gitlab-runner 安装使用
安裝前環(huán)境準(zhǔn)備-docker為例
docker與docker-compose安裝
docker參考
docker-compose參考
docker安裝
-
選擇安裝版本,以 linux 的 centos 為例訪問docker官網(wǎng) 、點(diǎn)擊docker for linux:
-
選擇centos版本
-
先決條件:要安裝Docker Engine,您需要一個(gè)CentOS 7的維護(hù)版本。不支持或未測(cè)試存檔版本
-
卸載舊版本
$ sudo yum remove docker \docker-client \docker-client-latest \docker-common \docker-latest \docker-latest-logrotate \docker-logrotate \docker-engine如果yum報(bào)告未安裝這些軟件包, 說明無需關(guān)注、可以直接走下一步安裝。
-
設(shè)置存儲(chǔ)庫:首次安裝Docker Engine之前,需要設(shè)置Docker存儲(chǔ)庫
安裝yum-utils軟件包(提供yum-config-manager 實(shí)用程序)并設(shè)置穩(wěn)定的存儲(chǔ)庫
$ sudo yum install -y yum-utils ? $ sudo yum-config-manager \--add-repo \https://download.docker.com/linux/centos/docker-ce.repo -
安裝docker引擎,我們這里安裝最新版, 需要特定版本可參考官網(wǎng)
$ sudo yum install docker-ce docker-ce-cli containerd.io -
啟動(dòng)Docker
$ sudo systemctl start docker -
通過運(yùn)行hello-world 映像來驗(yàn)證是否正確安裝了Docker Engine
sudo docker run hello-world會(huì)輸出hello word信息 即代表成功。
-
設(shè)置docker開啟自啟動(dòng)
# 允許開機(jī)啟動(dòng) $ sudo systemctl enable docker # 狀態(tài)檢查 $ sudo systemctl status docker
docker-compose安裝
-
前提條件:Docker Compose依靠Docker Engine進(jìn)行有意義的工作,請(qǐng)確保有安裝Docker Engine
-
安裝版本選擇
-
直接使用crul方式安裝 卸載方便
sudo curl -L "https://github.com/docker/compose/releases/download/1.25.5/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose -
給docker-compose添加可執(zhí)行權(quán)限
sudo chmod +x /usr/local/bin/docker-compose -
卸載:(通過curl方式安裝卸載)
sudo rm /usr/local/bin/docker-compose
gitlab-runner安裝配置
docker-compose.yaml文件編寫
version: "2" ? services:runner:image: gitlab/gitlab-runner:latestcontainer_name: gitlab-runnerrestart: alwaysenvironment:TZ: Asia/Shanghaivolumes:- /docker/gitlab-runner/config:/etc/gitlab-runner- /var/run/docker.sock:/var/run/docker.sock注意:如果runner executor 為docker 、必須掛載 /var/run/docker.sock:/var/run/docker.sock
?
安裝&&使用gitlab-runner
配置runner參考
example
-
安裝前準(zhǔn)備
-
mkdir /root/docker
-
將上述docker-compose.yaml文件拷貝到/root/docker目錄下
-
運(yùn)行g(shù)itlab-runner
docker-compose up -d -
查看日志
docker logs gitlab-runner -
注冊(cè)gitlab-runner到gitlab、先查看gitlabrunner 的token
獲取token和注冊(cè)需要的域名或者ip都可
?
-
注冊(cè)gitlab-runner
$ docker exec -it gitlab-runner gitlab-runner register Runtime platform ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?arch=amd64 os=linux pid=35 revision=ce065b93 version=12.10.1 Running in system-mode. ? Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/): # https://gitlab.com # 你的gitlab的域名或ip Please enter the gitlab-ci token for this runner: # 89Gz************ # 上面從項(xiàng)目中獲取的token值 Please enter the gitlab-ci description for this runner: [9e4cbb00ddf2]: # my-runner # 自定義的runner描述 Please enter the gitlab-ci tags for this runner (comma separated): # demo # 自定義的tag ci可以根據(jù)tag執(zhí)行任務(wù),可在ci中設(shè)置 默認(rèn)啟用tag 如果任務(wù)未添加tag 會(huì)pending Registering runner... succeeded ? ? ? ? ? ? ? ? ? ? runner=89GziSKQ Please enter the executor: docker, docker-ssh, shell, kubernetes, docker+machine, docker-ssh+machine, custom, parallels, ssh, virtualbox: # docker # 選擇executor類型 這里采用docker Please enter the default Docker image (e.g. ruby:2.6): # golang:1.14.2 # 默認(rèn)的鏡像 因?yàn)槭莋o所以選擇go的 Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!再次查看日志 現(xiàn)在未繼續(xù)報(bào)錯(cuò)了
Configuration loaded ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? builds=0 -
gitlab-runner設(shè)置
如果允許未設(shè)置tag的任務(wù)運(yùn)行 需要在runner里面設(shè)置
允許沒有tag的任務(wù)運(yùn)行、否則沒有tag的任務(wù)會(huì) 進(jìn)入pending 狀態(tài)
gitlab-runner config.toml配置
配置文件路徑 與在yaml文件路徑下 /docker/gitlab-runner/config/config.toml
# cat config.toml concurrent = 1 check_interval = 0 ? [session_server]session_timeout = 1800 ? [[runners]]name = "my-runner"url = "https://gitlab.****.com"token = "dWza**********"executor = "docker"[runners.custom_build_dir][runners.cache][runners.cache.s3][runners.cache.gcs][runners.docker]tls_verify = falseimage = "golang:1.14.2"privileged = falsedisable_entrypoint_overwrite = falseoom_kill_disable = falsedisable_cache = falsevolumes = ["/cache", "/root/docker/gitlab-runner/gztar/.tar:/root/.tar","/root/.ssh:/root/.ssh:ro"]pull_policy = "if-not-present"shm_size = 0這里volumes掛載了cache目錄以及設(shè)置了默認(rèn)拉取的鏡像文件
? # 配置從本地獲取鏡像 加快ci & cd速度volumes = ["/root/docker/gitlab-runner/gztar/.tar:/root/.tar"]# 會(huì)首先從本地獲取鏡像 本地沒有才會(huì)從hub上拉取鏡像pull_policy = "if-not-present" # --------------# 可選 映射本機(jī)的秘鑰到docker里面的docker里面、 可用于ssh 部署之類volumes = ["/root/.ssh:/root/.ssh:ro"] # ro只讀 不允許修改宿主機(jī)的秘鑰信息ssh部署可參考
gitlab-yaml
注意:
url = "https://gitlab.****.com" # gitlab的地址token = "dWza**********" ?# gitlab的token附:docker鏡像導(dǎo)入導(dǎo)出命令
# 導(dǎo)出鏡像 docker save -o /root/docker/gitlab-runner/gztar/golang.tar golang:latest # 導(dǎo)入鏡像 docker load -i /root/docker/gitlab-runner/gztar/golang.tar ? # 另外一種方式 docker save golang:latest > /root/docker/gitlab-runner/gztar/golang.tar docker load < /root/docker/gitlab-runner/gztar/golang.targitlab-runner 知識(shí)點(diǎn)
Runner間隔多久去GitLab上檢查是否有job
config.toml文件的check_interval字段會(huì)決定這個(gè)時(shí)間間隔,它的默認(rèn)值是3秒(注意當(dāng)你把它設(shè)為0時(shí)依然采用的是默認(rèn)值3秒,而不是0秒)
要解釋它的意義,首先我們先來定義worker,在config.toml文件中定義了很多runner,它們可能executor類型不同,可能注冊(cè)地址不同,但都是由GitLab Runner這個(gè)服務(wù)來管理的,為了與GitLab Runner區(qū)分開,我們將config.toml文件中定義的runner稱為worker。
對(duì)于不同的worker,worker之間(如worker A ---> worker B)的間隔為check_interval / worker_nums,但是對(duì)于worker A本身來說它下次去檢查是否有job的時(shí)間間隔仍為check_interval。
舉個(gè)簡(jiǎn)單例子:config.toml定義了3個(gè)worker—— worker A, worker B 和 worker C,check_interval采用默認(rèn)值為3秒,第0秒時(shí)worker A會(huì)去檢查是否有屬于自己的job,第1秒時(shí)worker B會(huì)去檢查,第2秒時(shí)worker C去檢查,第3秒時(shí)worker A再檢查……這個(gè)過程中worker A到worker B的間隔為3 / 3 = 1秒,而對(duì)于worker A下次檢查job時(shí)的時(shí)間間隔為check_interval,即3秒。
官方文檔對(duì)check_interval的解釋:https://docs.gitlab.com/runner/configuration/advanced-configuration.html#how-check_interval-works。
config.toml里的concurrent字段的意義
concurrent限制了整個(gè)GitLab Runner能并發(fā)處理job的數(shù)量。特別注意concurrent與worker數(shù)量無任何關(guān)系,所有worker的工作是受GitLab Runner控制的,如果concurrent值為1并且有一個(gè)worker已經(jīng)在工作了,那么即使其他worker達(dá)到了可以工作的條件也只能“pending”。
cache存儲(chǔ)在哪里
參考https://docs.gitlab.com/ee/ci/caching/#where-the-caches-are-stored
怎樣清除cache
注意cache是沒有過期時(shí)間的,而且每一次新的push觸發(fā)的pipeline,都會(huì)重新生成cache,重新生成的cache的名字為“-”,其中num是隨著push數(shù)量遞增的。如果不去清除cache,cache會(huì)永久保留在Runner上,日積月累會(huì)填滿存儲(chǔ)空間的,因此最好隔一段時(shí)間進(jìn)行一次清除,清除方法請(qǐng)參考https://docs.gitlab.com/ee/ci/caching/#clearing-the-cache,或者使用clear_volumes.sh 這個(gè)簡(jiǎn)單腳本來處理它, 清除cache的原理是將相關(guān)的volume移除,當(dāng)然,docker也有自帶的清除命令,推薦將docker system prune -f --volumes加入到定時(shí)任務(wù)中。
GitLab Runner 變量的優(yōu)先級(jí)
參考https://docs.gitlab.com/ee/ci/variables/#priority-of-environment-variables
GitLab Runner有哪些預(yù)定義的變量
參考https://docs.gitlab.com/ee/ci/variables/#predefined-variables-environment-variables
當(dāng)使用Runner采用docker作為executor時(shí),無法build docker image
這是個(gè)dind(docker in docker) 問題,一般pipeline會(huì)報(bào)如下錯(cuò)誤:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? time="2018-12-17T11:12:33Z" level=error msg="failed to dial gRPC: cannot connect to the Docker daemon. Is 'docker daemon' running on this host?: dial unix可以將本地的docker socket綁定到container里來解決
在配置文件config.toml里添加volumes = ["/var/run/docker.sock:/var/run/docker.sock"]
可參考https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-in-docker-executor。
如何在job所對(duì)應(yīng)的container里使用git clone命令
如果想在job運(yùn)行期間clone代碼(如shell或python的腳本),首先要確保你的宿主機(jī)有權(quán)限clone代碼,然后將將你的secret掛載到container里。
例如,通過git/ssh的方式克隆代碼,若ssh目錄為/root/.ssh,可以在config.toml文件里添加如下配置:
volumes = ["/root/.ssh:/root/.ssh:ro"]ro表示容器只有可讀權(quán)限 避免修改秘鑰。
常用的預(yù)定義的變量
| $CI_PROJECT_NAME | 項(xiàng)目名稱 |
| $CI_PROJECT_NAMESPACE | 組名稱 |
| $CI_PROJECT_PATH | 項(xiàng)目相對(duì)路徑 |
| $CI_PROJECT_URL | 項(xiàng)目URL地址 |
| $GITLAB_USER_NAME | 用戶名稱 |
| $GITLAB_USER_EMAIL | 用戶郵箱 |
| $CI_PROJECT_DIR | 項(xiàng)目絕對(duì)路徑 |
| $CI_PIPELINE_ID | 流水線ID |
| $CI_COMMIT_REF_NAME | 當(dāng)前分支 |
go Makefile 常用集成
通過Makefile簡(jiǎn)單集成單元測(cè)試 覆蓋率測(cè)試 及覆蓋率報(bào)告
.PHONY: clean test coverage coverhtml build help lint ? PROJECT_NAME := "code" PKG_LIST := $(shell go list ./... | grep -v /vendor/) ? all: build ? test: ## Run unittests@go test -v ${PKG_LIST} ? race: ## Run data race detector@go test -race -short ${PKG_LIST} ? coverage: ## Generate global code coverage reportcoverage_testcoverhtml: ## Generate global code coverage report in HTMLcoverage_test html ? build: ## Build the binary file@go build -i -v -o _${PROJECT_NAME} ./... ? lint: ## Lint the files@golint -set_exit_status ${PKG_LIST} ? clean:rm -rf _${PKG_LIST} ? help: ## Display this help screen@grep -h -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' ? SHELL=bash define BASH_FUNC_coverage_test%% () {# Code coverage generationCOVERAGE_DIR="${COVERAGE_DIR:-coverage}" ?# Create the coverage files directorymkdir -p "$COVERAGE_DIR"; ?# Create a coverage file for each packagefor package in ${PKG_LIST}; dogo test -covermode=count -coverprofile "./${COVERAGE_DIR}/${package##*/}.cov" "$$package" ;done ; ?# Merge the coverage profile filesecho 'mode: count' > "./${COVERAGE_DIR}"/coverage.cov ;tail -q -n +2 "./${COVERAGE_DIR}"/*.cov >> "./${COVERAGE_DIR}"/coverage.cov ; ?# Display the global code coveragego tool cover -func="./${COVERAGE_DIR}"/coverage.cov ; ?# If needed, generate HTML reportif [ "$1" == "html" ]; thengo tool cover -html="./${COVERAGE_DIR}"/coverage.cov -o coverage.html ;fi ?# Remove the coverage files directoryrm -rf "$COVERAGE_DIR"; } endef export BASH_FUNC_coverage_test%% ??
.gitlab-ci.yaml配置(優(yōu)化后)
image: golang:1.14.2 variables:PROJECT_NAME: "_code"DEV_HOST: "測(cè)試機(jī)器ip"DEV_PATH: "部署路徑"PRD_HOST: "線上機(jī)器ip"PRD_PATH: "部署路徑" ? stages: - test- build- deploy ? before_script:- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'- eval $(ssh-agent -s)- mkdir -p /go/src/$GITLAB_USER_NAME /go/src/_/builds- cp -r $CI_PROJECT_DIR /go/src/$GITLAB_USER_NAME/$CI_PROJECT_NAME- ln -s /go/src/$GITLAB_USER_NAME /go/src/_/builds/$GITLAB_USER_NAME ? unit_tests:stage: testscript: - make testtags: - demo ? race_detector:stage: testscript:- make race ? code_coverage:stage: testscript:- make coverage ? code_coverage_report:stage: testscript:- make coverhtmlonly:- master ? build:dev:stage: buildscript:- go build -i -v -o ${PROJECT_NAME} ./...artifacts:expire_in: 1 weekpaths:- $PROJECT_NAMEonly:- dev ? build:master:stage: buildscript:- go build -i -v -o ${PROJECT_NAME} ./...artifacts:expire_in: 1 weekpaths:- $PROJECT_NAMEonly: - master ? deploy:dev:stage: deployscript:- echo "=====start dev deploy======"- scp -r $PROJECT_NAME root@$DEV_HOST:$DEV_PATH- ssh root@$DEV_HOST "cd $DEV_PATH; ./$PROJECT_NAME >> dev.log"- echo "=====end dev deploy======"only:- devwhen: manualenvironment: testdependencies:- build:devdeploy:master:stage: deployscript:- echo "=====start deploy======"- scp -r $PROJECTNAME root@$DEV_HOST:$DEV_PATH- ssh root@$DEV_HOST "cd $DEV_PATH; ./$PROJECT_NAME >> master_test.log"- echo "=====end deploy======"only:- masterwhen: manualenvironment: productiondependencies:- build:master驗(yàn)證.gitlab-ci.yml文件的內(nèi)容:進(jìn)入項(xiàng)目倉庫->CI/CD->作業(yè)->CI Lint,示例如下:
總結(jié)
以上是生活随笔為你收集整理的gitlab-runner 安装使用的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: GitLab CI/CD
- 下一篇: sarama-cluster之panic