec 27 11:01 lds-ocp-demo-wkr2-coreos.qcow2
-rw-r--r-- 1 qemu qemu 10226302976 Dec 27 11:01 lds-ocp-demo-wkr3-coreos.qcow2
[root@lds203 lds]#
* File > New Virtual Machine
* VM
* Name :bastion
* OS : Red Hat Enterprise Linux 9.0
* Install : Local CDROM/ISO
* Memory : 4096 MB
* CPUs : 2
* Storage : 100.0 GiB
* /var/lib/libvirt/images/lds/lds-ocp-demo-cicd.qcow2
* Network selection
* Virtual network lds-ocp-private : Isolated network
2.1.2. Install OS
* Account
Seq
User
Password
1
root
2
lds
2.1.3. Network Interface 설정
NetworkManager 도구인 nmtui를 이용하여 network interface를 설정할 수 있다.
nmtui
[root@localhost ~]# nmtui
* 네트워크 장비의 주소와 게이트웨이, DNS 주소 설정 후, 완료 버튼을 선택한다.
* IPv4 Configuration : Manual
* Addresses : 192.168.120.50
* Gateway : 192.168.120.1
* DNS servers :
* 192.168.120.100
* 8.8.8.8
* Automatically connect : Check
2.1.4. Firewalld and selinux
* firewalld
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld
* selinux
setenforce 0
sed -i 's/enforcing/disabled/g' /etc/selinux/config
[root@localhost ~]# setenforce 0
[root@localhost ~]# sed -i 's/enforcing/disabled/g' /etc/selinux/config
[root@localhost ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: disabled
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
[root@localhost ~]#
2.1.5. hostname 설정
* 각 노드의 hostname은 FQDN 형태로 정의되어야 한다.
hostnamectl set-hostname cicd.ocpcst.ldsproject.com
hostname
[root@localhost ~]# hostnamectl set-hostname cicd.ocpcst.ldsproject.com
[root@localhost ~]# su -
[root@cicd ~]# hostname
cicd.ocpcst.ldsproject.com
[root@cicd ~]#
2.1.6. Repository
2.1.6.1. Check repo
cat /etc/yum.repos.d/redhat.repo
cat /etc/mtab | grep media
[root@bastion yum.repos.d]# pwd
/etc/yum.repos.d
[root@bastion yum.repos.d]#
[root@bastion yum.repos.d]# head -n 30 redhat.repo
#
# Certificate-Based Repositories
# Managed by (rhsm) subscription-manager
#
# *** This file is auto-generated. Changes made here will be over-written. ***
# *** Use "subscription-manager repo-override --help" if you wish to make changes. ***
#
# If this file is empty and this system is subscribed consider
# a "yum repolist" to refresh available repos
#
[base]
name=RHEL - AppStream
baseurl=file:///run/media/root/RHEL-9-0-0-BaseOS-x86_64/AppStream
gpgcheck=0
enabled=1
[update]
name=RHEL - BaseOS
baseurl=file:///run/media/root/RHEL-9-0-0-BaseOS-x86_64/BaseOS
gpgcheck=0
enabled=1
…
[root@bastion yum.repos.d]# cat /etc/mtab | grep media
/dev/sr0 /run/media/root/RHEL-9-0-0-BaseOS-x86_64 iso9660 ro,nosuid,nodev,relatime,nojoliet,check=s,map=n,blocksize=2048,uid=0,gid=0,dmode=500,fmode=400 0 0
2.1.6.2. Mount
* ISO Mount
* https://linuxconfig.org/how-to-mount-cd-dvd-rom-on-centos-rhel-linux
mkdir -p /run/media/root/RHEL-9-0-0-BaseOS-x86_64
mount /dev/sr0 /run/media/root/RHEL-9-0-0-BaseOS-x86_64/
2.1.6.3. Set repo
vi /etc/yum.repos.d/redhat.repo
yum clean all
yum repolist
[root@cicd ~]# cat /etc/yum.repos.d/redhat.repo
…
[base]
name=RHEL - AppStream
baseurl=file:///run/media/root/RHEL-9-0-0-BaseOS-x86_64/AppStream
gpgcheck=0
enabled=1
[update]
name=RHEL - BaseOS
baseurl=file:///run/media/root/RHEL-9-0-0-BaseOS-x86_64/BaseOS
gpgcheck=0
enabled=1
[root@cicd yum.repos.d]# yum clean all
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
0 files removed
[root@cicd ~]# yum repolist
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
repo id repo name
base RHEL - AppStream
update RHEL - BaseOS
[root@cicd ~]#
2.1.7. Edit VM
* VM
* Add Hardware
* Network
* Virtual network lds-ocp-public : NAT
* Check Network
nmcli device
[root@cicd ~]# nmcli device
DEVICE TYPE STATE CONNECTION
enp1s0 ethernet connected enp1s0
enp7s0 ethernet disconnected --
lo loopback unmanaged --
[root@cicd ~]#
* Network Setting
nmtui
nmcli device
[root@localhost ~]# nmtui
[root@cicd ~]# nmcli device
DEVICE TYPE STATE CONNECTION
enp7s0 ethernet connected enp7s0
enp1s0 ethernet connected enp1s0
lo loopback unmanaged --
[root@cicd ~]#
* 네트워크 장비의 주소와 게이트웨이, DNS 주소 설정 후, 완료 버튼을 선택한다.
* Profile name : enp7s0
* Device : enp7s0
* IPv4 Configuration : Automatic
* Automatically connect : Check
* Available to all users
2.1.8. DNS
* DNS 정보 확인
cp ocpcst.ldsproject.com.zone ocpcst.ldsproject.com.zone.20221228_1030
cp rev.ocpcst.ldsproject.com.zone rev.ocpcst.ldsproject.com.zone.20221228_1030
nslookup cicd.ocpcst.ldsproject.com
[root@bastion named]# pwd
/var/named
[root@bastion named]# ls -al
total 32
drwxrwx--T. 5 root named 4096 Dec 25 00:00 .
drwxr-xr-x. 22 root root 4096 Dec 15 16:10 ..
drwxrwx---. 2 named named 75 Dec 25 00:00 data
drwxrwx---. 2 named named 60 Dec 28 09:58 dynamic
-rw-r-----. 1 root named 2253 Sep 30 05:09 named.ca
-rw-r-----. 1 root named 152 Sep 30 05:09 named.empty
-rw-r-----. 1 root named 152 Sep 30 05:09 named.localhost
-rw-r-----. 1 root named 168 Sep 30 05:09 named.loopback
-rw-r--r-- 1 named named 900 Dec 19 09:58 ocpcst.ldsproject.com.zone
-rw-r--r-- 1 named named 1111 Dec 15 16:10 rev.ocpcst.ldsproject.com.zone
drwxrwx---. 2 named named 6 Sep 30 05:09 slaves
[root@bastion named]#
[root@bastion named]# cp ocpcst.ldsproject.com.zone ocpcst.ldsproject.com.zone.20221228_1030
[root@bastion named]# cp rev.ocpcst.ldsproject.com.zone rev.ocpcst.ldsproject.com.zone.20221228_1030
[root@bastion named]#
[root@bastion named]# nslookup cicd.ocpcst.ldsproject.com
Server: 192.168.120.100
Address: 192.168.120.100#53
** server can't find cicd.ocpcst.ldsproject.com: NXDOMAIN
[root@bastion named]#
* Edit zone file
vi ocpcst.ldsproject.com.zone
cicd.ocpcst.ldsproject.com. IN A 192.168.120.51
* Edit reverse zone file
vi rev.ocpcst.ldsproject.com.zone
51.120.168.192.in-addr.arpa. IN PTR cicd.ocpcst.ldsproject.com.
* Restart bind service
sudo systemctl restart named
* Check lookup
nslookup cicd.ocpcst.ldsproject.com
[root@bastion named]# nslookup cicd.ocpcst.ldsproject.com
Server: 192.168.120.100
Address: 192.168.120.100#53
Name: cicd.ocpcst.ldsproject.com
Address: 192.168.120.51
[root@bastion named]#
꿈꾸는여행자입니다.
OpenShift 환경에서 자주 사용되는 Git Tool,
Gitlab CE 환경 구성을 공유 하고자 합니다.
상세 내역은 아래와 같습니다.
감사합니다.
> 아래
2. CICD
2.1. Prepare
2.1.1. Create VM
* Create disk
cd /var/lib/libvirt/images/lds
qemu-img create -f qcow2 \
lds-ocp-demo-cicd.qcow2 \
100G
chown qemu:qemu lds-ocp-demo-cicd.qcow2
[root@lds203 lds]# pwd
/var/lib/libvirt/images/lds
[root@lds203 lds]# qemu-img create -f qcow2 \
> lds-ocp-demo-cicd.qcow2 \
> 100G
Formatting 'lds-ocp-demo-cicd.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=107374182400 lazy_refcounts=off refcount_bits=16
[root@lds203 lds]#
[root@lds203 lds]# chown qemu:qemu lds-ocp-demo-cicd.qcow2
[root@lds203 lds]#
[root@lds203 lds]# ls -al
total 582288968
drwxr-xr-x 2 root root 4096 Dec 27 10:51 .
drwx--x--x. 4 root root 4096 Dec 15 09:49 ..
-rw-r--r-- 1 qemu qemu 152822415360 Dec 27 11:01 lds-ocp-demo-bastion-coreos.qcow2
-rw-r--r-- 1 root root 6520373248 Dec 16 16:13 lds-ocp-demo-bs1-coreos.qcow2
-rw-r--r-- 1 qemu qemu 3323985920 Dec 27 11:01 lds-ocp-demo-cicd.qcow2
-rw-r--r-- 1 qemu qemu 23714004992 Dec 27 11:01 lds-ocp-demo-ms1-coreos.qcow2
-rw-r--r-- 1 qemu qemu 23320133632 Dec 27 11:01 lds-ocp-demo-ms2-coreos.qcow2
-rw-r--r-- 1 qemu qemu 21220360192 Dec 27 11:01 lds-ocp-demo-ms3-coreos.qcow2
-rw-r--r-- 1 qemu qemu 249519079424 Dec 27 11:00 lds-ocp-demo-rhel86.qcow2
-rw-r--r-- 1 qemu qemu 51399688192 Dec 27 11:01 lds-ocp-demo-wkr1-coreos.qcow2
-rw-r--r-- 1 qemu qemu 54186803200 Dec 27 11:01 lds-ocp-demo-wkr2-coreos.qcow2
-rw-r--r-- 1 qemu qemu 10226302976 Dec 27 11:01 lds-ocp-demo-wkr3-coreos.qcow2
[root@lds203 lds]#
* File > New Virtual Machine
* VM
* Name :bastion
* OS : Red Hat Enterprise Linux 9.0
* Install : Local CDROM/ISO
* Memory : 4096 MB
* CPUs : 2
* Storage : 100.0 GiB
* /var/lib/libvirt/images/lds/lds-ocp-demo-cicd.qcow2
* Network selection
* Virtual network lds-ocp-private : Isolated network
2.1.2. Install OS
* Account
Seq
User
Password
1
root
2
lds
2.1.3. Network Interface 설정
NetworkManager 도구인 nmtui를 이용하여 network interface를 설정할 수 있다.
nmtui
[root@localhost ~]# nmtui
* 네트워크 장비의 주소와 게이트웨이, DNS 주소 설정 후, 완료 버튼을 선택한다.
* IPv4 Configuration : Manual
* Addresses : 192.168.120.50
* Gateway : 192.168.120.1
* DNS servers :
* 192.168.120.100
* 8.8.8.8
* Automatically connect : Check
2.1.4. Firewalld and selinux
* firewalld
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld
* selinux
setenforce 0
sed -i 's/enforcing/disabled/g' /etc/selinux/config
[root@localhost ~]# setenforce 0
[root@localhost ~]# sed -i 's/enforcing/disabled/g' /etc/selinux/config
[root@localhost ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: disabled
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
[root@localhost ~]#
2.1.5. hostname 설정
* 각 노드의 hostname은 FQDN 형태로 정의되어야 한다.
hostnamectl set-hostname cicd.ocpcst.ldsproject.com
hostname
[root@localhost ~]# hostnamectl set-hostname cicd.ocpcst.ldsproject.com
[root@localhost ~]# su -
[root@cicd ~]# hostname
cicd.ocpcst.ldsproject.com
[root@cicd ~]#
2.1.6. Repository
2.1.6.1. Check repo
cat /etc/yum.repos.d/redhat.repo
cat /etc/mtab | grep media
[root@bastion yum.repos.d]# pwd
/etc/yum.repos.d
[root@bastion yum.repos.d]#
[root@bastion yum.repos.d]# head -n 30 redhat.repo
#
# Certificate-Based Repositories
# Managed by (rhsm) subscription-manager
#
# *** This file is auto-generated. Changes made here will be over-written. ***
# *** Use "subscription-manager repo-override --help" if you wish to make changes. ***
#
# If this file is empty and this system is subscribed consider
# a "yum repolist" to refresh available repos
#
[base]
name=RHEL - AppStream
baseurl=file:///run/media/root/RHEL-9-0-0-BaseOS-x86_64/AppStream
gpgcheck=0
enabled=1
[update]
name=RHEL - BaseOS
baseurl=file:///run/media/root/RHEL-9-0-0-BaseOS-x86_64/BaseOS
gpgcheck=0
enabled=1
…
[root@bastion yum.repos.d]# cat /etc/mtab | grep media
/dev/sr0 /run/media/root/RHEL-9-0-0-BaseOS-x86_64 iso9660 ro,nosuid,nodev,relatime,nojoliet,check=s,map=n,blocksize=2048,uid=0,gid=0,dmode=500,fmode=400 0 0
2.1.6.2. Mount
* ISO Mount
* https://linuxconfig.org/how-to-mount-cd-dvd-rom-on-centos-rhel-linux
mkdir -p /run/media/root/RHEL-9-0-0-BaseOS-x86_64
mount /dev/sr0 /run/media/root/RHEL-9-0-0-BaseOS-x86_64/
2.1.6.3. Set repo
vi /etc/yum.repos.d/redhat.repo
yum clean all
yum repolist
[root@cicd ~]# cat /etc/yum.repos.d/redhat.repo
…
[base]
name=RHEL - AppStream
baseurl=file:///run/media/root/RHEL-9-0-0-BaseOS-x86_64/AppStream
gpgcheck=0
enabled=1
[update]
name=RHEL - BaseOS
baseurl=file:///run/media/root/RHEL-9-0-0-BaseOS-x86_64/BaseOS
gpgcheck=0
enabled=1
[root@cicd yum.repos.d]# yum clean all
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
0 files removed
[root@cicd ~]# yum repolist
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
repo id repo name
base RHEL - AppStream
update RHEL - BaseOS
[root@cicd ~]#
2.1.7. Edit VM
* VM
* Add Hardware
* Network
* Virtual network lds-ocp-public : NAT
* Check Network
nmcli device
[root@cicd ~]# nmcli device
DEVICE TYPE STATE CONNECTION
enp1s0 ethernet connected enp1s0
enp7s0 ethernet disconnected --
lo loopback unmanaged --
[root@cicd ~]#
* Network Setting
nmtui
nmcli device
[root@localhost ~]# nmtui
[root@cicd ~]# nmcli device
DEVICE TYPE STATE CONNECTION
enp7s0 ethernet connected enp7s0
enp1s0 ethernet connected enp1s0
lo loopback unmanaged --
[root@cicd ~]#
* 네트워크 장비의 주소와 게이트웨이, DNS 주소 설정 후, 완료 버튼을 선택한다.
* Profile name : enp7s0
* Device : enp7s0
* IPv4 Configuration : Automatic
* Automatically connect : Check
* Available to all users
2.1.8. DNS
* DNS 정보 확인
cp ocpcst.ldsproject.com.zone ocpcst.ldsproject.com.zone.20221228_1030
cp rev.ocpcst.ldsproject.com.zone rev.ocpcst.ldsproject.com.zone.20221228_1030
nslookup cicd.ocpcst.ldsproject.com
[root@bastion named]# pwd
/var/named
[root@bastion named]# ls -al
total 32
drwxrwx--T. 5 root named 4096 Dec 25 00:00 .
drwxr-xr-x. 22 root root 4096 Dec 15 16:10 ..
drwxrwx---. 2 named named 75 Dec 25 00:00 data
drwxrwx---. 2 named named 60 Dec 28 09:58 dynamic
-rw-r-----. 1 root named 2253 Sep 30 05:09 named.ca
-rw-r-----. 1 root named 152 Sep 30 05:09 named.empty
-rw-r-----. 1 root named 152 Sep 30 05:09 named.localhost
-rw-r-----. 1 root named 168 Sep 30 05:09 named.loopback
-rw-r--r-- 1 named named 900 Dec 19 09:58 ocpcst.ldsproject.com.zone
-rw-r--r-- 1 named named 1111 Dec 15 16:10 rev.ocpcst.ldsproject.com.zone
drwxrwx---. 2 named named 6 Sep 30 05:09 slaves
[root@bastion named]#
[root@bastion named]# cp ocpcst.ldsproject.com.zone ocpcst.ldsproject.com.zone.20221228_1030
[root@bastion named]# cp rev.ocpcst.ldsproject.com.zone rev.ocpcst.ldsproject.com.zone.20221228_1030
[root@bastion named]#
[root@bastion named]# nslookup cicd.ocpcst.ldsproject.com
Server: 192.168.120.100
Address: 192.168.120.100#53
** server can't find cicd.ocpcst.ldsproject.com: NXDOMAIN
[root@bastion named]#
* Edit zone file
vi ocpcst.ldsproject.com.zone
cicd.ocpcst.ldsproject.com. IN A 192.168.120.51
* Edit reverse zone file
vi rev.ocpcst.ldsproject.com.zone
51.120.168.192.in-addr.arpa. IN PTR cicd.ocpcst.ldsproject.com.
* Restart bind service
sudo systemctl restart named
* Check lookup
nslookup cicd.ocpcst.ldsproject.com
[root@bastion named]# nslookup cicd.ocpcst.ldsproject.com
Server: 192.168.120.100
Address: 192.168.120.100#53
Name: cicd.ocpcst.ldsproject.com
Address: 192.168.120.51
[root@bastion named]#
댓글목록 0
등록된 댓글이 없습니다.