文档 {id=doc}
- 安装 GitLab Runner
- 自签名证书或自定义证书颁发机构
- 配置 Runner
- gitlab runner 最新版手动下载
- 自签名证书或自定义证书颁发机构
- GitLab Runner 高级配置
CentOS 安装 GitLab Runner {id=centos-install-gitlab-runner}
- 可能存在国内镜像未同步对应系统版本的情况,如:腾讯、清华大学只同步了 CentOS 7 和 9,没有同步 CentOS 8。
根据自身情况,选择接近的版本或使用其他镜像,根据作者的经验,选择 GitLab Runner 版本时,可选择低于当前系统版本的软件,
如:CentOS 8 可以安装针对于 CentOS 7 平台编译的 GitLab Runner - 国内镜像同步可能存在不及时的情况
# 极狐源
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://packages.gitlab.cn/repository/runner-rpm/el/\$releasever/\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 腾讯源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.cloud.tencent.com/gitlab-runner/yum/el\$releasever-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 清华大学源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-runner/yum/el\$releasever-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 南京大学源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.nju.edu.cn/gitlab-runner/yum/el\$releasever-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 官方源]
curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.rpm.sh | sudo bash
sudo yum -y install gitlab-runner
类 CentOS 安装 GitLab Runner {id=similar-centos-install-gitlab-runner}
- 如果需要安装 GitLab Runner 的操作系统不是 CentOS,而是 CentOS 系列的操作系统(比如:可以使用 yum 安装软件),
可使用下方命令安装 GitLab Runner - 若操作系统基于 CentOS 7/8/9 发布,则可以选择下方对应的命令
- 若无法确定操作系统基于 CentOS 几 发布,根据尝试下方的 3 个选择
基于 CentOS 7 的系统
# 极狐源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://packages.gitlab.cn/repository/runner-rpm/el/7/\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 腾讯源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.cloud.tencent.com/gitlab-runner/yum/el7-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 清华大学源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-runner/yum/el7-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 南京大学源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.nju.edu.cn/gitlab-runner/yum/el7-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 官方源]
sudo curl 'https://packages.gitlab.com/install/repositories/runner/gitlab-runner/config_file.repo?os=centos&dist=7&source=script' --header 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36' > /etc/yum.repos.d/runner_gitlab-runner.repo
sudo yum clean all
sudo yum -y install gitlab-runner
基于 CentOS 8 的系统
# 极狐源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://packages.gitlab.cn/repository/runner-rpm/el/8/\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 南京大学源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.nju.edu.cn/gitlab-runner/yum/el8-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 官方源]
sudo curl 'https://packages.gitlab.com/install/repositories/runner/gitlab-runner/config_file.repo?os=centos&dist=8&source=script' --header 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36' > /etc/yum.repos.d/runner_gitlab-runner.repo
sudo yum clean all
sudo yum -y install gitlab-runner
基于 CentOS 9 的系统
# 极狐源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://packages.gitlab.cn/repository/runner-rpm/el/9/\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 腾讯源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.cloud.tencent.com/gitlab-runner/yum/el9-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 清华大学源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-runner/yum/el9-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 南京大学源]
cat <<EOF | tee /etc/yum.repos.d/runner_gitlab-runner.repo
[runner_gitlab-runner]
name=runner_gitlab-runner
baseurl=https://mirrors.nju.edu.cn/gitlab-runner/yum/el9-\$basearch
repo_gpgcheck=0
gpgcheck=0
enabled=1
EOF
sudo yum clean all
sudo yum -y install gitlab-runner
# 官方源]
sudo curl 'https://packages.gitlab.com/install/repositories/runner/gitlab-runner/config_file.repo?os=centos&dist=9&source=script' --header 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36' > /etc/yum.repos.d/runner_gitlab-runner.repo
sudo yum clean all
sudo yum -y install gitlab-runner
Debian 安装 GitLab Runner {id=debian-install-runner}
# 极狐源]
curl https://packages.gitlab.cn/repository/raw/scripts/runner.deb.sh | bash
apt-get update
apt-get -y install gitlab-runner
# Debian 12 bookworm]
# /etc/apt/sources.list.d/runner_gitlab-runner.list
deb [arch=amd64 trusted=yes] https://packages.gitlab.cn/repository/runner-deb/debian bookworm main
# curl https://packages.gitlab.com/gpg.key > /etc/apt/keyrings/runner_gitlab-runner.asc
# deb [arch=amd64 signed-by=/etc/apt/keyrings/runner_gitlab-runner.asc] https://packages.gitlab.cn/repository/runner-deb/debian bookworm main
# Debian 11 bullseye]
# /etc/apt/sources.list.d/runner_gitlab-runner.list
deb [arch=amd64 trusted=yes] https://packages.gitlab.cn/repository/runner-deb/debian bullseye main
# curl https://packages.gitlab.com/gpg.key > /etc/apt/keyrings/runner_gitlab-runner.asc
# deb [arch=amd64 signed-by=/etc/apt/keyrings/runner_gitlab-runner.asc] https://packages.gitlab.cn/repository/runner-deb/debian bullseye main
# Debian 10 buster]
# /etc/apt/sources.list.d/runner_gitlab-runner.list
deb [arch=amd64 trusted=yes] https://packages.gitlab.cn/repository/runner-deb/debian buster main
# curl https://packages.gitlab.com/gpg.key > /etc/apt/keyrings/runner_gitlab-runner.asc
# deb [arch=amd64 signed-by=/etc/apt/keyrings/runner_gitlab-runner.asc] https://packages.gitlab.cn/repository/runner-deb/debian buster main
# Debian 9 stretch]
# /etc/apt/sources.list.d/runner_gitlab-runner.list
deb [arch=amd64 trusted=yes] https://packages.gitlab.cn/repository/runner-deb/debian stretch main
# curl https://packages.gitlab.com/gpg.key > /etc/apt/keyrings/runner_gitlab-runner.asc
# deb [arch=amd64 signed-by=/etc/apt/keyrings/runner_gitlab-runner.asc] https://packages.gitlab.cn/repository/runner-deb/debian stretch main
Ubuntu 安装 GitLab Runner {id=ubuntu-install-runner}
# 极狐源]
curl https://packages.gitlab.cn/repository/raw/scripts/runner.deb.sh | bash
apt-get update
apt-get -y install gitlab-runner
# Ubuntu 24 noble]
# /etc/apt/sources.list.d/runner_gitlab-runner.list
deb [arch=amd64 trusted=yes] https://packages.gitlab.cn/repository/runner-deb/ubuntu noble main
# curl https://packages.gitlab.com/gpg.key > /etc/apt/keyrings/runner_gitlab-runner.asc
# deb [arch=amd64 signed-by=/etc/apt/keyrings/runner_gitlab-runner.asc] https://packages.gitlab.cn/repository/runner-deb/ubuntu noble main
# Ubuntu 22 jammy]
# /etc/apt/sources.list.d/runner_gitlab-runner.list
deb [arch=amd64 trusted=yes] https://packages.gitlab.cn/repository/runner-deb/ubuntu jammy main
# curl https://packages.gitlab.com/gpg.key > /etc/apt/keyrings/runner_gitlab-runner.asc
# deb [arch=amd64 signed-by=/etc/apt/keyrings/runner_gitlab-runner.asc] https://packages.gitlab.cn/repository/runner-deb/ubuntu jammy main
# Ubuntu 20 focal]
# /etc/apt/sources.list.d/runner_gitlab-runner.list
deb [arch=amd64 trusted=yes] https://packages.gitlab.cn/repository/runner-deb/ubuntu focal main
# curl https://packages.gitlab.com/gpg.key > /etc/apt/keyrings/runner_gitlab-runner.asc
# deb [arch=amd64 signed-by=/etc/apt/keyrings/runner_gitlab-runner.asc] https://packages.gitlab.cn/repository/runner-deb/ubuntu focal main
# Ubuntu 18 bionic]
# /etc/apt/sources.list.d/runner_gitlab-runner.list
deb [arch=amd64 trusted=yes] https://packages.gitlab.cn/repository/runner-deb/ubuntu bionic main
# curl https://packages.gitlab.com/gpg.key > /etc/apt/keyrings/runner_gitlab-runner.asc
# deb [arch=amd64 signed-by=/etc/apt/keyrings/runner_gitlab-runner.asc] https://packages.gitlab.cn/repository/runner-deb/ubuntu bionic main
# Ubuntu 16 xenial]
# /etc/apt/sources.list.d/runner_gitlab-runner.list
deb [arch=amd64 trusted=yes] https://packages.gitlab.cn/repository/runner-deb/ubuntu xenial main
# curl https://packages.gitlab.com/gpg.key > /etc/apt/keyrings/runner_gitlab-runner.asc
# deb [arch=amd64 signed-by=/etc/apt/keyrings/runner_gitlab-runner.asc] https://packages.gitlab.cn/repository/runner-deb/ubuntu xenial main
使用 root 用户运行 GitLab Runner {id=use-root-run}
- 以下设置在升级 GitLab Runner 后将失效,需要重新设置一次
- 使用 root 用户执行流水线可能会涉及流水线危险操作,如:使用 Shell 执行器执行
rm -rf / - 推荐使用 Docker 执行器
# 查看当前 runner 运行的用户
ps aux | grep gitlab-runner
# 删除gitlab-runner
sudo gitlab-runner uninstall
# 安装并设置--user(例如我想设置为root)
sudo gitlab-runner install --working-directory /home/gitlab-runner --user root
# 重启gitlab-runner
sudo service gitlab-runner restart
# 再次执行会发现--user的用户名已经更换成root了
ps aux | grep gitlab-runner
配置证书信任 {id=trust-certificate}
异常 {id=runner-exception}
# 自己生成的证书,如果不进行信任,注册时可能出现的问题:
# ERROR: Registering runner... failed runner=6iuLhyWx status=couldn't execute POST against https://gitlab.example.com/api/v4/runners: Post "https://gitlab.example.com/api/v4/runners": x509: certificate is not valid for any names, but wanted to match gitlab.example.com
# 下列执行时,需要本机能使用 GitLab 域名访问
# 可以修改 本机 /etc/hosts 文件解决
# 如果域名未解析,会出现
# ERROR: Registering runner... failed runner=z4uLTqoa status=couldn't execute POST against https://gitlab.example.com/api/v4/runners: Post "https://gitlab.example.com/api/v4/runners": dial tcp: lookup gitlab.example.com on 192.168.61.2:53: no such host
# 如果创建证书时,未设置“Common Name (e.g. server FQDN or YOUR name) []”时,会出现
# ERROR: Registering runner... failed runner=z4uLTqoa status=couldn't execute POST against https://gitlab.example.com/api/v4/runners: Post "https://gitlab.example.com/api/v4/runners": x509: certificate is not valid for any names, but wanted to match gitlab.example.com
# 重新设置了域名证书,需要执行 sudo gitlab-ctl restart,如果修改了 /etc/gitlab/gitlab.rb 文件,需要先执行 sudo gitlab-ctl reconfigure,再执行 sudo gitlab-ctl restart
# 生成的证书不满足GitLab Runner的检查时,会出现下列错误,请根据前面章节中的内容重新生成
# ERROR: Registering runner... failed runner=z4uLTqoa status=couldn't execute POST against https://gitlab.example.com/api/v4/runners: Post "https://gitlab.example.com/api/v4/runners": x509: certificate relies on legacy Common Name field, use SANs instead
# 如果域名证书未生效,或者已过期,会出现下面的错误
# x509: certificate has expired or is not yet valid: current time 2022-11-15T20:45:12+08:00 is before 2022-11-15T19:49:27Z
信任域名命令 {id=trust-certificate-command}
sudo mkdir -p /etc/gitlab-runner/certs
# 本文使用域名是IP:192.168.80.14
# 可根据自己的需要,修改下方的域名及端口
# 使用客户端下载 GitLab 实例的证书
openssl s_client -showcerts -connect 192.168.80.14:443 -servername 192.168.80.14 < /dev/null 2>/dev/null | openssl x509 -outform PEM > /etc/gitlab-runner/certs/192.168.80.14.crt
# openssl s_client -showcerts -connect gitlab.example.com:443 -servername gitlab.example.com < /dev/null 2>/dev/null | openssl x509 -outform PEM > /etc/gitlab-runner/certs/gitlab.example.com.crt
# 验证文件是否已正确安装
echo | openssl s_client -CAfile /etc/gitlab-runner/certs/192.168.80.14.crt -connect 192.168.80.14:443 -servername 192.168.80.14
# echo | openssl s_client -CAfile /etc/gitlab-runner/certs/gitlab.example.com.crt -connect gitlab.example.com:443 -servername gitlab.example.com
自动生成信任域名命令 {id=automatically-trust-certificate-command}
注册 GitLab Runner {id=gitlab-runner-register}
-
注册 GitLab Runner
gitlab-runner register -
提示:Enter the GitLab instance URL (for example, https://gitlab.com/):
输入 GitLab 的地址
https://192.168.80.14 # https://gitlab.example.com/ -
提示:Enter the registration token:
# 复制 https://192.168.80.14/admin/runners 页面中的 token(点击:注册一个Runner即可获取) # 复制 https://gitlab.example.com/admin/runners 页面中的 token(点击:注册一个Runner即可获取) 6iuLhyWxqypcyaNtUG_C -
提示:Enter a description for the runner:
输入流水线的名称,默认为 CentOS 主机名
-
提示:Enter tags for the runner (comma-separated):
输入流水线的标签名(非Git仓库的标签),即:.gitlab-ci.yml 文件中标签,可为空,**为空时允许所有未指定标签的流水线使用,可在GitLab页面中进行随时调整
** -
提示:Enter optional maintenance note for the runner:
输入流水线的描述,可为空
-
提示:Registering runner… succeeded runner=6iuLhyWx
Enter an executor:docker,docker-ssh,parallels,shell,docker-ssh+machine,instance,kubernetes,
custom,ssh,virtualbox,docker+machine:选择流水线执行器
# 输入 docker,用于后面的 GitLab Pages 做准备 docker -
提示:Enter the default Docker image (for example, ruby:2.7):
输入默认docker镜像
-
出现下列语句,说明流水线已注册成功:
/etc/gitlab-runner/config.toml 是GitLab Runner配置文件的位置Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded! Configuration (with the authentication token) was saved in "/etc/gitlab-runner/config.toml" -
修改流水线配置,使其同时可以执行多个任务
vim /etc/gitlab-runner/config.toml# 同一时间支持运行的最大任务数 concurrent = 10 -
管理员在以下地址中可看到流水线的状态
-
其他命令
| 说明 | 命令 |
|---|---|
| 列出所有 | gitlab-runner list |
| 查看状态 | gitlab-runner status |
| 停止 | gitlab-runner stop |
| 启动 | gitlab-runner start |
| 重启 | gitlab-runner restart |