gpt4 book ai didi

docker - 为什么 gitlab-registry.key 是 "skipped due to only_if"?

转载 作者:行者123 更新时间:2023-12-02 17:49:16 30 4
gpt4 key购买 nike

使用 Docker 和 Compose,我试图将 Gitlab 与作为另一个服务运行的外部注册表配对。我正在使用 Traefik 这样做。为了配对 Gitlab 和 Registry 服务,我需要 Gitlab 在 /var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key 创建一个 key ,但我可以在启动期间在日志中看到它没有发生......我怀疑我没有设置我需要的所有环境变量?

docker-compose.yml

version: "3.7"

services:
traefik:
container_name: traefik
image: "traefik:v2.2.0"
hostname: "traefik.${WEBSITE}"
restart: always
ports:
- "443:443"
- "5000:5000"
command: --configFile=/config/traefik.toml
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./traefik:/config:ro"
- "/certs/letsencrypt/acme.json:/letsencrypt/acme.json"


gitlab:
container_name: gitlab
image: gitlab/gitlab-ce:latest
hostname: "git.${WEBSITE}"
restart: always
depends_on:
- traefik
labels:
- "traefik.enable=true"
- "traefik.http.routers.git.tls=true"
- "traefik.http.routers.git.tls.certresolver=letsencrypt"
- "traefik.http.routers.git.entrypoints=web"
- "traefik.http.routers.git.rule=host(`git.${WEBSITE}`)"
- "traefik.http.routers.git.service=git"
- "traefik.http.services.git.loadbalancer.server.port=80"
ports:
- "22:22"
environment:
gitlab_omnibus_config: |
gitlab_rails['gitlab_shell_ssh_port'] = 22
external_url "https://git.${WEBSITE}"
nginx['listen_port'] = 80
nginx['listen_https'] = false
nginx['http2_enabled'] = true
nginx['proxy_set_headers'] = {
"host" => "$$http_host",
"x-real-ip" => "$$remote_addr",
"x-forwarded-for" => "$$proxy_add_x_forwarded_for",
"x-forwarded-proto" => "https",
"x-forwarded-ssl" => "on"
}
# Registry settings
registry['enable'] = false
gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_host'] = "registry.${WEBSITE}"
gitlab_rails['registry_port'] = "5000"
gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
gitlab_rails['registry_key'] = "/var/opt/gitlab/gitlab-rails/etc/certificate.key"
gitlab_rails['registry_api_url'] = "https://registry.${WEBSITE}:5000"
gitlab_rails['registry_issuer'] = "gitlab-issuer"


registry:
container_name: registry
image: registry:2.7
hostname: "registry.${WEBSITE}"
restart: always
depends_on:
- traefik
labels:
- "traefik.enable=true"
- "traefik.http.routers.registry.tls=true"
- "traefik.http.routers.registry.tls.certresolver=letsencrypt"
- "traefik.http.routers.registry.entrypoints=registry"
- "traefik.http.routers.registry.rule=Host(`registry.${WEBSITE}`)"
volumes:
- "/data/registry:/registry"
- "/certs:/certs"
environment:
REGISTRY_LOG_LEVEL: debug
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /registry
REGISTRY_STORAGE_DELETE_ENABLED: 'true'
# REGISTRY_AUTH_TOKEN_REALM: "https://git.${WEBSITE}/jwt/auth" # <--- requires gitlab-registry.key
# REGISTRY_AUTH_TOKEN_SERVICE: container_registry # <--- requires gitlab-registry.key
# REGISTRY_AUTH_TOKEN_ISSUER: gitlab-issuer # <--- requires gitlab-registry.key
# REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE: /certs/gitlab-registry.crt # <--- requires gitlab-registry.key


traefik/traefik.toml
[entryPoints]
[entryPoints.web]
address = ":443"
[entryPoints.registry]
address = ":5000"

[providers]
[providers.docker]
exposedByDefault = false

[certificatesResolvers]
[certificatesResolvers.letsencrypt.acme]
email = "noreply@example.com"
caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
storage = "/letsencrypt/acme.json"
[certificatesResolvers.letsencrypt.acme.tlsChallenge]

我有一个环境变量, 网站 .使用 docker-compose up -d 启动此 Docker 容器后,我可以在 https://git.[WEBSITE] 很好地访问 Gitlab .我也可以使用 curl -k -X GET https://registry.[WEBSITE]:5000/v2/_catalog 访问容器目录(除非我注释掉 REGISTRY_AUTH 环境变量块)。

我可以在 Gitlab 启动日志中看到跳过 key 创建的部分,但不知道为什么......有什么想法吗?

启动日志(可以使用 sudo docker logs -f gitlab 查看):
...
...
* storage_directory[/var/opt/gitlab/backups] action create
* ruby_block[directory resource: /var/opt/gitlab/backups] action run (skipped due to not_if)
(up to date)
* directory[/var/opt/gitlab/gitlab-rails] action create (up to date)
* directory[/var/opt/gitlab/gitlab-ci] action create (up to date)
* file[/var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key] action create (skipped due to only_if)
* template[/opt/gitlab/etc/gitlab-rails/gitlab-rails-rc] action create
- create new file /opt/gitlab/etc/gitlab-rails/gitlab-rails-rc
- update content in file /opt/gitlab/etc/gitlab-rails/gitlab-rails-rc from none to 7b16c8
--- /opt/gitlab/etc/gitlab-rails/gitlab-rails-rc 2020-04-21 02:11:21.628290241 +0000
+++ /opt/gitlab/etc/gitlab-rails/.chef-gitlab-rails-rc20200421-31-y0rbxu 2020-04-21 02:11:21.628290241 +0000
@@ -1 +1,6 @@
+gitlab_user='git'
+gitlab_group='git'
+registry_dir=''
+registry_user='registry'
+registry_group='registry'
* file[/opt/gitlab/embedded/service/gitlab-rails/.secret] action delete (up to date)
* file[/var/opt/gitlab/gitlab-rails/etc/secret] action delete (up to date)
...
...

最佳答案

从 Gitlab 问题来看,在您进行配置之前,似乎某些服务没有正确启动。查看此线程:https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/4257#note_171862038 .

关于docker - 为什么 gitlab-registry.key 是 "skipped due to only_if"?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61415412/

30 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com