1、說明
在k8s集群中搭建gitlab比較簡單,只需將Redis、Postgresql、Gitlab分別啟動,進行配置就行。鏡像是:sameersbn/gitlab,地址:http://www.damagehead.com/docker-gitlab/。如果我們已經有可使用的 Redis 或 Postgresql 服務的話,那么直接配置在 Gitlab 環境變量中即可。我這邊沒有,就一起部署了。
Ingress采用的Nginx,參考:https://www.cnblogs.com/zoujiaojiao/p/12515917.html 。存儲采用nfs。
2、注意
gitlab 的ssh端口是22。我們宿主機一般是會啟動ssh的22端口。所以gitlab的22端口映射到宿主機的時候,我們采用nodeport方式,固定給30022端口。這樣我們就能使用git 的ssh方式訪問。
3、配置
3.1 啟動redis
創建pv 和 pvc
# cat gitlab-redis-pv.yaml --- # pv apiVersion: v1 kind: PersistentVolume metadata: name: gitlab-redis-pv spec: capacity: storage: 5Gi accessModes: - ReadWriteMany nfs: server: nfs的ip path: "/data/gitlab-redis" 掛載在nfs上/data/gitlab-redis路徑下 --- # pvc apiVersion: v1 kind: PersistentVolumeClaim metadata: name: gitlab-redis-pvc namespace: kube-ops spec: accessModes: - ReadWriteMany storageClassName: "" resources: requests: storage: 5Gi 分配大小
創建deployment 和service
# cat gitlab-redis.yaml apiVersion: apps/v1 kind: Deployment metadata: name: redis namespace: kube-ops labels: name: redis spec: selector: matchLabels: name: redis template: metadata: name: redis labels: name: redis spec: containers: - name: redis image: redis:latest 建議先提前下載好鏡像 imagePullPolicy: IfNotPresent ports: - name: redis containerPort: 6379 volumeMounts: - mountPath: /var/lib/redis name: data livenessProbe: exec: command: - redis-cli - ping initialDelaySeconds: 30 timeoutSeconds: 5 readinessProbe: exec: command: - redis-cli - ping initialDelaySeconds: 5 timeoutSeconds: 1 volumes: - name: data persistentVolumeClaim: claimName: gitlab-redis-pvc --- apiVersion: v1 kind: Service metadata: name: redis namespace: kube-ops labels: name: redis spec: ports: - name: redis port: 6379 targetPort: redis selector: name: redis
啟動:
#kubectl create -f gitlab-redis-pv.yaml
#kubectl create -f gitlab-redis.yaml
3.2 啟動pgsql
創建pv 和pvc
# cat gitlab-postgresql-pv.yaml --- # pv apiVersion: v1 kind: PersistentVolume metadata: name: gitlab-postgresql-pv spec: capacity: storage: 5Gi accessModes: - ReadWriteMany nfs: server: nfs服務器ip path: "/data/gitlab-postgresql" --- # pvc apiVersion: v1 kind: PersistentVolumeClaim metadata: name: gitlab-postgresql-pvc namespace: kube-ops spec: accessModes: - ReadWriteMany storageClassName: "" resources: requests: storage: 5Gi
創建deployment和service
# cat gitlab-postgresql.yaml apiVersion: apps/v1 kind: Deployment metadata: name: postgresql namespace: kube-ops labels: name: postgresql spec: selector: matchLabels: name: postgresql template: metadata: name: postgresql labels: name: postgresql spec: containers: - name: postgresql image: postgresql:10 imagePullPolicy: IfNotPresent env:- name: DB_USER value: gitlab - name: DB_PASS value: gitlab數據庫密碼 - name: DB_NAME value: gitlab_production - name: DB_EXTENSION value: pg_trgm ports: - name: postgres containerPort: 5432 volumeMounts: - mountPath: /var/lib/postgresql name: data livenessProbe: exec: command: - pg_isready - -h - localhost - -U - postgres initialDelaySeconds: 30 timeoutSeconds: 5 readinessProbe: exec: command: - pg_isready - -h - localhost - -U - postgres initialDelaySeconds: 5 timeoutSeconds: 1 volumes: - name: data persistentVolumeClaim: claimName: gitlab-postgresql-pvc --- apiVersion: v1 kind: Service metadata: name: postgresql namespace: kube-ops labels: name: postgresql spec: ports: - name: postgres port: 5432 targetPort: postgres selector: name: postgresql
啟動:
# kubectl create -f gitlab-postgresql-pv.yaml
# kubectl create -f gitlab-postgresql.yaml
3.3 啟動gitlab
創建pv和pvc
# cat gitlab-gitlab-pv.yaml --- # pv apiVersion: v1 kind: PersistentVolume metadata: name: gitlab-gitlab-pv spec: capacity: storage: 10Gi accessModes: - ReadWriteMany nfs: server: nfs的ip path: "/data/gitlab-gitlab" --- # pvc apiVersion: v1 kind: PersistentVolumeClaim metadata: name: gitlab-gitlab-pvc namespace: kube-ops spec: accessModes: - ReadWriteMany storageClassName: "" resources: requests: storage: 10Gi
創建git的deployment和service,Ingress
# cat gitlab-gitlab.yaml apiVersion: apps/v1 kind: Deployment metadata: name: gitlab namespace: kube-ops labels: name: gitlab spec: selector: matchLabels: name: gitlab template: metadata: name: gitlab labels: name: gitlab spec: containers: - name: gitlab image: docker.vonedao.com/bases/gitlab:11.8.1 imagePullPolicy: IfNotPresent env: - name: TZ value: Asia/Shanghai - name: GITLAB_TIMEZONE value: Beijing - name: GITLAB_SECRETS_DB_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_SECRETS_SECRET_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_SECRETS_OTP_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_ROOT_PASSWORD value: gitlab界面上root賬戶登錄密碼 - name: GITLAB_ROOT_EMAIL value: jiaojiao.zou@vonechain.com - name: GITLAB_HOST value: gitlab.vonedao.com - name: GITLAB_PORT value: "80" - name: GITLAB_SSH_PORT value: "22" - name: GITLAB_NOTIFY_ON_BROKEN_BUILDS value: "true" - name: GITLAB_NOTIFY_PUSHER value: "false" - name: GITLAB_BACKUP_SCHEDULE value: daily - name: GITLAB_BACKUP_TIME value: 01:00 - name: DB_TYPE value: postgres - name: DB_HOST value: postgresql - name: DB_PORT value: "5432" - name: DB_USER value: gitlab - name: DB_PASS value: git數據庫密碼 - name: DB_NAME value: gitlab_production - name: REDIS_HOST value: redis - name: REDIS_PORT value: "6379" ports: - name: http containerPort: 80 - name: ssh containerPort: 22 volumeMounts: - mountPath: /home/git/data name: data livenessProbe: httpGet: path: / port: 80 initialDelaySeconds: 180 timeoutSeconds: 5 readinessProbe: httpGet: path: / port: 80 initialDelaySeconds: 5 timeoutSeconds: 1 volumes: - name: data persistentVolumeClaim: claimName: gitlab-gitlab-pvc --- apiVersion: v1 kind: Service metadata: name: gitlab namespace: kube-ops labels: name: gitlab spec: ports: - name: http port: 80 targetPort: http - name: ssh port: 22 targetPort: ssh nodePort: 30022 注意添加映射端口 type: NodePort 注意端口類型是nodeport selector: name: gitlab --- apiVersion: extensions/v1beta1 kind: Ingress metadata: annotations: nginx.ingress.kubernetes.io/proxy-body-size: "1024m" git界面需要上傳下載文件,默認不夠,改大點 nginx.ingress.kubernetes.io/proxy-read-timeout: "600" nginx.ingress.kubernetes.io/proxy-send-timeout: "600" name: gitlab namespace: kube-ops annotations: kubernetes.io/ingress.class: "nginx" spec: rules: - host: gitlab.vonedao.com http: paths: - backend: serviceName: gitlab servicePort: http
啟動
#kubectl create -f gitlab-gitlab-pv.yaml
#kubectl create -f gitlab-gitlab.yaml
4. gitlab注冊和客戶端ssh方式克隆倉庫
域名是gitlab.vonedao.com。由於是內網練習。需要在本地hosts添加ingress宿主機的ip。
root登錄使用:root ,以及yaml文件中設置的密碼。
注冊賬戶:
添加ssh key:
在git客戶端執行(我是在linux服務器上):
# ssh-keygen -t ed25519 -C "jiao.zou@vonechain.com" 一直回車
# cd ~/.ssh/
# cat id_ed25519.pub
將這一段復制粘貼后保存:
創建項目:
在git客戶端克隆,注意端口號。不需要輸入密碼:
#git clone ssh://git@gitlab.vonedao.com:30022/zoujiaojiao/it.git
