GitLab Docker 镜像 所有层自我管理

The GitLab Docker images are monolithic images of GitLab running all the necessary services in a single container.
GitLab Docker 镜像是 GitLab 在单个容器中运行所有必要服务的单体镜像。

Find the GitLab official Docker image at:
在以下位置找到 GitLab 官方 Docker 镜像：

• GitLab Docker image in Docker Hub
  Docker Hub 中的 GitLab Docker 镜像

The Docker images don’t include a mail transport agent (MTA). The recommended solution is to add an MTA (such as Postfix or Sendmail) running in a separate container. As another option, you can install an MTA directly in the GitLab container, but this adds maintenance overhead as you’ll likely need to reinstall the MTA after every upgrade or restart.
Docker 映像不包括邮件传输代理 （MTA）。建议的解决方案是添加在单独的容器中运行的 MTA（如 Postfix 或 Sendmail）。另一种选择是，您可以直接在 GitLab 容器中安装 MTA，但这会增加维护开销，因为您可能需要在每次升级或重新启动后重新安装 MTA。

In the following examples, if you want to use the latest RC image, use gitlab/gitlab-ee:rc instead.
在以下示例中，如果要使用最新的 RC 映像，请改用 gitlab/gitlab-ee:rc 。

You should not deploy the GitLab Docker image in Kubernetes as it creates a single point of failure. If you want to deploy GitLab in Kubernetes, the GitLab Helm Chart or GitLab Operator should be used instead.
您不应该在 Kubernetes 中部署 GitLab Docker 镜像，因为它会造成单点故障。如果要在 Kubernetes 中部署 GitLab，应改用 GitLab Helm Chart 或 GitLab Operator。

caution

Docker for Windows is not officially supported. There are known issues with volume permissions, and potentially other unknown issues. If you are trying to run on Docker for Windows, see the getting help page for links to community resources (such as IRC or forums) to seek help from other users.
Docker for Windows 不受官方支持。卷权限存在已知问题，并可能存在其他未知问题。如果您尝试在 Docker for Windows 上运行，请参阅获取帮助页面以获取社区资源（例如 IRC 或论坛）的链接，以寻求其他用户的帮助。

Prerequisites 先决条件

To use the GitLab Docker images:
要使用 GitLab Docker 镜像：

• You must install Docker. 您必须安装 Docker。
• You must use a valid externally-accessible hostname. Do not use localhost.
  您必须使用有效的可从外部访问的主机名。请勿使用 localhost .

Set up the volumes location

设置卷位置

Before setting everything else, configure a new environment variable $GITLAB_HOME pointing to the directory where the configuration, logs, and data files will reside. Ensure that the directory exists and appropriate permission have been granted.
在设置其他所有内容之前，请配置一个新的环境变量，该变量 $GITLAB_HOME 指向配置、日志和数据文件所在的目录。确保目录存在，并且已授予适当的权限。

For Linux users, set the path to /srv/gitlab:
对于 Linux 用户，请将路径设置为 /srv/gitlab ：

export GITLAB_HOME=/srv/gitlab

For macOS users, use the user’s $HOME/gitlab directory:
对于 macOS 用户，请使用用户的 $HOME/gitlab 目录：

export GITLAB_HOME=$HOME/gitlab

The GITLAB_HOME environment variable should be appended to your shell’s profile so it is applied on all future terminal sessions:
GITLAB_HOME 环境变量应附加到 shell 的配置文件中，以便将其应用于所有将来的终端会话：

• Bash: ~/.bash_profile 抨击： ~/.bash_profile
• ZSH: ~/.zshrc ZSH： ~/.zshrc

The GitLab container uses host mounted volumes to store persistent data:
GitLab 容器使用主机挂载的卷来存储持久化数据：

Local location 当地位置	Container location 集装箱位置	Usage 用法
$GITLAB_HOME/data	/var/opt/gitlab	For storing application data.
用于存储应用程序数据。
$GITLAB_HOME/logs	/var/log/gitlab	For storing logs. 用于存储日志。
$GITLAB_HOME/config	/etc/gitlab	For storing the GitLab configuration files.
用于存储 GitLab 配置文件。

Installation 安装

The GitLab Docker images can be run in multiple ways:
GitLab Docker 镜像可以通过多种方式运行：

• Using Docker Engine 使用 Docker 引擎
• Using Docker Compose 使用 Docker Compose
• Using Docker swarm mode
  使用 Docker swarm 模式

Install GitLab using Docker Engine

使用 Docker Engine 安装 GitLab

You can fine tune these directories to meet your requirements. Once you’ve set up the GITLAB_HOME variable, you can run the image:
您可以微调这些目录以满足您的要求。设置 GITLAB_HOME 变量后，可以运行映像：

sudo docker run --detach \
  --hostname gitlab.example.com \
  --publish 443:443 --publish 80:80 --publish 22:22 \
  --name gitlab \
  --restart always \
  --volume $GITLAB_HOME/config:/etc/gitlab \
  --volume $GITLAB_HOME/logs:/var/log/gitlab \
  --volume $GITLAB_HOME/data:/var/opt/gitlab \
  --shm-size 256m \
  gitlab/gitlab-ee:latest

This will download and start a GitLab container and publish ports needed to access SSH, HTTP and HTTPS. All GitLab data will be stored as subdirectories of $GITLAB_HOME. The container will automatically restart after a system reboot.
这将下载并启动访问 SSH、HTTP 和 HTTPS 所需的 GitLab 容器和发布端口。所有 GitLab 数据都将存储为 $GITLAB_HOME 的子目录。系统重新启动后，容器将自动 restart 执行。

If you are on SELinux, then run this instead:
如果您使用的是 SELinux，请改为运行以下命令：

sudo docker run --detach \
  --hostname gitlab.example.com \
  --publish 443:443 --publish 80:80 --publish 22:22 \
  --name gitlab \
  --restart always \
  --volume $GITLAB_HOME/config:/etc/gitlab:Z \
  --volume $GITLAB_HOME/logs:/var/log/gitlab:Z \
  --volume $GITLAB_HOME/data:/var/opt/gitlab:Z \
  --shm-size 256m \
  gitlab/gitlab-ee:latest

This will ensure that the Docker process has enough permissions to create the configuration files in the mounted volumes.
这将确保 Docker 进程具有足够的权限在装载的卷中创建配置文件。

If you’re using the Kerberos integration (PREMIUM ONLY), you must also publish your Kerberos port (for example, --publish 8443:8443). Failing to do so prevents Git operations with Kerberos.
如果您使用的是 Kerberos 集成（仅限 PREMIUM），则还必须发布 Kerberos 端口（例如， --publish 8443:8443 ）。如果不这样做，则会阻止使用 Kerberos 执行 Git 操作。

The initialization process may take a long time. You can track this process with:
初始化过程可能需要很长时间。您可以通过以下方式跟踪此过程：

sudo docker logs -f gitlab

After starting a container you can visit gitlab.example.com (or http://192.168.59.103 if you used boot2docker on macOS). It might take a while before the Docker container starts to respond to queries.
启动容器后，您可以访问 gitlab.example.com （或者 http://192.168.59.103 如果您在 macOS 上使用 boot2docker）。Docker 容器可能需要一段时间才能开始响应查询。

Visit the GitLab URL, and sign in with the username root and the password from the following command:
访问 GitLab URL，然后使用以下命令中的用户名 root 和密码登录：

sudo docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password

note

The password file will be automatically deleted in the first reconfigure run after 24 hours.
密码文件将在 24 小时后的第一次重新配置运行中自动删除。

Install GitLab using Docker Compose

使用 Docker Compose 安装 GitLab

With Docker Compose you can easily configure, install, and upgrade your Docker-based GitLab installation:
使用 Docker Compose，您可以轻松配置、安装和升级基于 Docker 的 GitLab 安装：

1. Install Docker Compose. 安装 Docker Compose。

2. Create a docker-compose.yml file: 创建 docker-compose.yml 文件：

   version: '3.6'
   services:
     web:
       image: 'gitlab/gitlab-ee:latest'
       restart: always
       hostname: 'gitlab.example.com'
       environment:
         GITLAB_OMNIBUS_CONFIG: |
           external_url 'https://gitlab.example.com'
           # Add any other gitlab.rb configuration here, each on its own line
       ports:
         - '80:80'
         - '443:443'
         - '22:22'
       volumes:
         - '$GITLAB_HOME/config:/etc/gitlab'
         - '$GITLAB_HOME/logs:/var/log/gitlab'
         - '$GITLAB_HOME/data:/var/opt/gitlab'
       shm_size: '256m'
   

3. Make sure you are in the same directory as docker-compose.yml and start GitLab:
   确保您与 docker-compose.yml GitLab 位于同一目录中并启动：

   docker compose up -d
   

note

Read the “Pre-configure Docker container” section to see how the GITLAB_OMNIBUS_CONFIG variable works.
阅读“预配置 Docker 容器”部分，了解变量 GITLAB_OMNIBUS_CONFIG 的工作原理。

Below is another docker-compose.yml example with GitLab running on a custom HTTP and SSH port. Notice how the GITLAB_OMNIBUS_CONFIG variables match the ports section:
下面是另一个 GitLab docker-compose.yml 在自定义 HTTP 和 SSH 端口上运行的示例。请注意变量 GITLAB_OMNIBUS_CONFIG 如何与 ports 该部分匹配：

version: '3.6'
services:
  web:
    image: 'gitlab/gitlab-ee:latest'
    restart: always
    hostname: 'gitlab.example.com'
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://gitlab.example.com:8929'
        gitlab_rails['gitlab_shell_ssh_port'] = 2224
    ports:
      - '8929:8929'
      - '2224:22'
    volumes:
      - '$GITLAB_HOME/config:/etc/gitlab'
      - '$GITLAB_HOME/logs:/var/log/gitlab'
      - '$GITLAB_HOME/data:/var/opt/gitlab'
    shm_size: '256m'

This is the same as using --publish 8929:8929 --publish 2224:22.
这与使用 --publish 8929:8929 --publish 2224:22 .

Install GitLab using Docker swarm mode

使用 Docker swarm 模式安装 GitLab

With Docker swarm mode, you can easily configure and deploy your Docker-based GitLab installation in a swarm cluster.
使用 Docker swarm 模式，您可以在 swarm 集群中轻松配置和部署基于 Docker 的 GitLab 安装。

In swarm mode you can leverage Docker secrets and Docker configurations to efficiently and securely deploy your GitLab instance. Secrets can be used to securely pass your initial root password without exposing it as an environment variable. Configurations can help you to keep your GitLab image as generic as possible.
在 swarm 模式下，您可以利用 Docker 密钥和 Docker 配置来高效、安全地部署 GitLab 实例。机密可用于安全地传递初始 root 密码，而无需将其公开为环境变量。配置可以帮助您使 GitLab 映像尽可能通用。

Here’s an example that deploys GitLab with four runners as a stack, using secrets and configurations:
下面是一个示例，它使用机密和配置将具有四个运行器的 GitLab 部署为堆栈：

1. Set up a Docker swarm.
   设置 Docker swarm。

2. Create a docker-compose.yml file: 创建 docker-compose.yml 文件：

   version: "3.6"
   services:
     gitlab:
       image: gitlab/gitlab-ee:latest
       ports:
         - "22:22"
         - "80:80"
         - "443:443"
       volumes:
         - $GITLAB_HOME/data:/var/opt/gitlab
         - $GITLAB_HOME/logs:/var/log/gitlab
         - $GITLAB_HOME/config:/etc/gitlab
       shm_size: '256m'
       environment:
         GITLAB_OMNIBUS_CONFIG: "from_file('/omnibus_config.rb')"
       configs:
         - source: gitlab
           target: /omnibus_config.rb
       secrets:
         - gitlab_root_password
     gitlab-runner:
       image: gitlab/gitlab-runner:alpine
       deploy:
         mode: replicated
         replicas: 4
   configs:
     gitlab:
       file: ./gitlab.rb
   secrets:
     gitlab_root_password:
       file: ./root_password.txt
   

   For simplicity reasons, the network configuration was omitted. More information can be found in the official Compose file reference.
   为简单起见，省略了该 network 配置。更多信息可以在官方 Compose 文件参考中找到。

3. Create a gitlab.rb file: 创建 gitlab.rb 文件：

   external_url 'https://my.domain.com/'
   gitlab_rails['initial_root_password'] = File.read('/run/secrets/gitlab_root_password').gsub("\n", "")
   

4. Create a root_password.txt file: 创建 root_password.txt 文件：

   MySuperSecretAndSecurePassw0rd!
   

5. Make sure you are in the same directory as docker-compose.yml and run:
   确保您位于同一目录中， docker-compose.yml 然后运行：

   docker stack deploy --compose-file docker-compose.yml mystack
   

Configuration 配置

This container uses the official Linux package, so all configuration is done in the unique configuration file /etc/gitlab/gitlab.rb.
此容器使用官方的Linux软件包，因此所有配置都在唯一的配置文件中完成 /etc/gitlab/gitlab.rb 。

To access the GitLab configuration file, you can start a shell session in the context of a running container. This will allow you to browse all directories and use your favorite text editor:
要访问 GitLab 配置文件，您可以在正在运行的容器的上下文中启动 shell 会话。这将允许您浏览所有目录并使用您喜欢的文本编辑器：

sudo docker exec -it gitlab /bin/bash

You can also just edit /etc/gitlab/gitlab.rb:
您也可以编辑 /etc/gitlab/gitlab.rb ：

sudo docker exec -it gitlab editor /etc/gitlab/gitlab.rb

Once you open /etc/gitlab/gitlab.rb make sure to set the external_url to point to a valid URL.
打开 /etc/gitlab/gitlab.rb 后，请确保将指向 external_url 指向有效的 URL。

To receive emails from GitLab you have to configure the SMTP settings because the GitLab Docker image doesn’t have an SMTP server installed. You may also be interested in enabling HTTPS.
要接收来自 GitLab 的电子邮件，您必须配置 SMTP 设置，因为 GitLab Docker 映像没有安装 SMTP 服务器。您可能还对启用 HTTPS 感兴趣。

After you make all the changes you want, you will need to restart the container to reconfigure GitLab:
完成所需的所有更改后，需要重新启动容器以重新配置 GitLab：

sudo docker restart gitlab

GitLab will reconfigure itself whenever the container starts. For more options about configuring GitLab, check the configuration documentation.
每当容器启动时，GitLab 都会重新配置自身。有关配置 GitLab 的更多选项，请查看配置文档。

Pre-configure Docker container

预配置 Docker 容器

You can pre-configure the GitLab Docker image by adding the environment variable GITLAB_OMNIBUS_CONFIG to Docker run command. This variable can contain any gitlab.rb setting and is evaluated before the loading of the container’s gitlab.rb file. This behavior allows you to configure the external GitLab URL, and make database configuration or any other option from the Linux package template. The settings contained in GITLAB_OMNIBUS_CONFIG aren’t written to the gitlab.rb configuration file, and are evaluated on load.
您可以通过在 Docker run 命令中添加环境变量 GITLAB_OMNIBUS_CONFIG 来预配置 GitLab Docker 镜像。此变量可以包含任何 gitlab.rb 设置，并在加载容器 gitlab.rb 文件之前进行评估。此行为允许您配置外部 GitLab URL，并从 Linux 包模板进行数据库配置或任何其他选项。中包含的 GITLAB_OMNIBUS_CONFIG 设置不会写入配置文件， gitlab.rb 而是在加载时进行评估。

Here’s an example that sets the external URL and enables LFS while starting the container:
以下示例设置外部 URL 并在启动容器时启用 LFS：

sudo docker run --detach \
  --hostname gitlab.example.com \
  --env GITLAB_OMNIBUS_CONFIG="external_url 'http://my.domain.com/'; gitlab_rails['lfs_enabled'] = true;" \
  --publish 443:443 --publish 80:80 --publish 22:22 \
  --name gitlab \
  --restart always \
  --volume $GITLAB_HOME/config:/etc/gitlab \
  --volume $GITLAB_HOME/logs:/var/log/gitlab \
  --volume $GITLAB_HOME/data:/var/opt/gitlab \
  --shm-size 256m \
  gitlab/gitlab-ee:latest

Every time you execute a docker run command, you need to provide the GITLAB_OMNIBUS_CONFIG option. The content of GITLAB_OMNIBUS_CONFIG is not preserved between subsequent runs.
每次执行 docker run 命令时，都需要提供该 GITLAB_OMNIBUS_CONFIG 选项。的内容 GITLAB_OMNIBUS_CONFIG 不会在后续运行之间保留。

Use tagged versions of GitLab

使用 GitLab 的标记版本

Tagged versions of the GitLab Docker images are also provided. To see all available tags see:
还提供了 GitLab Docker 映像的标记版本。要查看所有可用标签，请参阅：

• GitLab CE tags GitLab CE标签
• GitLab EE tags GitLab EE 标签

To use a specific tagged version, replace gitlab/gitlab-ee:latest with the GitLab version you want to run, for example gitlab/gitlab-ee:12.1.3-ce.0.
要使用特定的标记版本，请替换为 gitlab/gitlab-ee:latest 要运行的 GitLab 版本，例如 gitlab/gitlab-ee:12.1.3-ce.0 。

Run GitLab on a public IP address

在公共 IP 地址上运行 GitLab

You can make Docker to use your IP address and forward all traffic to the GitLab container by modifying the --publish flag.
您可以通过修改 --publish 标志使 Docker 使用您的 IP 地址并将所有流量转发到 GitLab 容器。

To expose GitLab on IP 198.51.100.1:
要在 IP 198.51.100.1 上公开 GitLab：

sudo docker run --detach \
  --hostname gitlab.example.com \
  --publish 198.51.100.1:443:443 \
  --publish 198.51.100.1:80:80 \
  --publish 198.51.100.1:22:22 \
  --name gitlab \
  --restart always \
  --volume $GITLAB_HOME/config:/etc/gitlab \
  --volume $GITLAB_HOME/logs:/var/log/gitlab \
  --volume $GITLAB_HOME/data:/var/opt/gitlab \
  --shm-size 256m \
  gitlab/gitlab-ee:latest

You can then access your GitLab instance at http://198.51.100.1/ and https://198.51.100.1/.
然后，您可以在 和 https://198.51.100.1/ 访问 http://198.51.100.1/ 您的 GitLab 实例。

Expose GitLab on different ports

在不同的端口上暴露 GitLab

GitLab will occupy some ports inside the container.
GitLab 将占用容器内的一些端口。

If you want to use a different host port than 80 (HTTP) or 443 (HTTPS), you need to add a separate --publish directive to the docker run command.
如果要使用与 80 （HTTP） 或 443 （HTTPS） 不同的主机端口，则需要向 docker run 命令添加单独的 --publish 指令。

For example, to expose the web interface on the host’s port 8929, and the SSH service on port 2289:
例如，要在主机的端口 8929 上公开 Web 界面，在端口 2289 上公开 SSH 服务：

1. Use the following docker run command:
   使用以下 docker run 命令：

   sudo docker run --detach \
     --hostname gitlab.example.com \
     --publish 8929:8929 --publish 2289:22 \
     --name gitlab \
     --restart always \
     --volume $GITLAB_HOME/config:/etc/gitlab \
     --volume $GITLAB_HOME/logs:/var/log/gitlab \
     --volume $GITLAB_HOME/data:/var/opt/gitlab \
     --shm-size 256m \
     gitlab/gitlab-ee:latest
   

   note

   The format for publishing ports is hostPort:containerPort. Read more in the Docker documentation about exposing incoming ports.
   发布端口的格式为 hostPort:containerPort 。在 Docker 文档中阅读有关公开传入端口的详细信息。

2. Enter the running container:
   进入正在运行的容器：

   sudo docker exec -it gitlab /bin/bash
   

3. Open /etc/gitlab/gitlab.rb with your editor and set external_url:
   使用编辑器打开 /etc/gitlab/gitlab.rb 并设置 external_url ：

   # For HTTP
   external_url "http://gitlab.example.com:8929"
   
   or
   
   # For HTTPS (notice the https)
   external_url "https://gitlab.example.com:8929"
   

   The port specified in this URL must match the port published to the host by Docker. Additionally, if the NGINX listen port is not explicitly set in nginx['listen_port'], it will be pulled from the external_url. For more information see the NGINX documentation.
   此 URL 中指定的端口必须与 Docker 发布到主机的端口匹配。此外，如果 中未明确设置 NGINX 侦听端口 nginx['listen_port'] ，则将从 中提取 external_url 该端口。有关更多信息，请参阅 NGINX 文档。

4. Set gitlab_shell_ssh_port: 设置 gitlab_shell_ssh_port ：

   gitlab_rails['gitlab_shell_ssh_port'] = 2289
   

5. Finally, reconfigure GitLab:
   最后，重新配置 GitLab：

   gitlab-ctl reconfigure
   

Following the above example, you will be able to reach GitLab from your web browser under <hostIP>:8929 and push using SSH under the port 2289.
按照上面的例子，您将能够从您的网络浏览器访问 <hostIP>:8929 GitLab，并在端口 2289 下使用 SSH 进行推送。

A docker-compose.yml example that uses different ports can be found in the Docker compose section.
可以在 Docker compose 部分找到使用不同端口的 docker-compose.yml 示例。

Configure multiple database connections

配置多个数据库连接

In GitLab 16.0, GitLab defaults to using two database connections that point to the same PostgreSQL database.
在 GitLab 16.0 中，GitLab 默认使用指向同一 PostgreSQL 数据库的两个数据库连接。

If, for any reason, you wish to switch back to single database connection:
如果出于任何原因希望切换回单个数据库连接：

1. Edit /etc/gitlab/gitlab.rb inside the container:
   在容器内编辑 /etc/gitlab/gitlab.rb ：

   sudo docker exec -it gitlab editor /etc/gitlab/gitlab.rb
   

2. Add the following line:
   添加以下行：

   gitlab_rails['databases']['ci']['enable'] = false
   

3. Restart the container: 重新启动容器：

sudo docker restart gitlab

Recommended next steps 建议的后续步骤

After completing your installation, consider taking the recommended next steps, including authentication options and sign-up restrictions.
完成安装后，请考虑执行建议的后续步骤，包括身份验证选项和注册限制。

Upgrade 升级

In most cases, upgrading GitLab is as easy as downloading the newest Docker image tag.
在大多数情况下，升级 GitLab 就像下载最新的 Docker 镜像标签一样简单。

Upgrade GitLab using Docker Engine

使用 Docker Engine 升级 GitLab

To upgrade GitLab that was installed using Docker Engine:
要升级使用 Docker Engine 安装的 GitLab：

1. Take a backup. As a minimum, back up the database and the GitLab secrets file.
   进行备份。至少备份数据库和 GitLab 机密文件。

2. Stop the running container:
   停止正在运行的容器：

   sudo docker stop gitlab
   

3. Remove the existing container:
   删除现有容器：

   sudo docker rm gitlab
   

4. Pull the new image. For example, the latest GitLab image:
   拉取新映像。例如，最新的 GitLab 镜像：

   sudo docker pull gitlab/gitlab-ee:latest
   

5. Ensure that the GITLAB_HOME environment variable is defined:
   确保定义 GITLAB_HOME 了环境变量：

   echo $GITLAB_HOME
   

6. Create the container once again with the previously specified options:
   使用前面指定的选项再次创建容器：

   sudo docker run --detach \
   --hostname gitlab.example.com \
   --publish 443:443 --publish 80:80 --publish 22:22 \
   --name gitlab \
   --restart always \
   --volume $GITLAB_HOME/config:/etc/gitlab \
   --volume $GITLAB_HOME/logs:/var/log/gitlab \
   --volume $GITLAB_HOME/data:/var/opt/gitlab \
   --shm-size 256m \
   gitlab/gitlab-ee:latest
   

On the first run, GitLab will reconfigure and upgrade itself.
在第一次运行时，GitLab 将重新配置和升级自身。

Refer to the GitLab Upgrade recommendations when upgrading between versions.
在版本之间升级时，请参阅 GitLab 升级建议。

Upgrade GitLab using Docker compose

使用 Docker compose 升级 GitLab

To upgrade GitLab that was installed using Docker Compose:
要升级使用 Docker Compose 安装的 GitLab，请执行以下操作：

1. Take a backup. As a minimum, back up the database and the GitLab secrets file.
   进行备份。至少备份数据库和 GitLab 机密文件。

2. Download the newest release and upgrade your GitLab instance:
   下载最新版本并升级您的 GitLab 实例：

   docker compose pull
   docker compose up -d
   

   If you have used tags instead, you’ll need to first edit docker-compose.yml.
   如果您改用了标签，则需要先编辑 docker-compose.yml 。