apt-get install lxc
ls -la /usr/share/lxc/templates/
lxc-create -n <container-name> -t download
lxc-create -n <container-name> -t debian
Add these lines to the configuration file at /var/lib/lxc/<container-name>/config
Enable auto start of this container.
lxc.start.auto = 1
Delay start this container 30 seconds from when the host starts.
lxc.start.delay = 30
The followng lines need kernel options "cgroup_enable=memory swapaccount=1".
Limit memory to 512M
lxc.cgroup.memory.limit_in_bytes = 1G
Total usage or memory + swap to 1G. Note the second setting is for overall memory + swap, not just swap usage.
lxc.cgroup.memory.memsw.limit_in_bytes = 2G
Set the GRUB_CMDLINE_LINUX value as follows in file /etc/default/grub file.'
GRUB_CMDLINE_LINUX = "cgroup_enable=memory swapaccount=1"
Execute the following commands.
update grub using.
update-grub
Grab hold of the root console.
lxc-attach -n <container-name>
Install GitLab needed packages
apt-get install wget openssh-server ca-certificates postfix systemd-cron
Get the script to install the gitlab package
Get the script
wget "https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh"
Execute the script
bash script.deb.sh
Actually install the package since it is available now.
apt-get install gitlab-ce
Reconfigure after failure.
gitlab-ctl reconfigure
Probably already fixed...
I modified /opt/gitlab/embedded/cookbooks/gitlab/definitions/sysctl.rb like that:
# Load the settings right away
execute "load sysctl conf" do
#command "cat /etc/sysctl.conf /etc/sysctl.d/*.conf | sysctl -e -p -"
action :nothing
end
Fix nginx problem "422 The change you requested was rejected."
This fix will be un done when gitlab-ctl reconfigure is called.
Update: It Seems to be fixed now (2016-03) and not needed anymore.
Add line
proxy_set_header X-Forwarded-Ssl on;
at 'location / {' section in file /var/opt/gitlab/nginx/conf/gitlab-http.conf
joe /var/opt/gitlab/nginx/conf/gitlab-http.conf
Restart gitlab to make it have effect.
gitlab-ctl restart
Login on website for the first time.
root5iveL!feChange swappiness to 10 from default 60.
See http://en.wikipedia.org/wiki/Swappiness for more details.
sysctl -w vm.swappiness=10
When having the following errors when examining dmesg -w of journalctl --dmesg --follow.
audit: type=1400 audit(????): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-container-default-cgns" name="/" pid=???? comm="(d-logind)" flags="rw, rslave"
In my case this was caused by the GitLab container running Debian bullseye.
To solve this add a rules to allow the mount operation with the following line
to file /etc/apparmor.d/lxc/lxc-default-cgns. There are multiple rules added since fixing the rw, rslave the
next one (rw, rbind) will pop up and so on.
# Added for Debian bookworm nexus3 container which has aparmor audit warnings.
# Allow rslave and rbind mounts for non-specific directories.
mount options=(rw, rslave),
mount options=(rw, rbind),
mount options=(rw, rshared),
mount options=(rw, nosuid),
mount options=(rw, nodev),
mount options=(rw, noexec),
Run next command to make it have effect.
systemctl restart apparmor