前言:
参照https://www.yuque.com/duiniwukenaihe/ehb02i内https://www.yuque.com/duiniwukenaihe/ehb02i/qz49ev之前文章。要实现kubernetes devops工作流的实现。后面曾经搭建了jenkins。gitlab代码仓库也是必不可缺少的。当初搞一下gitlab,对于helm后面也做了具体的讲述,这里略过了。另外之前gitlab版本没有中文版本可参照https://hub.docker.com/r/twang2218/gitlab-ce-zh/ twang2218的汉化版本。当初的gitlab曾经反对多语言了,能够略过。上面就开始装置gitlab。看了一眼helm的装置形式...文章较少。还是决定老老实实yaml形式装置了
1. 创立gitlab搭建过程中所须要的pvc
初步布局:存储storageclass是用的腾讯云开源的cbs-csi插件,因为最小值只能是10G,redis postgresql就设置为10G了。特意强调下 pvc指定namespace。昨天手贱装置kubesphere玩下了,后果发现他自带的Prometheus把我的pv,pvc抢占了....不晓得这是cbs的坑还是本人搭建形式有问题。最初用户名明码始终谬误。卸载了,不玩了......
cat gitlab-pvc.yaml
apiVersion: v1kind: PersistentVolumeClaimmetadata: name: gitlab-pvc namespace: kube-opsspec: accessModes: - ReadWriteOnce resources: requests: storage: 100Gi storageClassName: cbs-csicat gitlab-redis-pvc.yaml
apiVersion: v1kind: PersistentVolumeClaimmetadata: name: gitlab-redis-pvc namespace: kube-ops spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: cbs-csicat gitlab-pg-pvc.yaml
apiVersion: v1kind: PersistentVolumeClaimmetadata: name: gitlab-pg-pvc namespace: kube-ops spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: cbs-csiapiVersion: traefik.containo.us/v1alpha1kind: IngressRoutemetadata: namespace: kube-ops name: gitlab-httpspec: entryPoints: - web routes: - match: Host(`gitlab.saynaihe.com`) kind: Rule services: - name: gitlab port: 80在当前目录下执行
kubectl apply -f .2. gitlab-redis搭建
注: 特意指定了namespace,否则执行kubectl apply -f yaml文件的时候常常会忘掉指定namespace
,claimName 批改为本人创立的pvc。
cat redis.yaml
## Servicekind: ServiceapiVersion: v1metadata: name: gitlab-redis namespace: kube-ops labels: name: gitlab-redisspec: type: ClusterIP ports: - name: redis protocol: TCP port: 6379 targetPort: redis selector: name: gitlab-redis---## Deploymentkind: DeploymentapiVersion: apps/v1metadata: name: gitlab-redis namespace: kube-ops labels: name: gitlab-redisspec: replicas: 1 selector: matchLabels: name: gitlab-redis template: metadata: name: gitlab-redis labels: name: gitlab-redis spec: containers: - name: gitlab-redis image: 'sameersbn/redis:4.0.9-3' ports: - name: redis containerPort: 6379 protocol: TCP resources: limits: cpu: 1000m memory: 2Gi requests: cpu: 1000m memory: 2Gi volumeMounts: - name: data mountPath: /var/lib/redis livenessProbe: exec: command: - redis-cli - ping initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: exec: command: - redis-cli - ping initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 volumes: - name: data persistentVolumeClaim: claimName: gitlab-redis-pvckubectl apply -f redis.yaml
期待创立实现running。
3.gitlab-postgresql搭建
同redis 配置一样批改pg配置
cat pg.yaml
## Servicekind: ServiceapiVersion: v1metadata: name: gitlab-postgresql namespace: kube-ops labels: name: gitlab-postgresqlspec: ports: - name: postgres protocol: TCP port: 5432 targetPort: postgres selector: name: postgresql type: ClusterIP---## Deploymentkind: DeploymentapiVersion: apps/v1metadata: name: postgresql namespace: kube-ops labels: name: postgresqlspec: replicas: 1 selector: matchLabels: name: postgresql template: metadata: name: postgresql labels: name: postgresql spec: containers: - name: postgresql image: sameersbn/postgresql:12-20200524 ports: - name: postgres containerPort: 5432 env: - name: DB_USER value: gitlab - name: DB_PASS value: admin@mydlq - name: DB_NAME value: gitlabhq_production - name: DB_EXTENSION value: 'pg_trgm,btree_gist' resources: requests: cpu: 2 memory: 2Gi limits: cpu: 2 memory: 2Gi livenessProbe: exec: command: ["pg_isready","-h","localhost","-U","postgres"] initialDelaySeconds: 30 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: exec: command: ["pg_isready","-h","localhost","-U","postgres"] initialDelaySeconds: 5 timeoutSeconds: 1 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 volumeMounts: - name: data mountPath: /var/lib/postgresql volumes: - name: data persistentVolumeClaim: claimName: gitlab-pg-pvckubectl apply -f pg.yaml
4. gitlab deployment搭建
cat gitlab.yaml
## Servicekind: ServiceapiVersion: v1metadata: name: gitlab namespace: kube-ops labels: name: gitlabspec: ports: - name: http protocol: TCP port: 80 - name: ssh protocol: TCP port: 22 selector: name: gitlab type: ClusterIP---## Deploymentkind: DeploymentapiVersion: apps/v1metadata: name: gitlab namespace: kube-ops labels: name: gitlabspec: replicas: 1 selector: matchLabels: name: gitlab template: metadata: name: gitlab labels: name: gitlab spec: containers: - name: gitlab image: 'sameersbn/gitlab:13.6.2' ports: - name: ssh containerPort: 22 - name: http containerPort: 80 - name: https containerPort: 443 env: - name: TZ value: Asia/Shanghai - name: GITLAB_TIMEZONE value: Beijing - name: GITLAB_SECRETS_DB_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_SECRETS_SECRET_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_SECRETS_OTP_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_ROOT_PASSWORD value: admin@mydlq - name: GITLAB_ROOT_EMAIL value: 820042728@qq.com - name: GITLAB_HOST value: 'gitlab.saynaihe.com' - name: GITLAB_PORT value: '80' - name: GITLAB_SSH_PORT value: '22' - name: GITLAB_NOTIFY_ON_BROKEN_BUILDS value: 'true' - name: GITLAB_NOTIFY_PUSHER value: 'false' - name: DB_TYPE value: postgres - name: DB_HOST value: gitlab-postgresql - name: DB_PORT value: '5432' - name: DB_USER value: gitlab - name: DB_PASS value: admin@mydlq - name: DB_NAME value: gitlabhq_production - name: REDIS_HOST value: gitlab-redis - name: REDIS_PORT value: '6379' resources: requests: cpu: 2 memory: 4Gi limits: cpu: 2 memory: 4Gi livenessProbe: httpGet: path: / port: 80 scheme: HTTP initialDelaySeconds: 300 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: httpGet: path: / port: 80 scheme: HTTP initialDelaySeconds: 5 timeoutSeconds: 30 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 volumeMounts: - name: data mountPath: /home/git/data - name: localtime mountPath: /etc/localtime volumes: - name: data persistentVolumeClaim: claimName: gitlab-pvc - name: localtime hostPath: path: /etc/localtime根本抄的豆丁大佬的文档。然而删掉了NodePort的形式。还是喜爱用ingress的代理形式。明码 用户名配置的能够装置本人的需要更改了。
期待running......
5. ingress配置
cat ingress.yaml
apiVersion: traefik.containo.us/v1alpha1kind: IngressRoutemetadata: namespace: kube-ops name: gitlab-httpspec: entryPoints: - web routes: - match: Host(`gitlab.saynaine.com`) kind: Rule services: - name: gitlab port: 80kubectl apply -f ingress.yaml
拜访 gitlab.saynaihe.com(域名依然为虚构.)。都做了强制跳转了。故拜访的伟http页面默认用户名root,明码是本人gitlab.yaml文件中设置的。(至于显示中文,是因为我的谷歌浏览器装置了中文翻译插件)
OK,登陆胜利
6. 敞开用户注册,更改默认语言为中文。
根本装置实现。其余的用法当前缓缓钻研....... 当初就是先把工具链装置整合起来。对了gitlab 登陆后记得更改用户名明码....减少集体安全意识是很有必要的。