使用bitnami安装Redmine项目管理软件

 项目管理  No Responses »
5 月 292019
 

关于Bitnami项目介绍

The Bitnami Project was created to help spread the adoption of freely available, high quality open source web applications. Bitnami aims to make it easier than ever to discover, download and install Open Source software such as document and content management systems, wikis and blogging software.

https://bitnami.com/stacks

Redmine官方安装文档

http://www.redmine.org/projects/redmine/wiki/RedmineInstall

官网当前最新Redmine版本信息

下载Bitnami安装器

[root@iZj6cd9flzbx5kd084fw97Z ~]# wget https://bitnami.com/redirect/to/554708/bitnami-redmine-4.0.3-3-linux-x64-installer.run
--2019-05-29 23:07:54-- https://bitnami.com/redirect/to/554708/bitnami-redmine-4.0.3-3-linux-x64-installer.run
Resolving bitnami.com (bitnami.com)... 50.17.235.25
Connecting to bitnami.com (bitnami.com)|50.17.235.25|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://downloads.bitnami.com/files/stacks/redmine/4.0.3-3/bitnami-redmine-4.0.3-3-linux-x64-installer.run [following]
--2019-05-29 23:07:55-- https://downloads.bitnami.com/files/stacks/redmine/4.0.3-3/bitnami-redmine-4.0.3-3-linux-x64-installer.run
Resolving downloads.bitnami.com (downloads.bitnami.com)... 52.222.255.147, 52.222.255.100, 52.222.255.220, ...
Connecting to downloads.bitnami.com (downloads.bitnami.com)|52.222.255.147|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 233756196 (223M) [binary/octet-stream]
Saving to: ‘bitnami-redmine-4.0.3-3-linux-x64-installer.run’

100%[=======================================================================================================================================================>] 233,756,196 12.2MB/s in 17s

2019-05-29 23:08:13 (12.9 MB/s) - ‘bitnami-redmine-4.0.3-3-linux-x64-installer.run’ saved [233756196/233756196]

[root@iZj6cd9flzbx5kd084fw97Z ~]#

安装Perl及必要模块

https://docs.bitnami.com/installer/faq/linux-faq/administration/install-perl-linux/

[root@iZj6cd9flzbx5kd084fw97Z ~]# yum install perl perl-Data-Dumper

为安装器文件设置可执行属性

[root@iZj6cd9flzbx5kd084fw97Z ~]# ls
bitnami-redmine-4.0.3-3-linux-x64-installer.run
[root@iZj6cd9flzbx5kd084fw97Z ~]# chmod 700 bitnami-redmine-4.0.3-3-linux-x64-installer.run 
[root@iZj6cd9flzbx5kd084fw97Z ~]#

运行安装器

[root@iZj6cd9flzbx5kd084fw97Z ~]# ./bitnami-redmine-4.0.3-3-linux-x64-installer.run 
Language Selection

Please select the installation language
[1] English - English
[2] Spanish - Español
[3] Japanese - 日本語
[4] Korean - 한국어
[5] Simplified Chinese - 简体中文
[6] Hebrew - עברית
[7] German - Deutsch
[8] Romanian - Română
[9] Russian - Русский
Please choose an option [1] : 1
----------------------------------------------------------------------------
Welcome to the Bitnami Redmine Stack Setup Wizard.

----------------------------------------------------------------------------
Select the components you want to install; clear the components you do not want 
to install. Click Next when you are ready to continue.

Subversion [Y/n] :Y

PhpMyAdmin [Y/n] :Y

Redmine : Y (Cannot be edited)

Git [Y/n] :Y

Is the selection above correct? [Y/n]: Y

----------------------------------------------------------------------------
Installation folder

Please, choose a folder to install Bitnami Redmine Stack

Select a folder [/opt/redmine-4.0.3-3]:

----------------------------------------------------------------------------
Create Admin account

Bitnami Redmine Stack admin user creation

Your real name [User Name]: Harvey Mei

Email Address [user@example.com]: harvey.mei@msn.com

Login [user]: admin

Password :
Please confirm your password :
----------------------------------------------------------------------------
Language for default data configuration

Select your language for default data configuration:

[1] Bosnian
[2] Bulgarian
[3] Catalan
[4] Czech
[5] Danish
[6] German
[7] English
[8] Spanish
[9] French
[10] Galician
[11] Hebrew
[12] Hungarian
[13] Italian
[14] Japanese
[15] Korean
[16] Lithuanian
[17] Dutch
[18] Norwegian
[19] Polish
[20] Portuguese
[21] Romanian
[22] Russian
[23] Slovak
[24] Slovenian
[25] Serbian
[26] Swedish
[27] Turkish
[28] Ukrainian
[29] Vietnamese
[30] Chinese
Please choose an option [7] : 30

Do you want to configure mail support? [y/N]: y

----------------------------------------------------------------------------
Configure SMTP Settings

This is required so your application can send notifications via email.

Default email provider:

[1] GMail
[2] Custom
Please choose an option [1] : 1

----------------------------------------------------------------------------
Configure SMTP Settings

This data is stored in the application configuration files and may be visible to 
others. For this reason, it is recommended that you do not use your personal 
account credentials.

GMail address []: rita.chen@gmail.com

GMail password :
Re-enter :
----------------------------------------------------------------------------
Setup is now ready to begin installing Bitnami Redmine Stack on your computer.

Do you want to continue? [Y/n]: Y

----------------------------------------------------------------------------
Please wait while Setup installs Bitnami Redmine Stack on your computer.

Installing
0% ______________ 50% ______________ 100%
#########################################

----------------------------------------------------------------------------
Setup has finished installing Bitnami Redmine Stack on your computer.

Launch Redmine application. [Y/n]: Y

Info: To access the Bitnami Redmine Stack, go to
http://127.0.0.1:80 from your browser.
Press [Enter] to continue:
[root@iZj6cd9flzbx5kd084fw97Z ~]#

查看监听

访问服务

默认首页

Remine首页

Redmine登录页面

按照提示修改密码

密码修改成功

由Bitnami部署的Redmine服务的目录结构及服务控制脚本

 

Zabbix 4.0 LTS监控服务端安装与配置

 监控  No Responses »
5 月 292019
 

安装Zabbix YUM仓库源

[root@iZj6cd9flzbx5kd084fw97Z ~]# yum -y install https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-1.el7.noarch.rpm
[root@iZj6cd9flzbx5kd084fw97Z ~]# yum makecache

安装Mariadb 5.5.60(MySQL)数据库服务

[root@iZj6cd9flzbx5kd084fw97Z ~]# yum -y install mariadb-server mariadb

启动数据库服务并设置数据库服务随系统启动

[root@iZj6cd9flzbx5kd084fw97Z ~]# systemctl start mariadb
[root@iZj6cd9flzbx5kd084fw97Z ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@iZj6cd9flzbx5kd084fw97Z ~]#

创建数据库并赋权

[root@iZj6cd9flzbx5kd084fw97Z ~]# mysql -u root -p
Enter password: 
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 2
Server version: 5.5.60-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database zabbix character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all privileges on zabbix.* to zabbix@localhost identified by 'password';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit
Bye
[root@iZj6cd9flzbx5kd084fw97Z ~]#

安装zabbix服务端,代理端,Web端

[root@iZj6cd9flzbx5kd084fw97Z ~]# yum -y install zabbix-server-mysql zabbix-web-mysql zabbix-agent

修改目录写入权限(For Apache)

[root@iZj6cd9flzbx5kd084fw97Z ~]# ll /usr/share/zabbix/ |grep assets
drwxr-xr-x 5 root root 4096 May 30 11:31 assets
[root@iZj6cd9flzbx5kd084fw97Z ~]# ll /usr/share/zabbix/assets/ 
total 12
drwxr-xr-x 2 root root 4096 May 28 17:27 fonts
drwxr-xr-x 2 root root 4096 May 30 11:31 img
drwxr-xr-x 2 root root 4096 May 30 11:31 styles
[root@iZj6cd9flzbx5kd084fw97Z ~]# 
[root@iZj6cd9flzbx5kd084fw97Z ~]# chmod -R o+w /usr/share/zabbix/assets/

导入数据库脚本

[root@iZj6cd9flzbx5kd084fw97Z ~]# zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix
Enter password: 
[root@iZj6cd9flzbx5kd084fw97Z ~]#

修改服务端配置文件的数据库连接密码配置

[root@iZj6cd9flzbx5kd084fw97Z ~]# vi /etc/zabbix/zabbix_server.conf
### Option: DBPassword
# Database password.
# Comment this line if no password is used.
#
# Mandatory: no
# Default:
# DBPassword=

DBPassword=password

修改php配置参数的时区设置为本地时区

[root@iZj6cd9flzbx5kd084fw97Z ~]# vi /etc/httpd/conf.d/zabbix.conf
php_value date.timezone Asia/Hong_Kong

启动zabbix服务端,代理端和httpd服务并注册为随系统启动

[root@iZj6cd9flzbx5kd084fw97Z ~]# systemctl start zabbix-server zabbix-agent httpd 
[root@iZj6cd9flzbx5kd084fw97Z ~]# systemctl enable zabbix-server zabbix-agent httpd 
Created symlink from /etc/systemd/system/multi-user.target.wants/zabbix-server.service to /usr/lib/systemd/system/zabbix-server.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/zabbix-agent.service to /usr/lib/systemd/system/zabbix-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@iZj6cd9flzbx5kd084fw97Z ~]#

查看监听截图

使用浏览器访问zabbix安装向导

zabbix的依赖检测

配置数据连接信息

配置服务器端的主机通信地址及端口信息

确认安装清单

完成安装向导

使用默认服务默认用户名密码(Admin/zabbix)

Zabbix Web控制台首页

Yum二进制包zabbix关于php参数的配置方法参考

[root@iZj6cd9flzbx5kd084fw97Z ~]# cat /etc/httpd/conf.d/zabbix.conf 
#
# Zabbix monitoring system php web frontend
#

Alias /zabbix /usr/share/zabbix

<Directory "/usr/share/zabbix">
Options FollowSymLinks
AllowOverride None
Require all granted

<IfModule mod_php5.c>
php_value max_execution_time 300
php_value memory_limit 128M
php_value post_max_size 16M
php_value upload_max_filesize 2M
php_value max_input_time 300
php_value max_input_vars 10000
php_value always_populate_raw_post_data -1
php_value date.timezone Asia/Hong_Kong
</IfModule>
</Directory>

<Directory "/usr/share/zabbix/conf">
Require all denied
</Directory>

<Directory "/usr/share/zabbix/app">
Require all denied
</Directory>

<Directory "/usr/share/zabbix/include">
Require all denied
</Directory>

<Directory "/usr/share/zabbix/local">
Require all denied
</Directory>
[root@iZj6cd9flzbx5kd084fw97Z ~]#

ELK环境配置之Logstash7.1.1安装配置

 未分类  No Responses »
5 月 292019
 

Logstash 是开源的服务器端数据处理管道,能够同时从多个来源采集数据,转换数据,然后将数据发送到您最喜欢的 “存储库” 中。(我们的存储库当然是 Elasticsearch。)

https://www.elastic.co/guide/index.html

ELK环境配置之Kibana7.1.1安装配置

 未分类  No Responses »
5 月 292019
 

通过 Kibana,您能够对 Elasticsearch 中的数据进行可视化并在 Elastic Stack 进行操作,因此您可以在这里解开任何疑问:例如,为何会在凌晨 2:00 收到传呼,雨水会对季度数据造成怎样的影响。

https://www.elastic.co/guide/index.html

下载安装

[root@earth ~]# curl -O https://artifacts.elastic.co/downloads/kibana/kibana-7.1.1-linux-x86_64.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 160M 100 160M 0 0 13.1M 0 0:00:12 0:00:12 --:--:-- 12.2M
[root@earth ~]# tar xzf kibana-7.1.1-linux-x86_64.tar.gz 
[root@earth ~]# mv kibana-7.1.1-linux-x86_64 /usr/local/
[root@earth ~]# cd /usr/local/kibana-7.1.1-linux-x86_64/
[root@earth kibana-7.1.1-linux-x86_64]# ls 
bin built_assets config data LICENSE.txt node node_modules NOTICE.txt optimize package.json plugins README.txt src target webpackShims
[root@earth kibana-7.1.1-linux-x86_64]#

配置目录及配置文件

[root@earth kibana-7.1.1-linux-x86_64]# ls config/
kibana.yml
[root@earth kibana-7.1.1-linux-x86_64]#

修改配置文件

[root@earth kibana-7.1.1-linux-x86_64]# vi config/kibana.yml 
# Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601

# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
server.host: "0.0.0.0"

启动kibana

[root@earth kibana-7.1.1-linux-x86_64]# nohup ./bin/kibana &
[1] 20182
[root@earth kibana-7.1.1-linux-x86_64]# nohup: ignoring input and appending output to ‘nohup.out’

[root@earth kibana-7.1.1-linux-x86_64]#

确认端口监听

使用浏览器访问Kibana门户

http://47.75.246.214:5601

Kibana程序目录结构

ELK环境之Elasticsearch7.1.1安装配置

 未分类  No Responses »
5 月 282019
 

Elasticsearch 是一个分布式、RESTful 风格的搜索和数据分析引擎,能够解决不断涌现出的各种用例。作为 Elastic Stack 的核心,它集中存储您的数据,帮助您发现意料之中以及意料之外的情况。

https://www.elastic.co/guide/index.html

软件版本选择

Beats 7.1
APM Server 7.1
Elasticsearch 7.1
Elasticsearch Hadoop 7.1
Kibana 7.1
Logstash 7.1

Elastic Stack系列产品的安装顺序

Install the Elastic Stack products you want to use in the following order:
Elasticsearch
Kibana
Logstash
Beats
APM Server
Elasticsearch Hadoop

Elasticsearch在生产环境中的重要系统配置要求

Disable swapping(禁用交换分区)
Increase file descriptors(提升文件描述符到最大值(65535))
Ensure sufficient virtual memory(虚拟内存设置,临时更改sysctl -w vm.max_map_count=262144永久更改/etc/sysctl.conf)
Ensure sufficient threads(用户进程数必须大于等于4096/etc/security/limits.conf)
JVM DNS cache settings(详见jvm.options配置文件)
Temporary directory not mounted with noexec (临时目录挂载参数不包括noexec)

阿里云ECS镜像CentOS 7.x的资源限制

ulimit命令的资源限制参数

-a All current limits are reported
-b The maximum socket buffer size
-c The maximum size of core files created
-d The maximum size of a process's data segment
-e The maximum scheduling priority ("nice")
-f The maximum size of files written by the shell and its children
-i The maximum number of pending signals
-l The maximum size that may be locked into memory
-m The maximum resident set size (many systems do not honor this limit)
-n The maximum number of open file descriptors (most systems do not allow this value to be set)
-p The pipe size in 512-byte blocks (this may not be set)
-q The maximum number of bytes in POSIX message queues
-r The maximum real-time scheduling priority
-s The maximum stack size
-t The maximum amount of cpu time in seconds
-u The maximum number of processes available to a single user
-v The maximum amount of virtual memory available to the shell and, on some systems, to its children
-x The maximum number of file locks
-T The maximum number of threads

以非root用户权限运行elasticsearch服务
添加用户

[root@earth ~]# useradd elastic
[root@earth ~]#

下载安装并修改权限

[root@earth ~]# curl -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.1.1-linux-x86_64.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 330M 100 330M 0 0 12.6M 0 0:00:26 0:00:26 --:--:-- 12.2M
[root@earth ~]#

[root@earth ~]# tar xzf elasticsearch-7.1.1-linux-x86_64.tar.gz 
[root@earth ~]# mv elasticsearch-7.1.1 /usr/local/
[root@earth ~]# cd /usr/local/
[root@earth local]# chown -R elastic.elastic elasticsearch-7.1.1/
[root@earth local]#

安装目录中的主要配置文件及用途

elasticsearch.yml for configuring Elasticsearch
jvm.options for configuring Elasticsearch JVM settings
log4j2.properties for configuring Elasticsearch logging

修改配置文件elasticsearch.yml配置文件

[root@earth ~]# cd /usr/local/elasticsearch-7.1.1/config/
[root@earth config]# vi elasticsearch.yml 
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /usr/local/elasticsearch-7.1.1/data
#
# Path to log files:
#
path.logs: /usr/local/elasticsearch-7.1.1/logs
#

# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 127.0.0.1
#
# Set a custom port for HTTP:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#

切换到elastic用户并启动ES服务

[root@earth ~]# su - elastic
Last login: Wed May 29 16:56:38 CST 2019 on pts/0
[elastic@earth ~]$ cd /usr/local/elasticsearch-7.1.1/
[elastic@earth elasticsearch-7.1.1]$ ./bin/elasticsearch -d -p pid
OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
[elastic@earth elasticsearch-7.1.1]$

查看启动日志

查看端口监听

停止ES服务

[elastic@earth elasticsearch-7.1.1]$ pkill -F pid

验证Elasticsearch运行状态

[elastic@earth elasticsearch-7.1.1]$ curl localhost:9200
{
"name" : "earth",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "gAkz51cpSUuuL0MK5HBGCg",
"version" : {
"number" : "7.1.1",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "7a013de",
"build_date" : "2019-05-23T14:04:00.380842Z",
"build_snapshot" : false,
"lucene_version" : "8.0.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
[elastic@earth elasticsearch-7.1.1]$

Elasticsearch目录结构说明

VMware Harbor 1.8.0 版本新特性说明

 未分类  No Responses »
5 月 282019
 

https://github.com/goharbor/harbor/releases

Support for OpenID Connect
OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, allowing Harbor to verify the identity of users based on the authentication performed by an external authorization server or identity provider.

Robot accounts
Robot accounts can be configured to provide administrators with a token that can be granted appropriate permissions for pulling or pushing images. Harbor users can continue operating Harbor using their enterprise SSO credentials, and use robot accounts for CI/CD systems that perform Docker client commands.

Replication advancements
Harbor new version replication allows you to replicate your Harbor repository to and from non-Harbor registries. Harbor 1.8 expands on the Harbor-to-Harbor replication feature, adding the ability to replicate resources between Harbor and Docker Hub, Docker Registry, and Huawei Registry. This is enabled through both push and pull mode replication.

Additional Features
Harbor 1.8 brings numerous other capabilities for both administrators and end users:

Health check API, showing detailed status and health of all Harbor components.
Support for defining cron-based scheduled tasks in the Harbor UI. Administrators can now use cron strings to define the schedule of a job. Scan, garbage collection and replication jobs are all supported.
API explorer integration. End users can now explore and trigger Harbor’s API via the swagger UI nested inside Harbor’s UI.
Introduce a new master role to project, the role’s permissions are more than developer and less than project admin.
Introduce harbor.yml as the replacement of harbor.cfg and refactor the prepare script to provide more flexibility to the installation process based on docker-compose
Enhancement of the Job Service engine to include webhook events, additional APIs for automation, and numerous bug fixes to improve the stability of the service.
Docker Registry upgraded to v2.7.1.

使用VMware Harbor存取管理容器镜像

 未分类  No Responses »
5 月 272019
 

查看本地镜像

[root@client ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@client ~]#

从官方镜像仓库下拉一个CentOS 7.6.1810版本的镜像

[root@client ~]# docker pull centos:7.6.1810
7.6.1810: Pulling from library/centos
ac9208207ada: Pull complete 
Digest: sha256:0baec775bbf3e01cc770d5823c285b291b44ca05bb7c31b8674db5dae1d2aea9
Status: Downloaded newer image for centos:7.6.1810
[root@client ~]#

从官方镜像仓库下拉一个Ubuntu 18.04版本的镜像

[root@client ~]# docker pull ubuntu:18.04
18.04: Pulling from library/ubuntu
6abc03819f3e: Pull complete 
05731e63f211: Pull complete 
0bd67c50d6be: Pull complete 
Digest: sha256:f08638ec7ddc90065187e7eabdfac3c96e5ff0f6b2f1762cf31a4f49b53000a5
Status: Downloaded newer image for ubuntu:18.04
[root@client ~]#

查看本地镜像信息

[root@client ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 18.04 7698f282e524 12 days ago 69.9MB
centos 7.6.1810 f1cb7c7d58b7 2 months ago 202MB
[root@client ~]#

对默认的libarary公共镜像仓库进行存取操作

在项目中标记镜像:
docker tag SOURCE_IMAGE[:TAG] hub.licensebox.cn/library/IMAGE[:TAG]

推送镜像到当前项目:
docker push hub.licensebox.cn/library/IMAGE[:TAG]

查看已经重新打标记的镜像

[root@client ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 18.04 7698f282e524 12 days ago 69.9MB
centos 7.6.1810 f1cb7c7d58b7 2 months ago 202MB
hub.licensebox.cn/library/centos 7.6.1810 f1cb7c7d58b7 2 months ago 202MB
[root@client ~]#

登录镜像仓库未配置证书时的错误提示(自签证书)

[root@client ~]# docker login hub.licensebox.cn
Username: admin
Password: 
Error response from daemon: Get https://hub.licensebox.cn/v2/: x509: certificate signed by unknown authority
[root@client ~]#

建立证书配置目录(注意:必须提供server.cert文件,server.key文件和ca.crt文件)

[root@client ~]# mkdir -p /etc/docker/certs.d/hub.licensebox.cn/
[root@client ~]# mv ca.crt hub.licensebox.cn.key hub.licensebox.cn.cert /etc/docker/certs.d/hub.licensebox.cn/
[root@client ~]# ls /etc/docker/certs.d/hub.licensebox.cn/
ca.crt hub.licensebox.cn.cert hub.licensebox.cn.key
[root@client ~]#

登录自建仓库

[root@client certs.d]# docker login hub.licensebox.cn
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@client certs.d]#

上传

上传完成

[root@client ~]# docker push hub.licensebox.cn/library/centos:7.6.1810
The push refers to repository [hub.licensebox.cn/library/centos]
89169d87dbe2: Pushed 
7.6.1810: digest: sha256:747b2de199b6197a26eb1a24d69740d25483995842b2d2f75824095e9d1d19eb size: 529
[root@client ~]#

在VMware Harbor中查看已推送至镜像仓库的镜像

查看审计日志

删除本地镜像

[root@client ~]# docker image rm hub.licensebox.cn/library/centos:7.6.1810
Untagged: hub.licensebox.cn/library/centos:7.6.1810
Untagged: hub.licensebox.cn/library/centos@sha256:747b2de199b6197a26eb1a24d69740d25483995842b2d2f75824095e9d1d19eb
[root@client ~]# docker image rm centos:7.6.1810
Untagged: centos:7.6.1810
Untagged: centos@sha256:0baec775bbf3e01cc770d5823c285b291b44ca05bb7c31b8674db5dae1d2aea9
Deleted: sha256:f1cb7c7d58b73eac859c395882eec49d50651244e342cd6c68a5c7809785f427
Deleted: sha256:89169d87dbe2b72ba42bfbb3579c957322baca28e03a1e558076542a1c1b2b4a
[root@client ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 18.04 7698f282e524 12 days ago 69.9MB
[root@client ~]#

尝试拉取之前推送的镜像

[root@client ~]# docker pull hub.licensebox.cn/library/centos:7.6.1810
7.6.1810: Pulling from library/centos
ac9208207ada: Pull complete 
Digest: sha256:747b2de199b6197a26eb1a24d69740d25483995842b2d2f75824095e9d1d19eb
Status: Downloaded newer image for hub.licensebox.cn/library/centos:7.6.1810
[root@client ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 18.04 7698f282e524 12 days ago 69.9MB
hub.licensebox.cn/library/centos 7.6.1810 f1cb7c7d58b7 2 months ago 202MB
[root@client ~]#

查看日志

登出镜像仓库

[root@client ~]# docker logout hub.licensebox.cn
Removing login credentials for hub.licensebox.cn
[root@client ~]#

作为公开仓库,即使不登录仍然可以访问(拉取)仓库中的镜像

日志显示匿名用户anonymous对仓库进行了拉取镜像的操作

基于GitLab的Git基本命令行客户端操作

 未分类  No Responses »
5 月 272019
 

对于内部项目使用的GitLab服务关闭用户注册功能

取消勾选Sign-up enable选项并提交保存

退出登录后再次访问首页,显示只有Sign in功能,注册入口已关闭

新建用户tom及jerry,在无邮件服务器配置的情况下,重置用户密码(Gitlab.2019)

新建用户tom

新建用户jerry

初始化用户tom的密码

提示用户tom密码初始化成功

初始化用户jerry的密码

 

提示用户jerry密码初始化成功

使用用户tom登录GitLab服务

按照系统提示修改密码

 

提示密码修改成功并重新登录

在GitLab上使用tom用户新建项目1st并赋予Jerry用户访问权限

创建项目(Private)

项目创建成功

在项目设置的成员设置中添加用户jerry并指定为Developer角色权限

查看当前项目的成员信息,显示已成功添加jerry用户

在客户机上添加tom和jerry两个用户并安装git客户端

[root@client ~]# useradd tom
[root@client ~]# useradd jerry
[root@client ~]# yum -y install git

切换为tom用户并新建SSH密钥并查看公钥信息

[root@client ~]# su - tom
[tom@client ~]$ ssh-keygen -t ed25519 -C "tom@licensebox.cn"
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/tom/.ssh/id_ed25519): 
Created directory '/home/tom/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/tom/.ssh/id_ed25519.
Your public key has been saved in /home/tom/.ssh/id_ed25519.pub.
The key fingerprint is:
SHA256:UVeM2yOmysAcgcl708kGa3kbenZXDWHw2l6NmvwiyOA tom@licensebox.cn
The key's randomart image is:
+--[ED25519 256]--+
| . o . o=+. |
| + o . ..oo |
| . B.. o.o |
| . B B. +o+.o|
| = *So o.oo.o|
| * + o..+ . |
| . B + .+ . |
| E = . .. |
| . .. |
+----[SHA256]-----+
[tom@client ~]$ cat .ssh/id_ed25519.pub 
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOSSfWAFWITPSj+qXuXTIYhqRg6Stw96birC/7gzTiOg tom@licensebox.cn
[tom@client ~]$

将公钥信息复制粘贴至GitLab用户tom的SSH密钥配置信息中

添加公钥信息

添加成功

用户tom本地客户机使用git命令访问仓库并新建文件和添加注释并上传

[tom@client ~]$ git config --global user.name "Tom"
[tom@client ~]$ git config --global user.email "tom@licensebox.cn"
[tom@client ~]$ git clone git@gitlab.licensebox.cn:tom/1st.git
Cloning into '1st'...
The authenticity of host 'gitlab.licensebox.cn (47.75.246.214)' can't be established.
ECDSA key fingerprint is SHA256:O/ea5Lg0EzQZc+901DKkDlmv5IxBvShOQ6wknzCJRS4.
ECDSA key fingerprint is MD5:04:5a:fd:80:b9:1d:81:ed:2e:df:a8:f7:1b:02:33:7f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'gitlab.licensebox.cn,47.75.246.214' (ECDSA) to the list of known hosts.
warning: You appear to have cloned an empty repository.
[tom@client ~]$ cd 1st/
[tom@client 1st]$ touch README.md
[tom@client 1st]$ echo "Hello World" > README.md 
[tom@client 1st]$ git add README.md
[tom@client 1st]$ git commit -m "add README"
[master (root-commit) de77d4d] add README
1 file changed, 1 insertion(+)
create mode 100644 README.md
[tom@client 1st]$ git push -u origin master
Counting objects: 3, done.
Writing objects: 100% (3/3), 223 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To git@gitlab.licensebox.cn:tom/1st.git
* [new branch] master -> master
Branch master set up to track remote branch master from origin.
[tom@client 1st]$

在GitLab页面确认已上传的项目文件

用户jerry使用本地客户机生成密钥对并将公钥信息添加至GitLab上用户jerry的SSH密钥配置信息中

[jerry@client ~]$ ssh-keygen -t ed25519 -C "jerry@licensebox.cn" 
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/jerry/.ssh/id_ed25519): 
Created directory '/home/jerry/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/jerry/.ssh/id_ed25519.
Your public key has been saved in /home/jerry/.ssh/id_ed25519.pub.
The key fingerprint is:
SHA256:6uVleGBOpisnPjeJR2bEy5VmV9CMX08kkLOmHQ4m3eQ jerry@licensebox.cn
The key's randomart image is:
+--[ED25519 256]--+
| .=.o...|
| . B ...|
| . o * + o |
| o * = E .|
| o =S+ * . |
| *B o. o |
| =o.+ + |
| =.*+ + |
| ..Bo.. |
+----[SHA256]-----+
[jerry@client ~]$ cat .ssh/id_ed25519.pub 
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMmxHQCKvwn38NIyLuhc9EOwymQePQkwnA1EbIt9Mhpz jerry@licensebox.cn
[jerry@client ~]$

使用jerry用户在客户机上进行git clone操作并查看从服务器上拉取的仓库文件及内容

[jerry@client ~]$ git config --global user.name "Jerry"
[jerry@client ~]$ git config --global user.email "jerry@licensebox.cn"
[jerry@client ~]$ git clone git@gitlab.licensebox.cn:tom/1st.git
Cloning into '1st'...
The authenticity of host 'gitlab.licensebox.cn (47.75.246.214)' can't be established.
ECDSA key fingerprint is SHA256:O/ea5Lg0EzQZc+901DKkDlmv5IxBvShOQ6wknzCJRS4.
ECDSA key fingerprint is MD5:04:5a:fd:80:b9:1d:81:ed:2e:df:a8:f7:1b:02:33:7f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'gitlab.licensebox.cn,47.75.246.214' (ECDSA) to the list of known hosts.
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done.
[jerry@client ~]$ ls 1st/
README.md
[jerry@client ~]$ cat 1st/README.md 
Hello World
[jerry@client ~]$

GitLab项目仓库及SSH密钥配置与连接

 未分类  No Responses »
5 月 272019
 

新建仓库

在没有配置SSH密钥对之前,无法使用基于SSH的代码推拉操作。

You won’t be able to pull or push project code via SSH until you add an SSH key to your profile

为root用户准备SSH密钥(未设置私钥密码)

[root@client ~]# ssh-keygen -t ed25519 -C "harvey.mei@msn.com"
Generating public/private ed25519 key pair.
Enter file in which to save the key (/root/.ssh/id_ed25519): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_ed25519.
Your public key has been saved in /root/.ssh/id_ed25519.pub.
The key fingerprint is:
SHA256:zZYLuVxm+EDjPAHGjlgJjTGdkw0hrjMwOuLs6r0rrnU harvey.mei@msn.com
The key's randomart image is:
+--[ED25519 256]--+
| =*oOo |
| ..oO.o. |
|o .o + + |
|oo. . .+ B . |
|B S O |
|++ . @ . |
| o. E o o |
|.o.. |
|B+.+o |
+----[SHA256]-----+
[root@client ~]#

为私钥文件添加或者修改密码

ssh-keygen -p -o -f <keyname>

复制公钥内容到GitLab账户设置中

[root@client ~]# cat .ssh/id_ed25519.pub 
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHWIgmnrN7FGjKTdMxYE3y6py3SKp5cO0wnc2dlWNj5o harvey.mei@msn.com
[root@client ~]#
 

查看已导入的SSH公钥信息


测试用户root的SSH密钥有效性,按照提示将服务器端公钥存储在本地已知主机列表文件known_hosts文件中

[root@client ~]# ssh -i .ssh/id_ed25519 -T git@gitlab.licensebox.cn
The authenticity of host 'gitlab.licensebox.cn (47.75.246.214)' can't be established.
ECDSA key fingerprint is SHA256:s+kUB7fDvU43bDqTmukBOoSd/8o/gxzuQC/Kk1aYLio.
ECDSA key fingerprint is MD5:f4:2a:7f:58:6c:d8:d3:ee:90:3a:14:9f:f9:5b:d4:4c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'gitlab.licensebox.cn,47.75.246.214' (ECDSA) to the list of known hosts.
Welcome to GitLab, @root!
[root@client ~]#

查看保留在本地的服务器端

[root@client ~]# cat .ssh/known_hosts

gitlab.licensebox.cn,47.75.246.214 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLPz49yrtFCwkwt+5/kCXekab8jtrEmf8OpPyfjqtoOuPMlHbhH/rnlNxcicFMF+0U9AD/RIigglJh5SFgSYQ3A=
[root@client ~]#

本地操作系统安装Git客户端程序

[root@client ~]# git
-bash: git: command not found
[root@client ~]# yum -y install git

将仓库Clone到本地磁盘(无需再次验证身份)

[root@client ~]# git clone git@gitlab.licensebox.cn:root/licensebox.git 
Cloning into 'licensebox'...
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done.

查看本地Git目录及文件内容,确认成功Clone仓库至本地磁盘

[root@client ~]# ls
licensebox
[root@client ~]# ls licensebox/
README.md
[root@client ~]# cat licensebox/README.md 
# licensebox

LicenseBox Project[root@client ~]#
 Older Entries