gitlab集成k8s集群 k8s部署gitlab

一、概述

k8s环境部署gitlab用到reids、postgresql、ebs存储等

二、存储安装（ebs）

1.安装ebs

kubectl apply -f https://openebs.github.io/charts/openebs-operator.yaml

2.查看ebs集群服务

kubectl get sc

3.设置ebs为默认(设置openobs-hostpath为default)

kubectl patch storageclass openebs-hostpath -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

4.使用ebs

在配置持久化时可根据安装的持久化工具将storageClassName参数的值填充:
先查看sc的名称

kubectl get sc

然后将其名称作为storageClassName参数对应的值
如ebs名称为openebs-hostpath
则在pvc中配置参数为（后续的yaml的引用）
storageClassName: openebs-hostpath

二、基数参数配置

1.创建命名空间

kubectl create namespace gitlab-dev

 2.账号密码（gitlab账号密码，后续测试没啥用）

echo -n "gitlab-admin" > ./username
echo -n "gitlab.123" > ./password

#secret对象生成
kubectl create secret generic git-user-pass --from-file=./username --from-file=./password -n gitlab-dev

#查看secret
kubectl -n gitlab-dev get secret git-user-pass -o yaml

#如果创建错误或者想重新创建secret，则需先删除
kubectl delete secret git-user-pass -n gitlab-dev

三、应用环境配置

1.创建工作文件夹（存储yaml文件）

mkdir -p gitlab-yaml

四、应用部署

1.Postgresql部署

参数：
pgs：Postgresql
dplm：Deployment
pvc：PersistentVolumeClaim
svc：Service

1.1 持久化配置文件创建（pgs-pvc.yaml）

# vim ./gitlab-yaml/pgs-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pgs-pvc
  namespace: gitlab-dev
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: openebs-hostpath
  resources:
    requests:
      storage: 1Gi

#部署
# kubectl apply -f ./gitlab-yaml/pgs-pvc.yaml

#查看创建的服务
# kubectl get pvc -n gitlab-dev pgs-pvc
NAME      STATUS    VOLUME   CAPACITY   ACCESS MODES   STORAGECLASS       AGE
pgs-pvc   Pending                                      openebs-hostpath   30s

1.2 部署配置

# vim ./gitlab-yaml/pgs-dplm.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgresql
  namespace: gitlab-dev
  labels:
    name: postgresql
spec:
  replicas: 1
  selector:
    matchLabels:
      name: postgresql
  template:
    metadata:
      name: postgresql
      labels:
        name: postgresql
    spec:
      #nodeSelector:
        #key: gitlab-dev
      containers:
        - name: postgresql
          image: sameersbn/postgresql
          imagePullPolicy: IfNotPresent
          env:
            - name: DB_USER
              value: gitlab
            - name: DB_PASS
              value: passw0rd
            - name: DB_NAME
              value: gitlab_production
            - name: DB_EXTENSION
              value: pg_trgm
          ports:
            - name: postgres
              containerPort: 5432
          volumeMounts:
            - mountPath: /var/lib/postgresql
              name: data
          livenessProbe:
            exec:
              command:
                - pg_isready
                - -h
                - localhost
                - -U
                - postgres
            initialDelaySeconds: 30
            timeoutSeconds: 5
          readinessProbe:
            exec:
              command:
                - pg_isready
                - -h
                - localhost
                - -U
                - postgres
            initialDelaySeconds: 5
            timeoutSeconds: 1
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: pgs-pvc

#注：nodeSelector的key的值就是namespace，最后的claimName的值是持久化配置文件的名称pgs-pvc


#部署服务
# kubectl apply -f ./gitlab-yaml/pgs-dplm.yaml

#查看服务
# kubectl get pod -n gitlab-dev
NAME                          READY   STATUS    RESTARTS   AGE
postgresql-6d65fd878d-jdxt6   0/1     Running   0          6s

1.3 服务配置

# vim ./gitlab-yaml/pgs-svc.yaml

apiVersion: v1
kind: Service
metadata:
  name: postgresql
  namespace: gitlab-dev
  labels:
    name: postgresql
spec:
  ports:
    - name: postgres
      port: 5432
      targetPort: postgres
  selector:
    name: postgresql

#部署命令
# kubectl apply -f ./gitlab-yaml/pgs-svc.yaml


#查看服务
# kubectl get svc -n gitlab-dev
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
postgresql   ClusterIP   10.102.31.150   <none>        5432/TCP   8s

2.Redis部署

#持久化配置
# vim ./gitlab-yaml/redis-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: redis-pvc
  namespace: gitlab-dev
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: openebs-hostpath
  resources:
    requests:
      storage: 1Gi

#部署命令
# kubectl apply -f ./gitlab-yaml/redis-pvc.yaml
persistentvolumeclaim/redis-pvc created

#查看服务
# kubectl get pvc -n gitlab-dev redis-pvc
NAME        STATUS    VOLUME   CAPACITY   ACCESS MODES   STORAGECLASS       AGE
redis-pvc   Pending                                      openebs-hostpath   26s

#部署配置
# vim ./gitlab-yaml/redis-dplm.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: redis
  namespace: gitlab-dev
  labels:
    name: redis
spec:
  replicas: 2
  selector:
    matchLabels:
      name: redis
  template:
    metadata:
      name: redis
      labels:
        name: redis
    spec:
      #nodeSelector:
        #key: gitlab-dev
      containers:
        - name: redis
          image: sameersbn/redis
          imagePullPolicy: IfNotPresent
          ports:
            - name: redis
              containerPort: 6379
          volumeMounts:
            - mountPath: /var/lib/redis
              name: data
          livenessProbe:
            exec:
              command:
                - redis-cli
                - ping
            initialDelaySeconds: 30
            timeoutSeconds: 5
          readinessProbe:
            exec:
              command:
                - redis-cli
                - ping
            initialDelaySeconds: 5
            timeoutSeconds: 1
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: redis-pvc


#部署命令
# kubectl apply -f ./gitlab-yaml/redis-dplm.yaml
deployment.apps/redis created

#服务配置
# vim ./gitlab-yaml/redis-svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: redis-svc
  namespace: gitlab-dev
  labels:
    name: redis-svc
spec:
  ports:
    - name: redis
      port: 6379
      targetPort: redis
  selector:
    name: redis

#部署命令
# kubectl apply -f ./gitlab-yaml/redis-svc.yaml
service/redis-svc created

#查看服务
# kubectl get svc -n gitlab-dev redis-svc
NAME        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
redis-svc   ClusterIP   10.103.72.243   <none>        6379/TCP   15s

3.GitLab部署

#持久化配置
# vim ./gitlab-yaml/gitlab-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitlab-pvc
  namespace: gitlab-dev
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: openebs-hostpath
  resources:
    requests:
      storage: 5Gi

#部署命令
# kubectl apply -f ./gitlab-yaml/gitlab-pvc.yaml
persistentvolumeclaim/gitlab-pvc created

#查看服务
# kubectl get pvc -n gitlab-dev gitlab-pvc
NAME         STATUS    VOLUME   CAPACITY   ACCESS MODES   STORAGECLASS       AGE
gitlab-pvc   Pending                                      openebs-hostpath   21s


可用版本（成功启动pod并成功访问）
gitlab-ce-14.0.0-ce.0
gitlab-ce-15.6.0-ce.0
不可用版本（不一定准确，只是自己跑了一遍未成功启动，也可能时间太久了懒得等，可自行尝试以辨真伪）
gitlab-ce-15.7.0-ce.0
gitlab-ce-15.8.0-ce.0
gitlab-ce-15.9.0-ce.0
gitlab-ce-16.0.0-ce.0
gitlab-ce-16.1.6-ce.0
gitlab-ce-16.2.0-ce.0
gitlab-ce-16.3.0-ce.0
gitlab-ce-16.4.0-ce.0
gitlab-ce-16.5.0-ce.0
gitlab-ce-16.6.0-ce.0
gitlab-ce-16.7.0-ce.0
gitlab-ce-16.8.0-ce.0

#部署配置
# vim ./gitlab-yaml/gitlab-dplm.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitlab
  namespace: gitlab-dev
  labels:
    name: gitlab
spec:
  replicas: 1
  selector:
    matchLabels:
      name: gitlab
  template:
    metadata:
      name: gitlab
      labels:
        name: gitlab
    spec:
      #nodeSelector:
        #key: gitlab-dev
      containers:
        - name: gitlab
          # image: sameersbn/gitlab:12.1.6
          image: gitlab/gitlab-ce:15.6.0-ce.0
          # command: ["/bin/bash","-ce","tail -f /dev/null"]
          imagePullPolicy: IfNotPresent
          env:
            - name: TZ
              value: Asia/Shanghai
            - name: GITLAB_TIMEZONE
              value: Beijing
            - name: GITLAB_SECRETS_DB_KEY_BASE
              value: long-and-random-alpha-numeric-string
            - name: GITLAB_SECRETS_SECRET_KEY_BASE
              value: long-and-random-alpha-numeric-string
            - name: GITLAB_SECRETS_OTP_KEY_BASE
              value: long-and-random-alpha-numeric-string
            - name: GITLAB_ROOT_PASSWORD
              #value: admin321
              valueFrom:
                secretKeyRef:
                  name: git-user-pass
                  key: password
            - name: GITLAB_ROOT_EMAIL
              value: hslb@163.com
            - name: GITLAB_HOST
              value: gitlab.hslb.com
            - name: GITLAB_PORT
              value: "30021"
            - name: GITLAB_SSH_PORT
              value: "30022"
            - name: GITLAB_NOTIFY_ON_BROKEN_BUILDS
              value: "true"
            - name: GITLAB_NOTIFY_PUSHER
              value: "false"
            - name: GITLAB_BACKUP_SCHEDULE
              value: daily
            - name: GITLAB_BACKUP_TIME
              value: 01:00
            - name: DB_TYPE
              value: postgres
            - name: DB_HOST
              value: postgresql
            - name: DB_PORT
              value: "5432"
            - name: DB_USER
              value: gitlab
            - name: DB_PASS
              value: passw0rd
            - name: DB_NAME
              value: gitlab_production
            - name: REDIS_HOST
              value: redis
            - name: REDIS_PORT
              value: "6379"
          ports:
            - name: http
              containerPort: 80
            - name: ssh
              containerPort: 22
          volumeMounts:
            - mountPath: /home/git/data
              name: data
          livenessProbe:
            httpGet:
              path: /
              port: 80
            initialDelaySeconds: 180
            timeoutSeconds: 5
          readinessProbe:
            httpGet:
              path: /
              port: 80
            initialDelaySeconds: 180
            timeoutSeconds: 5
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: gitlab-pvc

注释：
GITLAB_ROOT_PASSWORD 密码部分，可以直接将值设为密码，这里从第二章中设置的密码文件中读取
GITLAB_ROOT_EMAIL 邮箱部分，自定义即可
GITLAB_HOST 主机地址，可自定义


#部署命令
# kubectl apply -f ./gitlab-yaml/gitlab-dplm.yaml
deployment.apps/gitlab created


#查看服务
# kubectl get pod -n gitlab-dev
NAME                          READY   STATUS    RESTARTS   AGE
gitlab-b586794fb-jdvgx        0/1     Running   0          16s
postgresql-6d65fd878d-jdxt6   1/1     Running   0          7m34s
redis-65b6c756cb-b4xjq        1/1     Running   0          3m45s
redis-65b6c756cb-dqqd2        1/1     Running   0          3m45s


#服务配置
# vim ./gitlab-yaml/gitlab-svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: gitlab
  namespace: gitlab-dev
  labels:
    name: gitlab
spec:
  ports:
    - name: http
      port: 80
      targetPort: http
      nodePort: 30021
    - name: ssh
      port: 22
      targetPort: ssh
      nodePort: 30022
  selector:
    name: gitlab
  type: NodePort


#部署命令
# kubectl apply -f ./gitlab-yaml/gitlab-svc.yaml
service/gitlab created

#查看服务
# kubectl get svc -n gitlab-dev
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                     AGE
gitlab       NodePort    10.107.142.197   <none>        80:30021/TCP,22:30022/TCP   16s
postgresql   ClusterIP   10.102.31.150    <none>        5432/TCP                    7m21s
redis-svc    ClusterIP   10.103.72.243    <none>        6379/TCP                    3m59s

五、访问GitLab

1.获取端口（这里是30021）

# kubectl get svc -n gitlab-dev -o wide
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                     AGE     SELECTOR
gitlab       NodePort    10.107.142.197   <none>        80:30021/TCP,22:30022/TCP   75s     name=gitlab
postgresql   ClusterIP   10.102.31.150    <none>        5432/TCP                    8m20s   name=postgresql
redis-svc    ClusterIP   10.103.72.243    <none>        6379/TCP                    4m58s   name=redis

2.浏览器访问

http://192.168.20.17:30021/users/sign_in

账号密码

账号为root
密码为之前设置的gitlab.123
我之前设置的账号为gitlab-admin
使用这个账号登录不进去，必须换成root

3.修改地址参数

#获取gitlab的podname
# kubectl get pod -n gitlab-dev -o wide


#进入gitlab容器
# kubectl  exec -it gitlab-b586794fb-jdvgx bash -n gitlab-dev

#复制内容，ip为gitlab服务所在节点的ip 
external_url 'http://ip:30021'


#将内容添加到rb文件中 (是新增，不是修改)
# vi /etc/gitlab/gitlab.rb

external_url 'http://192.168.20.17:30021'

#重建pod
# kubectl get  pods -n gitlab-dev
NAME                          READY   STATUS    RESTARTS   AGE
gitlab-b586794fb-jdvgx        1/1     Running   0          10m
postgresql-6d65fd878d-jdxt6   1/1     Running   0          18m
redis-65b6c756cb-b4xjq        1/1     Running   0          14m
redis-65b6c756cb-dqqd2        1/1     Running   0          14m
[root@k8s-master jenkins]# kubectl  delete pod  gitlab-b586794fb-jdvgx -n gitlab-dev
pod "gitlab-b586794fb-jdvgx" deleted



#日志查看
 # kubectl logs  pod gitlab-b586794fb-fxxv2   -n gitlab-dev

 

附加：git（pull/push常用命令）

Command line instructions
You can also upload existing files from your computer using the instructions below.


Git global setup
git config --global user.name "Administrator"
git config --global user.email "hslb@163.com"

Create a new repository
git clone git@gitlab-69cb4d6cf9-2qhlk:root/k8s-gitlab-demo.git
cd k8s-gitlab-demo
git switch -c main
touch README.md
git add README.md
git commit -m "add README"
git push -u origin main

Push an existing folder
cd existing_folder
git init --initial-branch=main
git remote add origin git@gitlab-69cb4d6cf9-2qhlk:root/k8s-gitlab-demo.git
git add .
git commit -m "Initial commit"
git push -u origin main

Push an existing Git repository
cd existing_repo
git remote rename origin old-origin
git remote add origin git@gitlab-69cb4d6cf9-2qhlk:root/k8s-gitlab-demo.git
git push -u origin --all
git push -u origin --tags