gitlab 离线安装问题解决:NOKEY,signature check fail

文章目录

  • 1,安装gitlab-ce-16
    • 1.1,rpm安装gitlab问题: NOKEY、signature check fail
    • 1.2, docker 启动 gitlab: ThreadError: can't create Thread: Operation not permitted
  • 2,安装gitlab-ce-14
    • 2.1 修改配置,重新编译
    • 2.2 root用户启动gitlab,查看数据目录权限
    • 2.3 登录web页面
    • 2.4 停止gitlab

1,安装gitlab-ce-16

1.1,rpm安装gitlab问题: NOKEY、signature check fail

解决办法

  • 参考:https://docs.gitlab.com/omnibus/update/package_signatures.html
  • rpm --import https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey/gitlab-gitlab-ce-3D645A26AB9FBD22.pub.gpg
# gitlab-ce-16可能会遇到以下问题
test1:/opt # rpm -ivh gitlab-ce-16.0.3-ce.0.el7.x86_64.rpm  --force
warning: gitlab-ce-16.0.3-ce.0.el7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID f27eab47: NOKEY
error: [upel]: gitlab-ce NOKEY
error: [upel]: gitlab-ce signature check fail
error: [upel]: gitlab-ce NOKEY
error: [upel]: gitlab-ce signature check fail

1.2, docker 启动 gitlab: ThreadError: can’t create Thread: Operation not permitted

  • 解决办法:添加参数 --privileged=true ,将docker容器提权到root
 docker run --privileged=true  -d --publish 8888:80  --name gitlab --restart always gitlab/gitlab-ce

2,安装gitlab-ce-14

虚拟机主机名cpu、内存配置启动gitlab后内存占用
c711core, 2g1.5G
# gitlab-ce-14 安装很顺利, 提示依赖问题(直接用--nodeps忽略即可)
[root@c74 ~]# rpm -ivh gitlab-ce-14.0.6-ce.0.el7.x86_64.rpm
warning: gitlab-ce-14.0.6-ce.0.el7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID f27eab47: NOKEY
error: Failed dependencies:policycoreutils-python is needed by gitlab-ce-14.0.6-ce.0.el7.x86_64[root@c71 ~]# rpm -ivh  gitlab-ce-14.0.6-ce.0.el7.x86_64.rpm --nodeps
...
It looks like GitLab has not been configured yet; skipping the upgrade script.*.                  *.***                 ********               *****.******             ***************            ********,,,,,,,,,***********,,,,,,,,,,,,,,,,,,,,*********,,,,,,,,,,,.,,,,,,,,,,,*******,,,,,,,,,,,,,,,,,,,,,*****,,,,,,,,,.,,,,,,,****,,,,,,.,,,***,,,,,*,._______ __  __          __/ ____(_) /_/ /   ____ _/ /_/ / __/ / __/ /   / __ `/ __ \/ /_/ / / /_/ /___/ /_/ / /_/ /\____/_/\__/_____/\__,_/_.___/Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:sudo gitlab-ctl reconfigureFor a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.mdHelp us improve the installation experience, let us know how we did with a 1 minute survey:
https://gitlab.fra1.qualtrics.com/jfe/form/SV_6kVqZANThUQ1bZb?installation=omnibus&release=14-0
#以下是 yum install 会下载的依赖包,此次仅作备忘记录
Dependency Installed:audit-libs-python.x86_64 0:2.8.5-4.el7   checkpolicy.x86_64 0:2.5-8.el7               libcgroup.x86_64 0:0.41-21.el7libsemanage-python.x86_64 0:2.5-14.el7   policycoreutils-python.x86_64 0:2.5-34.el7   python-IPy.noarch 0:0.75-6.el7setools-libs.x86_64 0:3.3.8-4.el7Dependency Updated:policycoreutils.x86_64 0:2.5-34.el7Complete!

2.1 修改配置,重新编译

#1,修改配置
[root@c71 gitlab]# grep ^external gitlab.rb
external_url 'http://192.168.56.71:8888'[root@c71 gitlab]# grep 'worker_process' gitlab.rb
# puma['worker_processes'] = 2puma['worker_processes'] = 1
# postgresql['max_worker_processes'] = 8postgresql['max_worker_processes'] = 1
# nginx['worker_processes'] = 4nginx['worker_processes'] = 1
# patroni['postgresql']['max_worker_processes'] = 8patroni['postgresql']['max_worker_processes'] = 1## 修改端口号(未验证是否正常启动):sed -E "s@#(.*port'\] = )'?([0-9]+)'?@\11\2@" gitlab.rb  |egrep "port'\] = '?[0-9]+'?"
#2,重新编译 (大概持续时间8分钟)
[root@c71 gitlab]# gitlab-ctl reconfigure
....* link[Link /opt/gitlab/embedded/service/gitlab-rails/.gitlab_shell_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret] action create- create symlink at /opt/gitlab/embedded/service/gitlab-rails/.gitlab_shell_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret* templatesymlink[Create a gitlab_pages_secret and create a symlink to Rails root] action create* template[/var/opt/gitlab/gitlab-rails/etc/gitlab_pages_secret] action create- create new file /var/opt/gitlab/gitlab-rails/etc/gitlab_pages_secret- update content in file /var/opt/gitlab/gitlab-rails/etc/gitlab_pages_secret from none to 9fa9a2- suppressed sensitive resource- change mode from '' to '0644'- change owner from '' to 'root'- change group from '' to 'root'- restore selinux security context* link[Link /opt/gitlab/embedded/service/gitlab-rails/.gitlab_pages_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_pages_secret] action create- create symlink at /opt/gitlab/embedded/service/gitlab-rails/.gitlab_pages_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_pages_secret....
Recipe: package::sysctl* execute[reload all sysctl conf] action run[execute] * Applying /usr/lib/sysctl.d/00-system.conf ...* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...kernel.yama.ptrace_scope = 0* Applying /usr/lib/sysctl.d/50-default.conf ...kernel.sysrq = 16kernel.core_uses_pid = 1net.ipv4.conf.default.rp_filter = 1net.ipv4.conf.all.rp_filter = 1net.ipv4.conf.default.accept_source_route = 0net.ipv4.conf.all.accept_source_route = 0net.ipv4.conf.default.promote_secondaries = 1net.ipv4.conf.all.promote_secondaries = 1fs.protected_hardlinks = 1fs.protected_symlinks = 1* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf ...kernel.sem = 250 32000 32 262* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmall.conf ...kernel.shmall = 4194304* Applying /etc/sysctl.d/90-omnibus-gitlab-kernel.shmmax.conf ...kernel.shmmax = 17179869184* Applying /etc/sysctl.d/90-omnibus-gitlab-net.core.somaxconn.conf ...net.core.somaxconn = 1024* Applying /etc/sysctl.d/99-sysctl.conf ...vm.max_map_count = 262144* Applying /etc/sysctl.conf ...vm.max_map_count = 262144- execute sysctl -e --system
Recipe: gitlab::gitlab-workhorse* runit_service[gitlab-workhorse] action restart (up to date)
Recipe: monitoring::node-exporter* runit_service[node-exporter] action restart (up to date)
Recipe: monitoring::gitlab-exporter* runit_service[gitlab-exporter] action restart (up to date)
Recipe: monitoring::redis-exporter* runit_service[redis-exporter] action restart (up to date)
Recipe: monitoring::prometheus* runit_service[prometheus] action restart (up to date)* execute[reload prometheus] action run- execute /opt/gitlab/bin/gitlab-ctl hup prometheus
Recipe: monitoring::alertmanager* runit_service[alertmanager] action restart (up to date)
Recipe: monitoring::postgres-exporter* runit_service[postgres-exporter] action restart (up to date)
Recipe: monitoring::grafana* runit_service[grafana] action restart (up to date)Running handlers:
Running handlers complete
Chef Infra Client finished, 572/1516 resources updated in 07 minutes 56 secondsNotes:
Default admin account has been configured with following details:
Username: root
Password: You didn't opt-in to print initial root password to STDOUT.
Password stored to /etc/gitlab/initial_root_password. This file will be cleaned up in first reconfigure run after 24 hours.NOTE: Because these credentials might be present in your log files in plain text, it is highly recommended to reset the password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.gitlab Reconfigured!

2.2 root用户启动gitlab,查看数据目录权限

#1,root启动gitlab (秒级启动)
[root@c71 gitlab]# gitlab-ctl start
ok: run: alertmanager: (pid 8342) 109s
ok: run: gitaly: (pid 8222) 112s
ok: run: gitlab-exporter: (pid 8229) 112s
ok: run: gitlab-workhorse: (pid 8182) 114s
ok: run: grafana: (pid 8364) 108s
ok: run: logrotate: (pid 5227) 542s
ok: run: nginx: (pid 6318) 453s
ok: run: node-exporter: (pid 8198) 113s
ok: run: postgres-exporter: (pid 8358) 109s
ok: run: postgresql: (pid 5595) 523s
ok: run: prometheus: (pid 8323) 111s
ok: run: puma: (pid 6095) 472s
ok: run: redis: (pid 5305) 536s
ok: run: redis-exporter: (pid 8237) 111s
ok: run: sidekiq: (pid 6161) 465s#2, 查看数据目录及权限
[root@c71 packs]# ll /var/opt/gitlab/
total 12
drwxr-x---. 3 gitlab-prometheus root        42 Oct 21 08:07 alertmanager
drwx------. 2 git               root         6 Oct 21 08:04 backups
-rw-------. 1 root              root        38 Oct 21 08:06 bootstrapped
drwx------. 3 git               root       123 Oct 21 08:12 gitaly
drwx------. 3 git               git         26 Oct 21 08:04 git-data
drwxr-xr-x. 3 git               root        20 Oct 21 08:04 gitlab-ci
drwxr-xr-x. 2 git               root        53 Oct 21 08:06 gitlab-exporter
drwxr-xr-x. 9 git               root       160 Oct 21 08:06 gitlab-rails
drwx------. 2 git               root        24 Oct 21 08:04 gitlab-shell
drwxr-x---. 3 git               gitlab-www  55 Oct 21 08:06 gitlab-workhorse
drwx------. 4 gitlab-prometheus root        83 Oct 21 08:11 grafana
drwx------. 3 root              root        71 Oct 21 08:15 logrotate
drwxr-x---. 9 root              gitlab-www 163 Oct 21 08:06 nginx
drwxr-xr-x. 3 root              root        32 Oct 21 08:06 node-exporter
drwx------. 2 gitlab-psql       root        26 Oct 21 08:07 postgres-exporter
drwxr-xr-x. 3 gitlab-psql       root        81 Oct 21 08:05 postgresql
drwxr-x---. 4 gitlab-prometheus root        53 Oct 21 08:07 prometheus
-rw-r--r--. 1 root              root       181 Oct 21 08:12 public_attributes.json
drwxr-x---. 2 gitlab-redis      git         60 Oct 21 08:15 redis
-rw-r--r--. 1 root              root        40 Oct 21 08:04 trusted-certs-directory-hash

2.3 登录web页面

获取root密码

[root@c74 ~]# cat /etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
#          1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
#          2. Password hasn't been changed manually, either via UI or via command line.
#
#          If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.Password: tqeVom/jSx0GlfrSFlI7DLSyhIVdoJmOxWlek5UF4bE=# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.

在这里插入图片描述

2.4 停止gitlab

[root@c71 gitlab]# free -htotal        used        free      shared  buff/cache   available
Mem:           1.8G        1.5G         74M         38M        246M        136M
Swap:          2.0G        1.0G        1.0G[root@c71 gitlab]# gitlab-ctl stop
ok: down: alertmanager: 1s, normally up
ok: down: gitaly: 0s, normally up
ok: down: gitlab-exporter: 0s, normally up
ok: down: gitlab-workhorse: 0s, normally up
ok: down: grafana: 1s, normally up
ok: down: logrotate: 0s, normally up
ok: down: nginx: 1s, normally up
ok: down: node-exporter: 0s, normally up
ok: down: postgres-exporter: 1s, normally up
ok: down: postgresql: 0s, normally up
ok: down: prometheus: 0s, normally up
ok: down: puma: 0s, normally up
ok: down: redis: 0s, normally up
ok: down: redis-exporter: 0s, normally up
ok: down: sidekiq: 0s, normally up[root@c71 gitlab]# free -htotal        used        free      shared  buff/cache   available
Mem:           1.8G        111M        1.3G          9M        357M        1.5G
Swap:          2.0G         52M        1.9G[root@c71 gitlab]# ps -ef |grep gitlab
root      5171     1  0 08:04 ?        00:00:00 runsvdir -P /opt/gitlab/service log: ...........................................................................................................................................................................................................................................................................................................................................................................................................
root      5276  5225  0 08:05 ?        00:00:00 svlogd -tt /var/log/gitlab/logrotate
root      5319  5303  0 08:05 ?        00:00:00 svlogd -tt /var/log/gitlab/redis
root      5415  5381  0 08:05 ?        00:00:00 svlogd /var/log/gitlab/gitaly
root      5660  5593  0 08:05 ?        00:00:00 svlogd -tt /var/log/gitlab/postgresql
root      6128  6093  0 08:06 ?        00:00:00 svlogd -tt /var/log/gitlab/puma
root      6185  6159  0 08:06 ?        00:00:00 svlogd /var/log/gitlab/sidekiq
root      6222  5171  0 08:06 ?        00:00:00 runsv gitlab-workhorse
root      6245  6222  0 08:06 ?        00:00:00 svlogd /var/log/gitlab/gitlab-workhorse
root      6332  6316  0 08:06 ?        00:00:00 svlogd -tt /var/log/gitlab/nginx
root      6412  6391  0 08:06 ?        00:00:00 svlogd -tt /var/log/gitlab/node-exporter
root      6464  5171  0 08:06 ?        00:00:00 runsv gitlab-exporter
root      6476  6464  0 08:06 ?        00:00:00 svlogd -tt /var/log/gitlab/gitlab-exporter
root      6572  6547  0 08:06 ?        00:00:00 svlogd -tt /var/log/gitlab/redis-exporter
root      6753  6731  0 08:07 ?        00:00:00 svlogd -tt /var/log/gitlab/prometheus
root      6892  6845  0 08:07 ?        00:00:00 svlogd -tt /var/log/gitlab/alertmanager
root      7015  6993  0 08:07 ?        00:00:00 svlogd -tt /var/log/gitlab/postgres-exporter
root      7893  7849  0 08:11 ?        00:00:00 svlogd -tt /var/log/gitlab/grafana
root     29673  7085  0 08:51 pts/1    00:00:00 grep --color=auto gitlab

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.rhkb.cn/news/166709.html

如若内容造成侵权/违法违规/事实不符,请联系长河编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

陪诊小程序|陪诊小程序关爱健康,无忧陪伴

随着社会发展和人们生活水平的提高,健康问题成为人们关注的焦点。然而,在就医过程中,许多患者常常感到孤独和无助,缺乏得到家人陪伴的温暖与安慰。为了解决这一问题,我们公司开发了一款创新的陪诊小程序软件&#xff0…

迁移conda环境后,非root用户执行pip命令和jupyter命令报错/bad interpreter: Permission denied

移动conda环境,在移动的环境执行pip和jupyter 报错-bash: /data/home/用户名/anaconda3/envs/llm/bin/pip: /root/anaconda3/envs/llm/bin/python: bad interpreter: Permission denied 报错信息 一、原因 原因是当前的这个data/home/用户名/anaconda3/envs/环境名…

POSIX信号量

目录 信号量的原理 信号量函数 使用信号量实现线程互斥功能 基于环形队列的生产消费模型 生产者和消费者必须遵守的两个规则 信号量的原理 通过之前的学习,我们知道有的资源可能会被多个执行流同时申请访问,我们将这种资源叫做临界资源&#xff0c…

记录一次线下渗透电气照明系统(分析与实战)

项目地址:https://github.com/MartinxMax/S-Clustr 注意 本次行动未造成任何设备损坏,并在道德允许范围内测试 >ethical hacking< 发现过程 在路途中,发现一个未锁的配电柜,身为一个电工自然免不了好奇心(非专业人士请勿模仿,操作不当的话220V人就直了) 根据照片,简…

算法__中缀表达式转后缀表达式

文章目录 概念算法中缀转后缀案例讲解 后缀算值案例讲解 概念 中缀表达式就是日常生活中遇到的运算表达式&#xff0c;例如a*(b-c)&#xff1b; 后缀表达式则是另一种运算表达式&#xff0c;其特点在于运算符在对象后&#xff0c;且表达式中没有括号&#xff0c;例如abc-* 算…

观察者模式-对象间的联动

有个商城小程序&#xff0c;用户希望当有新品上市的时候能通知他们。这样用户就可以不要时刻盯着小程序了。在这个场景中&#xff0c;用户向小程序订阅了一个服务——发送新品短信。小程序在有新品上线时负责向订阅客户发出这个消息。 这就是发布-订阅模式&#xff0c;也称观察…

Python基础教程:内置函数之字典函数的使用方法

嗨喽~大家好呀&#xff0c;这里是魔王呐 ❤ ~! python更多源码/资料/解答/教程等 点击此处跳转文末名片免费获取 len(字典名)&#xff1a; 返回键的个数&#xff0c;即字典的长度 # len(字典名)&#xff1a; # 返回键的个数&#xff0c;即字典的长度dic {a:123,b:456,c:789…

Linux——shell外壳程序

shell外壳程序 1. 什么是shell外壳程序 Linux严格意义上说的是一个操作系统&#xff0c;我们称之为“核心 “ &#xff0c;但我们一般用户&#xff0c;不能直接使用核心。 而是通过核心的“外壳”程序&#xff0c;也就是所谓的shell。 shell是所有外壳程序的统称 平时程序员…

CLIP模型原理

CLIP模型 CLIP(Contrastive Language-Image Pre-Training) 模型是 OpenAI 在 2021 年初发布的用于匹配图像和文本的预训练神经网络模型&#xff0c;是近年来在多模态研究领域的经典之作。OpenAI 收集了 4 亿对图像 - 文本对&#xff08;一张图像和它对应的文本描述&#xff09…

shell的for循环与结构化

shell笔记 列表for循环不带列表for循环for循环举例1.例1 所有文件名大写替换为小写2. 例2 读取/etc/passwd文件&#xff0c;依次输出ip段3. 例3 读取/etc/hosts内容for循环&#xff0c;执行ping4. 例4 循环ip列表&#xff0c;输出对应编号5. 例5 批量添加用户 break1. 例1 brea…

FPGA project : IIC_wr_eeprom

简介&#xff1a; 简单双向二线制&#xff0c;同步串行总线。 scl&#xff1a;串行时钟线&#xff0c;用于同步通讯数据。 sda&#xff1a;双向串行数据线。 物理层&#xff1a; 1&#xff0c;支持挂载多设备。 2&#xff0c;二线制。 3&#xff0c;每个设备有其单独的地…

安装visual studio报错“无法安装msodbcsql“

在安装visual studio2022时安装完成后提示无法安装msodbcsql, 查看日志文件详细信息提示&#xff1a;指定账户已存在。 未能安装包“msodbcsql,version17.2.30929.1,chipx64,languagezh-CN”。 搜索 URL https://aka.ms/VSSetupErrorReports?qPackageIdmsodbcsql;PackageActi…

分布式缓存Spring Cache

一、缓存里的数据如何和数据库的数据保持一致&#xff1f; 缓存数据一致性1)、双写模式2)、失效模式1、缓存数据一致性-双写模式 2、 缓存数据一致性-失效模式 我们系统的一致性解决方案: 1、缓存的所有数据都有过期时间&#xff0c;数据过期下一次查询触发主动更新 2、读写数据…

Android 10 中的隐私权变更

Android 10 中的隐私权变更 重大变更外部存储访问权限范围限定为应用文件和媒体在后台运行时访问设备位置信息需要权限以 Android 9 或更低版本为目标平台时自动授予访问权限在设备升级到 Android 10 后访问针对从后台启动 Activity 的限制标识符和数据移除了联系人亲密程度信息…

JIT耗时优化

优质博文&#xff1a;IT-BLOG-CN 一、背景 业务流量突增&#xff0c;机器直接接入大量流量QPS2000&#xff0c;JIT和GC会消耗太多CPU资源&#xff0c;导致1-2分钟时间内的请求超时导致异常&#xff0c;因此采用流量预热的方式&#xff0c;让机器逐步接入流量&#xff0c;需要预…

go语言Array 与 Slice

有的语言会把数组用作常用的基本的数据结构&#xff0c;比如 JavaScript&#xff0c;而 Golang 中的数组(Array)&#xff0c;更倾向定位于一种底层的数据结构&#xff0c;记录的是一段连续的内存空间数据。但是在 Go 语言中平时直接用数组的时候不多&#xff0c;大多数场景下我…

【Lua语法】字符串

Lua语言中的字符串是不可变值。不能像在C语言中那样直接改变某个字符串中的某个字符&#xff0c;但是可以通过创建一个新字符串的方式来达到修改的目的 print(add2(1 , 2 ,15,3))a "no one"b string.gsub(a , "no" , "on1111")print(a) print…

微软正式发布开源应用平台 Radius平台

“ 10 月 18 日&#xff0c;微软 Azure 孵化团队正式发布开源应用平台 Radius&#xff0c;该平台将应用程序置于每个开发阶段的中心&#xff0c;重新定义应用程序的构建、管理与理解方式。” 简单的概括就是&#xff0c;它和Kubernetes不一样&#xff0c;Radius将应用程序放在每…

C语言--程序环境和预处理

前言 本章就是c语言的最后一个板块了&#xff0c;学完这章节&#xff0c;我们将知道写出的代码如何变成可执行程序的&#xff0c;这是非常重要的一个章节&#xff0c;那让我们一起进入本章的学习吧。 本章重点&#xff1a; 程序的翻译环境程序的执行环境详解&#xff1a;C语言程…

周立功ZCANPRO简介和使用

ZCANPRO目录 周立功ZCANPRO简介一、软件安装ZCANPRO官网链接&#xff1a;驱动官网链接 二、ZCANPRO使用1.设备管理2.选择CAN、CANFD波特率计算器使用方法&#xff08;可选&#xff09; 3.新建视图CAN视图DBC视图 4.发送数据普通发送DBC发送 三、高级功能UDS诊断 周立功ZCANPRO简…