docker笔记2.2--docker安装最新版 gitlab & 修改gitlab管理员密码

介绍

本文主要介绍如何使用docker 快速安装 gitlab 和修改 gitlab 用户密码。

最新安装方法

在 ​​dockerhub gitlab/gitlab-ce/tags​​ 中选择最新的版本, 然后参考官方文档安装即可; 安装前需要自己新建好volume目录,并设置好777权限; 按需修改映射到本机的端口.

docker run --detach \
  --hostname gitlab.example.com \
  --publish 8443:443 --publish 8081:80 --publish 8022:22 \
  --name gitlab \
  --volume /home/xg/soft/gitlab/config:/etc/gitlab \
  --volume /home/xg/soft/gitlab/logs:/var/log/gitlab \
  --volume /home/xg/soft/gitlab/data:/var/opt/gitlab \
  --shm-size 256m \
  gitlab/gitlab-ce:14.7.2-ce.0
 
截至 2022/02月最新为 14.7版本, 若需要长期启动可以添加上 --restart always 参数

Gitlab 初始化启动比较慢,一般可能1-5 分钟不等,笔者通常需要2-5 分钟(笔者docker目录放在机械盘,所以很多时候较慢).

docker笔记2.2--docker安装最新版 gitlab & 修改gitlab管理员密码_修改gitlab密码


启动后界面如下:

默认root用户名称为: root

默认用户密码在 /etc/gitlab/initial_root_password 中

docker笔记2.2--docker安装最新版 gitlab & 修改gitlab管理员密码_docker_02

修改gitlab 密码

新拉起的初始密码放在 默认初始密码放在 /etc/gitlab/initial_root_password, 但是笔者发现无法登录,因此需要按照官方文档修改一下密码。
初始 root 用户名称为 root, 对应密码是修改的 user.password = ‘111111admin’

进入容器:
~/files/code/gitlab$ docker exec -it gitlab bash
启动 gitlab-rails console:

root@gitlab:/# gitlab-rails console
--------------------------------------------------------------------------------
 Ruby:         ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux]
 GitLab:       14.7.2 (89599212ee6) FOSS
 GitLab Shell: 13.22.2
 PostgreSQL:   12.7
--------------------------------------------------------------------------------
Loading production environment (Rails 6.1.4.4)
irb(main):001:0> user =User.find(1)
=> #<User id:1 @root>
irb(main):002:0> user.password = '111111admin'
=> "111111admin"
irb(main):003:0> user.password_confirmation = '111111admin'
=> "111111admin"
irb(main):004:0> user.send_only_admin_changed_your_password_notification!
=> true
irb(main):005:0> user.save!
=> true
irb(main):006:0> exit
root@gitlab:/# exit

docker笔记2.2--docker安装最新版 gitlab & 修改gitlab管理员密码_json_03


修改后就可以正常登录到gitlab主页了,如下图:

docker笔记2.2--docker安装最新版 gitlab & 修改gitlab管理员密码_修改gitlab密码_04

关闭 prometheus|grafana|alertmanager 和一系列 exporter

docker 版本的gitlab 启动会自动启动 prometheus|grafana|alertmanager 和一系列 exporter, 非常占用资源,且导致启动比较慢,因此我们可以通过修改 /etc/gitlab/gitlab.rb 来关闭该功能。
默认启动包含如下内容:

# ps -ef|grep -E 'prome|exporter|alert|graf'
git          280     272  0 10:09 ?        00:00:00 /opt/gitlab/embedded/bin/gitlab-workhorse -listenNetwork unix -listenUmask 0 -listenAddr /var/opt/gitlab/gitlab-workhorse/sockets/socket -authBackend http://localhost:8080 -authSocket /var/opt/gitlab/gitlab-rails/sockets/gitlab.socket -documentRoot /opt/gitlab/embedded/service/gitlab-rails/public -pprofListenAddr  -prometheusListenAddr localhost:9229 -secretPath /opt/gitlab/embedded/service/gitlab-rails/.gitlab_workhorse_secret -logFormat json -config config.toml
root         350      23  0 10:09 ?        00:00:00 runsv redis-exporter
root         351      23  0 10:09 ?        00:00:00 runsv gitlab-exporter
root         352      23  0 10:09 ?        00:00:00 runsv grafana
root         353      23  0 10:09 ?        00:00:00 runsv postgres-exporter
root         355      23  0 10:09 ?        00:00:00 runsv alertmanager
root         356      23  0 10:09 ?        00:00:00 runsv prometheus
root         357     351  0 10:09 ?        00:00:00 svlogd -tt /var/log/gitlab/gitlab-exporter
root         358     350  0 10:09 ?        00:00:00 svlogd -tt /var/log/gitlab/redis-exporter
root         359     352  0 10:09 ?        00:00:00 svlogd -tt /var/log/gitlab/grafana
gitlab-+     360     352  0 10:09 ?        00:00:00 /opt/gitlab/embedded/bin/grafana-server -config /var/opt/gitlab/grafana/grafana.ini
gitlab-+     361     350  0 10:09 ?        00:00:00 /opt/gitlab/embedded/bin/redis_exporter --web.listen-address=localhost:9121 --redis.addr=unix:///var/opt/gitlab/redis/redis.socket
root         362     353  0 10:09 ?        00:00:00 svlogd -tt /var/log/gitlab/postgres-exporter
git          363     351  0 10:09 ?        00:00:07 /opt/gitlab/embedded/bin/ruby /opt/gitlab/embedded/bin/gitlab-exporter web -c /var/opt/gitlab/gitlab-exporter/gitlab-exporter.yml
gitlab-+     365     353  0 10:09 ?        00:00:01 /opt/gitlab/embedded/bin/postgres_exporter --web.listen-address=localhost:9187 --extend.query-path=/var/opt/gitlab/postgres-exporter/queries.yaml
root         366     355  0 10:09 ?        00:00:00 svlogd -tt /var/log/gitlab/alertmanager
root         368     356  0 10:09 ?        00:00:00 svlogd -tt /var/log/gitlab/prometheus
gitlab-+     369     356  1 10:09 ?        00:00:12 /opt/gitlab/embedded/bin/prometheus --web.listen-address=localhost:9090 --storage.tsdb.path=/var/opt/gitlab/prometheus/data --config.file=/var/opt/gitlab/prometheus/prometheus.yml
gitlab-+     370     355  0 10:09 ?        00:00:00 /opt/gitlab/embedded/bin/alertmanager --web.listen-address=localhost:9093 --storage.path=/var/opt/gitlab/alertmanager/data --config.file=/var/opt/gitlab/alertmanager/alertmanager.yml
root         618     615  0 10:11 ?        00:00:00 tail --follow=name --retry /var/log/gitlab/redis-exporter/current /var/log/gitlab/redis-exporter/state /var/log/gitlab/postgresql/current /var/log/gitlab/postgresql/state /var/log/gitlab/sidekiq/current /var/log/gitlab/sidekiq/state /var/log/gitlab/gitlab-exporter/current /var/log/gitlab/gitlab-exporter/state /var/log/gitlab/gitlab-rails/gitlab-rails-db-migrate-2022-02-10-01-12-10.log /var/log/gitlab/gitlab-rails/exceptions_json.log /var/log/gitlab/gitlab-rails/application.log /var/log/gitlab/gitlab-rails/web_exporter.log /var/log/gitlab/gitlab-rails/application_json.log /var/log/gitlab/gitlab-rails/sidekiq_client.log /var/log/gitlab/gitlab-rails/audit_json.log /var/log/gitlab/gitlab-rails/api_json.log /var/log/gitlab/gitlab-rails/auth.log /var/log/gitlab/gitlab-rails/production.log /var/log/gitlab/gitlab-rails/service_measurement.log /var/log/gitlab/gitlab-rails/graphql_json.log /var/log/gitlab/gitlab-rails/production_json.log /var/log/gitlab/gitlab-rails/git_json.log /var/log/gitlab/gitlab-rails/grpc.log /var/log/gitlab/logrotate/current /var/log/gitlab/grafana/current /var/log/gitlab/grafana/state /var/log/gitlab/postgres-exporter/current /var/log/gitlab/postgres-exporter/state /var/log/gitlab/nginx/gitlab_access.log /var/log/gitlab/nginx/gitlab_error.log /var/log/gitlab/nginx/current /var/log/gitlab/nginx/access.log /var/log/gitlab/nginx/error.log /var/log/gitlab/redis/current /var/log/gitlab/redis/state /var/log/gitlab/alertmanager/current /var/log/gitlab/alertmanager/state /var/log/gitlab/gitlab-workhorse/current /var/log/gitlab/gitlab-workhorse/state /var/log/gitlab/prometheus/current /var/log/gitlab/prometheus/state /var/log/gitlab/sshd/current /var/log/gitlab/gitaly/current /var/log/gitlab/gitaly/gitaly_ruby_json.log /var/log/gitlab/gitaly/state /var/log/gitlab/puma/puma_stderr.log /var/log/gitlab/puma/current /var/log/gitlab/puma/puma_stdout.log /var/log/gitlab/puma/state
root        2385    1071  0 10:26 pts/0    00:00:00 grep --color=auto -E prome|exporter|alert|graf

关闭后只包含如下内容:

关闭如下模块:
alertmanager['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false
gitlab_exporter['enable'] = false
prometheus_monitoring['enable'] = false
grafana['enable'] = false

root@gitlab:/# ps -ef|grep -E 'prome|exporter|alert|graf'
git          330     322  0 10:27 ?        00:00:00 /opt/gitlab/embedded/bin/gitlab-workhorse -listenNetwork unix -listenUmask 0 -listenAddr /var/opt/gitlab/gitlab-workhorse/sockets/socket -authBackend http://localhost:8080 -authSocket /var/opt/gitlab/gitlab-rails/sockets/gitlab.socket -documentRoot /opt/gitlab/embedded/service/gitlab-rails/public -pprofListenAddr  -prometheusListenAddr localhost:9229 -secretPath /opt/gitlab/embedded/service/gitlab-rails/.gitlab_workhorse_secret -logFormat json -config config.toml
root         518     517  0 10:28 ?        00:00:00 tail --follow=name --retry /var/log/gitlab/redis-exporter/current /var/log/gitlab/redis-exporter/state /var/log/gitlab/postgresql/current /var/log/gitlab/postgresql/state /var/log/gitlab/sidekiq/current /var/log/gitlab/sidekiq/state /var/log/gitlab/gitlab-exporter/current /var/log/gitlab/gitlab-exporter/state /var/log/gitlab/gitlab-rails/gitlab-rails-db-migrate-2022-02-10-01-12-10.log /var/log/gitlab/gitlab-rails/exceptions_json.log /var/log/gitlab/gitlab-rails/application.log /var/log/gitlab/gitlab-rails/web_exporter.log /var/log/gitlab/gitlab-rails/application_json.log /var/log/gitlab/gitlab-rails/sidekiq_client.log /var/log/gitlab/gitlab-rails/audit_json.log /var/log/gitlab/gitlab-rails/api_json.log /var/log/gitlab/gitlab-rails/auth.log /var/log/gitlab/gitlab-rails/production.log /var/log/gitlab/gitlab-rails/service_measurement.log /var/log/gitlab/gitlab-rails/graphql_json.log /var/log/gitlab/gitlab-rails/production_json.log /var/log/gitlab/gitlab-rails/git_json.log /var/log/gitlab/gitlab-rails/grpc.log /var/log/gitlab/logrotate/current /var/log/gitlab/grafana/current /var/log/gitlab/grafana/state /var/log/gitlab/postgres-exporter/current /var/log/gitlab/postgres-exporter/state /var/log/gitlab/nginx/gitlab_access.log /var/log/gitlab/nginx/gitlab_error.log /var/log/gitlab/nginx/current /var/log/gitlab/nginx/access.log /var/log/gitlab/nginx/error.log /var/log/gitlab/redis/current /var/log/gitlab/redis/state /var/log/gitlab/alertmanager/current /var/log/gitlab/alertmanager/state /var/log/gitlab/gitlab-workhorse/current /var/log/gitlab/gitlab-workhorse/state /var/log/gitlab/prometheus/current /var/log/gitlab/prometheus/state /var/log/gitlab/sshd/current /var/log/gitlab/gitaly/current /var/log/gitlab/gitaly/gitaly_ruby_json.log /var/log/gitlab/gitaly/state /var/log/gitlab/puma/puma_stderr.log /var/log/gitlab/puma/current /var/log/gitlab/puma/puma_stdout.log /var/log/gitlab/puma/state
root@gitlab:/#

说明

软件系统:
Ubuntu 21.04 Desktop
Docker 20.10.9
Gitlab version: 14.7

参考文档:
​​​gitlab 官方文档 security/reset_user_password.html#reset-your-root-password​​​​docker笔记2–配置gitlab服务器​