docker部署 会较少的污染linux 系统 gitlab较大 安装较慢 需要耐心等待 我一度以为安装没成功
后来才知道没有安装完 docker logs *** 是个好东西 部署完后默认账号 是root 初始化密码后 用root 登录
(https://docs.gitlab.com/omnibus/docker/#pre-configure-docker-container)
GitLab Docker images
The GitLab Docker images are monolithic images of GitLab running all the necessary services in a single container. If you instead want to install GitLab on Kubernetes, see GitLab Helm Charts.
Find the GitLab official Docker image at:
GitLab Docker image in Docker Hub
The Docker images don’t include a mail transport agent (MTA). The recommended solution is to add an MTA (such as Postfix or Sendmail) running in a separate container. As another option, you can install an MTA directly in the GitLab container, but this adds maintenance overhead as you’ll likely need to reinstall the MTA after every upgrade or restart.
In the following examples, if you want to use the latest RC image, use gitlab/gitlab-ee:rc instead.
Docker for Windows is not officially supported. There are known issues with volume permissions, and potentially other unknown issues. If you are trying to run on Docker for Windows, see the getting help page for links to community resources (IRC, forum, etc.) to seek help from other users.
Prerequisites
Docker is required. See the official installation documentation.
Set up the volumes location
Before setting everything else, configure a new environment variable $GITLAB_HOME pointing to the directory where the configuration, logs, and data files will reside. Ensure that the directory exists and appropriate permission have been granted.
For Linux users, set the path to /srv/gitlab:
export GITLAB_HOME=/srv/gitlab
For macOS users, use the user’s $HOME/gitlab directory:
export GITLAB_HOME=$HOME/gitlab
The GitLab container uses host mounted volumes to store persistent data:
Local location Container location Usage
$GITLAB_HOME/data /var/opt/gitlab For storing application data.
$GITLAB_HOME/logs /var/log/gitlab For storing logs.
$GITLAB_HOME/config /etc/gitlab For storing the GitLab configuration files.
Installation
The GitLab Docker images can be run in multiple ways:
Using Docker Engine
Using Docker Compose
Using Docker swarm mode
Install GitLab using Docker Engine
You can fine tune these directories to meet your requirements. Once you’ve set up the GITLAB_HOME variable, you can run the image:
sudo docker run --detach
--hostname localhost
--publish 443:443 --publish 8089:80 --publish 22:22
--name gitlab
--restart always
--volume $GITLAB_HOME/config:/etc/gitlab
--volume $GITLAB_HOME/logs:/var/log/gitlab
--volume $GITLAB_HOME/data:/var/opt/gitlab
gitlab/gitlab-ee:latest
This will download and start a GitLab container and publish ports needed to access SSH, HTTP and HTTPS. All GitLab data will be stored as subdirectories of $GITLAB_HOME. The container will automatically restart after a system reboot.
If you are on SELinux, then run this instead:
sudo docker run --detach
--hostname gitlab.example.com
--publish 443:443 --publish 80:80 --publish 22:22
--name gitlab
--restart always
--volume $GITLAB_HOME/config:/etc/gitlab:Z
--volume $GITLAB_HOME/logs:/var/log/gitlab:Z
--volume $GITLAB_HOME/data:/var/opt/gitlab:Z
gitlab/gitlab-ee:latest
This will ensure that the Docker process has enough permissions to create the config files in the mounted volumes.
If you’re using the Kerberos integration , you must also publish your Kerberos port (for example, --publish 8443:8443). Failing to do so prevents Git operations with Kerberos.
The initialization process may take a long time. You can track this process with:
sudo docker logs -f gitlab
After starting a container you can visit gitlab.example.com (or http://192.168.59.103 if you used boot2docker on macOS). It might take a while before the Docker container starts to respond to queries. The very first time you visit GitLab, you will be asked to set up the admin password. After you change it, you can log in with username root and the password you set up.
Install GitLab using Docker Compose
With Docker Compose you can easily configure, install, and upgrade your Docker-based GitLab installation:
Install Docker Compose.
Create a docker-compose.yml file (or download an example):
web:
image: 'gitlab/gitlab-ee:latest'
restart: always
hostname: 'gitlab.example.com'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.example.com'
# Add any other gitlab.rb configuration here, each on its own line
ports:
- '80:80'
- '443:443'
- '22:22'
volumes:
- '$GITLAB_HOME/config:/etc/gitlab'
- '$GITLAB_HOME/logs:/var/log/gitlab'
- '$GITLAB_HOME/data:/var/opt/gitlab'
Make sure you are in the same directory as docker-compose.yml and start GitLab:
docker-compose up -d
Read the “Pre-configure Docker container” section to see how the GITLAB_OMNIBUS_CONFIG variable works.
Below is another docker-compose.yml example with GitLab running on a custom HTTP and SSH port. Notice how the GITLAB_OMNIBUS_CONFIG variables match the ports section:
web:
image: 'gitlab/gitlab-ee:latest'
restart: always
hostname: 'gitlab.example.com'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://gitlab.example.com:8929'
gitlab_rails['gitlab_shell_ssh_port'] = 2224
ports:
- '8929:8929'
- '2224:22'
volumes:
- '$GITLAB_HOME/config:/etc/gitlab'
- '$GITLAB_HOME/logs:/var/log/gitlab'
- '$GITLAB_HOME/data:/var/opt/gitlab'
This is the same as using --publish 8929:8929 --publish 2224:22.
Install GitLab using Docker swarm mode
With Docker swarm mode, you can easily configure and deploy your Docker-based GitLab installation in a swarm cluster.
In swarm mode you can leverage Docker secrets and Docker configs to efficiently and securely deploy your GitLab instance. Secrets can be used to securely pass your initial root password without exposing it as an environment variable. Configs can help you to keep your GitLab image as generic as possible.
Here’s an example that deploys GitLab with four runners as a stack, using secrets and configs:
Set up a Docker swarm.
Create a docker-compose.yml file:
version: "3.6"
services:
gitlab:
image: gitlab/gitlab-ee:latest
ports:
- "22:22"
- "80:80"
- "443:443"
volumes:
- $GITLAB_HOME/data:/var/opt/gitlab
- $GITLAB_HOME/logs:/var/log/gitlab
- $GITLAB_HOME/config:/etc/gitlab
environment:
GITLAB_OMNIBUS_CONFIG: "from_file('/omnibus_config.rb')"
configs:
- source: gitlab
target: /omnibus_config.rb
secrets:
- gitlab_root_password
gitlab-runner:
image: gitlab/gitlab-runner:alpine
deploy:
mode: replicated
replicas: 4
configs:
gitlab:
file: ./gitlab.rb
secrets:
gitlab_root_password:
file: ./root_password.txt
For simplicity reasons, the network configuration was omitted. More information can be found in the official Compose file reference.
Create a gitlab.rb file:
external_url 'https://my.domain.com/'
gitlab_rails['initial_root_password'] = File.read('/run/secrets/gitlab_root_password')
Create a root_password.txt file:
MySuperSecretAndSecurePass0rd!
Make sure you are in the same directory as docker-compose.yml and run:
docker stack deploy --compose-file docker-compose.yml mystack
Configuration
This container uses the official Omnibus GitLab package, so all configuration is done in the unique configuration file /etc/gitlab/gitlab.rb.
To access the GitLab configuration file, you can start a shell session in the context of a running container. This will allow you to browse all directories and use your favorite text editor:
sudo docker exec -it gitlab /bin/bash
You can also just edit /etc/gitlab/gitlab.rb:
sudo docker exec -it gitlab editor /etc/gitlab/gitlab.rb
Once you open /etc/gitlab/gitlab.rb make sure to set the external_url to point to a valid URL.
To receive e-mails from GitLab you have to configure the SMTP settings because the GitLab Docker image doesn’t have an SMTP server installed. You may also be interested in enabling HTTPS.
After you make all the changes you want, you will need to restart the container in order to reconfigure GitLab:
sudo docker restart gitlab
GitLab will reconfigure itself whenever the container starts. For more options about configuring GitLab, check the configuration documentation.
Pre-configure Docker container
You can pre-configure the GitLab Docker image by adding the environment variable GITLAB_OMNIBUS_CONFIG to Docker run command. This variable can contain any gitlab.rb setting and is evaluated before the loading of the container’s gitlab.rb file. This behavior allows you to configure the external GitLab URL, and make database configuration or any other option from the Omnibus GitLab template. The settings contained in GITLAB_OMNIBUS_CONFIG aren’t written to the gitlab.rb configuration file, and are evaluated on load.
Here’s an example that sets the external URL and enables LFS while starting the container:
sudo docker run --detach
--hostname gitlab.example.com
--env GITLAB_OMNIBUS_CONFIG="external_url 'http://my.domain.com/'; gitlab_rails['lfs_enabled'] = true;"
--publish 443:443 --publish 80:80 --publish 22:22
--name gitlab
--restart always
--volume $GITLAB_HOME/config:/etc/gitlab
--volume $GITLAB_HOME/logs:/var/log/gitlab
--volume $GITLAB_HOME/data:/var/opt/gitlab
gitlab/gitlab-ee:latest
Note that every time you execute a docker run command, you need to provide the GITLAB_OMNIBUS_CONFIG option. The content of GITLAB_OMNIBUS_CONFIG is not preserved between subsequent runs.
Use tagged versions of GitLab
Tagged versions of the GitLab Docker images are also provided. To see all available tags see:
GitLab CE tags
GitLab EE tags
To use a specific tagged version, replace gitlab/gitlab-ee:latest with the GitLab version you want to run, for example gitlab/gitlab-ee:12.1.3-ce.0.
Run GitLab on a public IP address
You can make Docker to use your IP address and forward all traffic to the GitLab container by modifying the --publish flag.
To expose GitLab on IP 198.51.100.1:
sudo docker run --detach
--hostname gitlab.example.com
--publish 198.51.100.1:443:443
--publish 198.51.100.1:80:80
--publish 198.51.100.1:22:22
--name gitlab
--restart always
--volume $GITLAB_HOME/config:/etc/gitlab
--volume $GITLAB_HOME/logs:/var/log/gitlab
--volume $GITLAB_HOME/data:/var/opt/gitlab
gitlab/gitlab-ee:latest
You can then access your GitLab instance at http://198.51.100.1/ and https://198.51.100.1/.
Expose GitLab on different ports
GitLab will occupy some ports inside the container.
If you want to use a different host port than 80 (HTTP) or 443 (HTTPS), you need to add a separate --publish directive to the docker run command.
For example, to expose the web interface on the host’s port 8929, and the SSH service on port 2289:
Use the following docker run command:
sudo docker run --detach
--hostname gitlab.example.com
--publish 8929:8929 --publish 2289:22
--name gitlab
--restart always
--volume $GITLAB_HOME/config:/etc/gitlab
--volume $GITLAB_HOME/logs:/var/log/gitlab
--volume $GITLAB_HOME/data:/var/opt/gitlab
gitlab/gitlab-ee:latest
The format for publishing ports is hostPort:containerPort. Read more in Docker’s documentation about exposing incoming ports.
Enter the running container:
sudo docker exec -it gitlab /bin/bash
Open /etc/gitlab/gitlab.rb with your editor and set external_url:
# For HTTP
external_url "http://gitlab.example.com:8929"
or
# For HTTPS (notice the https)
external_url "https://gitlab.example.com:8929"
The port specified in this URL must match the port published to the host by Docker. Additionally, if the NGINX listen port is not explicitly set in nginx['listen_port'], it will be pulled from the external_url. For more information see the NGINX documentation.
Set gitlab_shell_ssh_port:
gitlab_rails['gitlab_shell_ssh_port'] = 2289
Finally, reconfigure GitLab:
gitlab-ctl reconfigure
Following the above example, you will be able to reach GitLab from your web browser under <hostIP>:8929 and push using SSH under the port 2289.
A docker-compose.yml example that uses different ports can be found in the Docker compose section.
Update
In most cases, updating GitLab is as easy as downloading the newest Docker image tag.
Update GitLab using Docker Engine
To update GitLab that was installed using Docker Engine:
Take a backup.
Stop the running container:
sudo docker stop gitlab
Remove the existing container:
sudo docker rm gitlab
Pull the new image. For example, the latest GitLab image:
sudo docker pull gitlab/gitlab-ee:latest
Create the container once again with the previously specified options:
sudo docker run --detach
--hostname gitlab.example.com
--publish 443:443 --publish 80:80 --publish 22:22
--name gitlab
--restart always
--volume $GITLAB_HOME/config:/etc/gitlab
--volume $GITLAB_HOME/logs:/var/log/gitlab
--volume $GITLAB_HOME/data:/var/opt/gitlab
gitlab/gitlab-ee:latest
On the first run, GitLab will reconfigure and update itself.
Refer to the GitLab Upgrade recommendations when upgrading between major versions.
Update GitLab using Docker compose
To update GitLab that was installed using Docker Compose:
Take a backup.
Download the newest release and update your GitLab instance:
docker-compose pull
docker-compose up -d
If you have used tags instead, you’ll need to first edit docker-compose.yml.
Back up GitLab
You can create a GitLab backup with:
docker exec -t <container name> gitlab-backup create
Read more on how to back up and restore GitLab.
If configuration is provided entirely via the GITLAB_OMNIBUS_CONFIG environment variable (per the “Pre-configure Docker Container” steps), meaning no configuration is set directly in the gitlab.rb file, then there is no need to back up the gitlab.rb file.
Installing GitLab Community Edition
GitLab CE Docker image
To install the Community Edition, replace ee with ce in the commands on this page.
Troubleshooting
The following information will help if you encounter problems using Omnibus GitLab and Docker.
Diagnose potential problems
Read container logs:
sudo docker logs gitlab
Enter running container:
sudo docker exec -it gitlab /bin/bash
From within the container you can administer the GitLab container as you would normally administer an Omnibus installation
500 Internal Error
When updating the Docker image you may encounter an issue where all paths display a 500 page. If this occurs, restart the container to try to rectify the issue:
sudo docker restart gitlab
Permission problems
When updating from older GitLab Docker images you might encounter permission problems. This happens when users in previous images were not preserved correctly. There’s script that fixes permissions for all files.
To fix your container, execute update-permissions and restart the container afterwards:
sudo docker exec gitlab update-permissions
sudo docker restart gitlab
Windows/Mac: Error executing action run on resource ruby_block[directory resource: /data/GitLab]
This error occurs when using Docker Toolbox with VirtualBox on Windows or Mac, and making use of Docker volumes. The /c/Users volume is mounted as a VirtualBox Shared Folder, and does not support the all POSIX filesystem features. The directory ownership and permissions cannot be changed without remounting, and GitLab fails.
Our recommendation is to switch to using the native Docker install for your platform, instead of using Docker Toolbox.
If you cannot use the native Docker install (Windows 10 Home Edition, or Windows 7/8), then an alternative solution is to setup NFS mounts instead of VirtualBox shares for Docker Toolbox’s boot2docker.
Linux ACL issues
If you are using file ACLs on the Docker host, the docker group requires full access to the volumes in order for GitLab to work:
getfacl $GITLAB_HOME
# file: $GITLAB_HOME
# owner: XXXX
# group: XXXX
user::rwx
group::rwx
group:docker:rwx
mask::rwx
default:user::rwx
default:group::rwx
default:group:docker:rwx
default:mask::rwx
default:other::r-x
If these are not correct, set them with:
sudo setfacl -mR default:group:docker:rwx $GITLAB_HOME
The default group is docker. If you changed the group, be sure to update your commands.
/dev/shm mount not having enough space in Docker container
GitLab comes with a Prometheus metrics endpoint at /-/metrics to expose a variety of statistics on the health and performance of GitLab. The files required for this gets written to a temporary file system (like /run or /dev/shm).
By default, Docker allocates 64Mb to the shared memory directory (mounted at /dev/shm). This is insufficient to hold all the Prometheus metrics related files generated, and will generate error logs like the following:
writing value to /dev/shm/gitlab/sidekiq/gauge_all_sidekiq_0-1.db failed with unmapped file
writing value to /dev/shm/gitlab/sidekiq/gauge_all_sidekiq_0-1.db failed with unmapped file
writing value to /dev/shm/gitlab/sidekiq/gauge_all_sidekiq_0-1.db failed with unmapped file
writing value to /dev/shm/gitlab/sidekiq/histogram_sidekiq_0-0.db failed with unmapped file
writing value to /dev/shm/gitlab/sidekiq/histogram_sidekiq_0-0.db failed with unmapped file
writing value to /dev/shm/gitlab/sidekiq/histogram_sidekiq_0-0.db failed with unmapped file
writing value to /dev/shm/gitlab/sidekiq/histogram_sidekiq_0-0.db failed with unmapped file
Other than disabling the Prometheus Metrics from the Admin page, the recommended solution to fix this problem is to increase the size of shm to at least 256Mb. If using docker run, this can be done by passing the flag --shm-size 256m. If using a docker-compose.yml file, the shm_size key can be used for this purpose.
Help & feedback
Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Show and post comments to review and give feedback about this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Join beta testing to help shape new features.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get Help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).