乐趣区

关于kubernetes:Kubernetes-1205-安装gitlab

前言:

参照 https://www.yuque.com/duiniwukenaihe/ehb02i 内 https://www.yuque.com/duiniwukenaihe/ehb02i/qz49ev 之前文章。要实现 kubernetes devops 工作流的实现。后面曾经搭建了 jenkins。gitlab 代码仓库也是必不可缺少的。当初搞一下 gitlab, 对于 helm 后面也做了具体的讲述,这里略过了。另外之前 gitlab 版本没有中文版本可参照 https://hub.docker.com/r/twang2218/gitlab-ce-zh/ twang2218 的汉化版本。当初的 gitlab 曾经反对多语言了,能够略过。上面就开始装置 gitlab。看了一眼 helm 的装置形式 … 文章较少。还是决定老老实实 yaml 形式装置了

1. 创立 gitlab 搭建过程中所须要的 pvc

初步布局:存储 storageclass 是用的腾讯云开源的 cbs-csi 插件,因为最小值只能是 10G,redis postgresql 就设置为 10G 了。特意强调下 pvc 指定 namespace。昨天手贱装置 kubesphere 玩下了,后果发现他自带的 Prometheus 把我的 pv,pvc 抢占了 …. 不晓得这是 cbs 的坑还是本人搭建形式有问题。最初用户名明码始终谬误。卸载了,不玩了 ……

cat gitlab-pvc.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitlab-pvc
  namespace: kube-ops
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 100Gi
  storageClassName: cbs-csi

cat gitlab-redis-pvc.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitlab-redis-pvc
  namespace: kube-ops  
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi
  storageClassName: cbs-csi

cat gitlab-pg-pvc.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitlab-pg-pvc
  namespace: kube-ops 
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi
  storageClassName: cbs-csi
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  namespace: kube-ops
  name: gitlab-http
spec:
  entryPoints:
    - web
  routes:
    - match: Host(`gitlab.saynaihe.com`)
      kind: Rule
      services:
        - name: gitlab
          port: 80

在当前目录下执行

kubectl apply -f .

2. gitlab-redis 搭建

注:特意指定了 namespace,否则执行 kubectl apply -f yaml 文件的时候常常会忘掉指定 namespace
,claimName 批改为本人创立的 pvc。
cat redis.yaml

## Service
kind: Service
apiVersion: v1
metadata:
  name: gitlab-redis
  namespace: kube-ops
  labels:
    name: gitlab-redis
spec:
  type: ClusterIP
  ports:
    - name: redis
      protocol: TCP
      port: 6379
      targetPort: redis
  selector:
    name: gitlab-redis
---
## Deployment
kind: Deployment
apiVersion: apps/v1
metadata:
  name: gitlab-redis
  namespace: kube-ops
  labels:
    name: gitlab-redis
spec:
  replicas: 1
  selector:
    matchLabels:
      name: gitlab-redis
  template:
    metadata:
      name: gitlab-redis
      labels:
        name: gitlab-redis
    spec:
      containers:
      - name: gitlab-redis
        image: 'sameersbn/redis:4.0.9-3'
        ports:
        - name: redis
          containerPort: 6379
          protocol: TCP
        resources:
          limits:
            cpu: 1000m
            memory: 2Gi
          requests:
            cpu: 1000m
            memory: 2Gi
        volumeMounts:
          - name: data
            mountPath: /var/lib/redis
        livenessProbe:
          exec:
            command:
              - redis-cli
              - ping
          initialDelaySeconds: 5
          timeoutSeconds: 5
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        readinessProbe:
          exec:
            command:
              - redis-cli
              - ping
          initialDelaySeconds: 5
          timeoutSeconds: 5
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: gitlab-redis-pvc
kubectl  apply -f redis.yaml


期待创立实现 running。

3.gitlab-postgresql 搭建

同 redis 配置一样批改 pg 配置
cat pg.yaml

## Service
kind: Service
apiVersion: v1
metadata:
  name: gitlab-postgresql
  namespace: kube-ops
  labels:
    name: gitlab-postgresql
spec:
  ports:
    - name: postgres
      protocol: TCP
      port: 5432
      targetPort: postgres
  selector:
    name: postgresql
  type: ClusterIP
---
## Deployment
kind: Deployment
apiVersion: apps/v1
metadata:
  name: postgresql
  namespace: kube-ops
  labels:
    name: postgresql
spec:
  replicas: 1
  selector:
    matchLabels:
      name: postgresql
  template:
    metadata:
      name: postgresql
      labels:
        name: postgresql
    spec:
      containers:
      - name: postgresql
        image: sameersbn/postgresql:12-20200524
        ports:
        - name: postgres
          containerPort: 5432
        env:
        - name: DB_USER
          value: gitlab
        - name: DB_PASS
          value: admin@mydlq
        - name: DB_NAME
          value: gitlabhq_production
        - name: DB_EXTENSION
          value: 'pg_trgm,btree_gist'
        resources: 
          requests:
            cpu: 2
            memory: 2Gi
          limits:
            cpu: 2
            memory: 2Gi
        livenessProbe:
          exec:
            command: ["pg_isready","-h","localhost","-U","postgres"]
          initialDelaySeconds: 30
          timeoutSeconds: 5
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        readinessProbe:
          exec:
            command: ["pg_isready","-h","localhost","-U","postgres"]
          initialDelaySeconds: 5
          timeoutSeconds: 1
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        volumeMounts:
        - name: data
          mountPath: /var/lib/postgresql
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: gitlab-pg-pvc

kubectl apply -f pg.yaml

4. gitlab deployment 搭建

cat gitlab.yaml

## Service
kind: Service
apiVersion: v1
metadata:
  name: gitlab
  namespace: kube-ops
  labels:
    name: gitlab
spec:
  ports:
    - name: http
      protocol: TCP
      port: 80
    - name: ssh
      protocol: TCP
      port: 22
  selector:
    name: gitlab
  type: ClusterIP
---
## Deployment
kind: Deployment
apiVersion: apps/v1
metadata:
  name: gitlab
  namespace: kube-ops
  labels:
    name: gitlab
spec:
  replicas: 1
  selector:
    matchLabels:
      name: gitlab
  template:
    metadata:
      name: gitlab
      labels:
        name: gitlab
    spec:
      containers:
      - name: gitlab
        image: 'sameersbn/gitlab:13.6.2'
        ports:
        - name: ssh
          containerPort: 22
        - name: http
          containerPort: 80
        - name: https
          containerPort: 443
        env:
        - name: TZ
          value: Asia/Shanghai
        - name: GITLAB_TIMEZONE
          value: Beijing
        - name: GITLAB_SECRETS_DB_KEY_BASE
          value: long-and-random-alpha-numeric-string
        - name: GITLAB_SECRETS_SECRET_KEY_BASE
          value: long-and-random-alpha-numeric-string
        - name: GITLAB_SECRETS_OTP_KEY_BASE
          value: long-and-random-alpha-numeric-string
        - name: GITLAB_ROOT_PASSWORD
          value: admin@mydlq
        - name: GITLAB_ROOT_EMAIL 
          value: 820042728@qq.com     
        - name: GITLAB_HOST           
          value: 'gitlab.saynaihe.com'
        - name: GITLAB_PORT        
          value: '80'                   
        - name: GITLAB_SSH_PORT   
          value: '22'
        - name: GITLAB_NOTIFY_ON_BROKEN_BUILDS
          value: 'true'
        - name: GITLAB_NOTIFY_PUSHER
          value: 'false'
        - name: DB_TYPE             
          value: postgres
        - name: DB_HOST         
          value: gitlab-postgresql           
        - name: DB_PORT          
          value: '5432'
        - name: DB_USER        
          value: gitlab
        - name: DB_PASS         
          value: admin@mydlq
        - name: DB_NAME          
          value: gitlabhq_production
        - name: REDIS_HOST
          value: gitlab-redis              
        - name: REDIS_PORT      
          value: '6379'
        resources: 
          requests:
            cpu: 2
            memory: 4Gi
          limits:
            cpu: 2
            memory: 4Gi
        livenessProbe:
          httpGet:
            path: /
            port: 80
            scheme: HTTP
          initialDelaySeconds: 300
          timeoutSeconds: 5
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        readinessProbe:
          httpGet:
            path: /
            port: 80
            scheme: HTTP
          initialDelaySeconds: 5
          timeoutSeconds: 30
          periodSeconds: 10
          successThreshold: 1
          failureThreshold: 3
        volumeMounts:
        - name: data
          mountPath: /home/git/data
        - name: localtime
          mountPath: /etc/localtime
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: gitlab-pvc
      - name: localtime
        hostPath:
          path: /etc/localtime

根本抄的豆丁大佬的文档。然而删掉了 NodePort 的形式。还是喜爱用 ingress 的代理形式。明码 用户名配置的能够装置本人的需要更改了。

期待 running……

5. ingress 配置

cat ingress.yaml

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  namespace: kube-ops
  name: gitlab-http
spec:
  entryPoints:
    - web
  routes:
    - match: Host(`gitlab.saynaine.com`)
      kind: Rule
      services:
        - name: gitlab
          port: 80

kubectl apply -f ingress.yaml
拜访 gitlab.saynaihe.com(域名依然为虚构.)。都做了强制跳转了。故拜访的伟 http 页面默认用户名 root,明码是本人 gitlab.yaml 文件中设置的。(至于显示中文,是因为我的谷歌浏览器装置了中文翻译插件)

OK,登陆胜利

6. 敞开用户注册,更改默认语言为中文。





根本装置实现。其余的用法当前缓缓钻研 ……. 当初就是先把工具链装置整合起来。对了 gitlab 登陆后记得更改用户名明码 …. 减少集体安全意识是很有必要的。

退出移动版