前言:
参照 https://www.yuque.com/duiniwukenaihe/ehb02i 内 https://www.yuque.com/duiniwukenaihe/ehb02i/qz49ev 之前文章。要实现 kubernetes devops 工作流的实现。后面曾经搭建了 jenkins。gitlab 代码仓库也是必不可缺少的。当初搞一下 gitlab, 对于 helm 后面也做了具体的讲述,这里略过了。另外之前 gitlab 版本没有中文版本可参照 https://hub.docker.com/r/twang2218/gitlab-ce-zh/ twang2218 的汉化版本。当初的 gitlab 曾经反对多语言了,能够略过。上面就开始装置 gitlab。看了一眼 helm 的装置形式 … 文章较少。还是决定老老实实 yaml 形式装置了
1. 创立 gitlab 搭建过程中所须要的 pvc
初步布局:存储 storageclass 是用的腾讯云开源的 cbs-csi 插件,因为最小值只能是 10G,redis postgresql 就设置为 10G 了。特意强调下 pvc 指定 namespace。昨天手贱装置 kubesphere 玩下了,后果发现他自带的 Prometheus 把我的 pv,pvc 抢占了 …. 不晓得这是 cbs 的坑还是本人搭建形式有问题。最初用户名明码始终谬误。卸载了,不玩了 ……
cat gitlab-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitlab-pvc
namespace: kube-ops
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Gi
storageClassName: cbs-csi
cat gitlab-redis-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitlab-redis-pvc
namespace: kube-ops
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: cbs-csi
cat gitlab-pg-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitlab-pg-pvc
namespace: kube-ops
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: cbs-csi
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
namespace: kube-ops
name: gitlab-http
spec:
entryPoints:
- web
routes:
- match: Host(`gitlab.saynaihe.com`)
kind: Rule
services:
- name: gitlab
port: 80
在当前目录下执行
kubectl apply -f .
2. gitlab-redis 搭建
注:特意指定了 namespace,否则执行 kubectl apply -f yaml 文件的时候常常会忘掉指定 namespace
,claimName 批改为本人创立的 pvc。
cat redis.yaml
## Service
kind: Service
apiVersion: v1
metadata:
name: gitlab-redis
namespace: kube-ops
labels:
name: gitlab-redis
spec:
type: ClusterIP
ports:
- name: redis
protocol: TCP
port: 6379
targetPort: redis
selector:
name: gitlab-redis
---
## Deployment
kind: Deployment
apiVersion: apps/v1
metadata:
name: gitlab-redis
namespace: kube-ops
labels:
name: gitlab-redis
spec:
replicas: 1
selector:
matchLabels:
name: gitlab-redis
template:
metadata:
name: gitlab-redis
labels:
name: gitlab-redis
spec:
containers:
- name: gitlab-redis
image: 'sameersbn/redis:4.0.9-3'
ports:
- name: redis
containerPort: 6379
protocol: TCP
resources:
limits:
cpu: 1000m
memory: 2Gi
requests:
cpu: 1000m
memory: 2Gi
volumeMounts:
- name: data
mountPath: /var/lib/redis
livenessProbe:
exec:
command:
- redis-cli
- ping
initialDelaySeconds: 5
timeoutSeconds: 5
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
readinessProbe:
exec:
command:
- redis-cli
- ping
initialDelaySeconds: 5
timeoutSeconds: 5
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
volumes:
- name: data
persistentVolumeClaim:
claimName: gitlab-redis-pvc
kubectl apply -f redis.yaml
期待创立实现 running。
3.gitlab-postgresql 搭建
同 redis 配置一样批改 pg 配置
cat pg.yaml
## Service
kind: Service
apiVersion: v1
metadata:
name: gitlab-postgresql
namespace: kube-ops
labels:
name: gitlab-postgresql
spec:
ports:
- name: postgres
protocol: TCP
port: 5432
targetPort: postgres
selector:
name: postgresql
type: ClusterIP
---
## Deployment
kind: Deployment
apiVersion: apps/v1
metadata:
name: postgresql
namespace: kube-ops
labels:
name: postgresql
spec:
replicas: 1
selector:
matchLabels:
name: postgresql
template:
metadata:
name: postgresql
labels:
name: postgresql
spec:
containers:
- name: postgresql
image: sameersbn/postgresql:12-20200524
ports:
- name: postgres
containerPort: 5432
env:
- name: DB_USER
value: gitlab
- name: DB_PASS
value: admin@mydlq
- name: DB_NAME
value: gitlabhq_production
- name: DB_EXTENSION
value: 'pg_trgm,btree_gist'
resources:
requests:
cpu: 2
memory: 2Gi
limits:
cpu: 2
memory: 2Gi
livenessProbe:
exec:
command: ["pg_isready","-h","localhost","-U","postgres"]
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
readinessProbe:
exec:
command: ["pg_isready","-h","localhost","-U","postgres"]
initialDelaySeconds: 5
timeoutSeconds: 1
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
volumeMounts:
- name: data
mountPath: /var/lib/postgresql
volumes:
- name: data
persistentVolumeClaim:
claimName: gitlab-pg-pvc
kubectl apply -f pg.yaml
4. gitlab deployment 搭建
cat gitlab.yaml
## Service
kind: Service
apiVersion: v1
metadata:
name: gitlab
namespace: kube-ops
labels:
name: gitlab
spec:
ports:
- name: http
protocol: TCP
port: 80
- name: ssh
protocol: TCP
port: 22
selector:
name: gitlab
type: ClusterIP
---
## Deployment
kind: Deployment
apiVersion: apps/v1
metadata:
name: gitlab
namespace: kube-ops
labels:
name: gitlab
spec:
replicas: 1
selector:
matchLabels:
name: gitlab
template:
metadata:
name: gitlab
labels:
name: gitlab
spec:
containers:
- name: gitlab
image: 'sameersbn/gitlab:13.6.2'
ports:
- name: ssh
containerPort: 22
- name: http
containerPort: 80
- name: https
containerPort: 443
env:
- name: TZ
value: Asia/Shanghai
- name: GITLAB_TIMEZONE
value: Beijing
- name: GITLAB_SECRETS_DB_KEY_BASE
value: long-and-random-alpha-numeric-string
- name: GITLAB_SECRETS_SECRET_KEY_BASE
value: long-and-random-alpha-numeric-string
- name: GITLAB_SECRETS_OTP_KEY_BASE
value: long-and-random-alpha-numeric-string
- name: GITLAB_ROOT_PASSWORD
value: admin@mydlq
- name: GITLAB_ROOT_EMAIL
value: 820042728@qq.com
- name: GITLAB_HOST
value: 'gitlab.saynaihe.com'
- name: GITLAB_PORT
value: '80'
- name: GITLAB_SSH_PORT
value: '22'
- name: GITLAB_NOTIFY_ON_BROKEN_BUILDS
value: 'true'
- name: GITLAB_NOTIFY_PUSHER
value: 'false'
- name: DB_TYPE
value: postgres
- name: DB_HOST
value: gitlab-postgresql
- name: DB_PORT
value: '5432'
- name: DB_USER
value: gitlab
- name: DB_PASS
value: admin@mydlq
- name: DB_NAME
value: gitlabhq_production
- name: REDIS_HOST
value: gitlab-redis
- name: REDIS_PORT
value: '6379'
resources:
requests:
cpu: 2
memory: 4Gi
limits:
cpu: 2
memory: 4Gi
livenessProbe:
httpGet:
path: /
port: 80
scheme: HTTP
initialDelaySeconds: 300
timeoutSeconds: 5
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /
port: 80
scheme: HTTP
initialDelaySeconds: 5
timeoutSeconds: 30
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
volumeMounts:
- name: data
mountPath: /home/git/data
- name: localtime
mountPath: /etc/localtime
volumes:
- name: data
persistentVolumeClaim:
claimName: gitlab-pvc
- name: localtime
hostPath:
path: /etc/localtime
根本抄的豆丁大佬的文档。然而删掉了 NodePort 的形式。还是喜爱用 ingress 的代理形式。明码 用户名配置的能够装置本人的需要更改了。
期待 running……
5. ingress 配置
cat ingress.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
namespace: kube-ops
name: gitlab-http
spec:
entryPoints:
- web
routes:
- match: Host(`gitlab.saynaine.com`)
kind: Rule
services:
- name: gitlab
port: 80
kubectl apply -f ingress.yaml
拜访 gitlab.saynaihe.com(域名依然为虚构.)。都做了强制跳转了。故拜访的伟 http 页面默认用户名 root,明码是本人 gitlab.yaml 文件中设置的。(至于显示中文,是因为我的谷歌浏览器装置了中文翻译插件)
OK,登陆胜利
6. 敞开用户注册,更改默认语言为中文。
根本装置实现。其余的用法当前缓缓钻研 ……. 当初就是先把工具链装置整合起来。对了 gitlab 登陆后记得更改用户名明码 …. 减少集体安全意识是很有必要的。