Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP

1,基本概念

  • redmine集成openLDAP 实现统一认证

2,使用Helm安装redmine

2.1 下载代码

git clone https://github.com/xiaoqshuo/k8s-cluster.git

2.2 更改values.yaml相关配置,也可以通过--set设置

redmineUsername:可选,默认为user
redminePassword:可选
redmineEmail:[email protected] # 用于项目通知 
redmineLanguage: en
smtpHost: smtp.exmail.qq.com
smtpPort: 25
smtpUser: [email protected]
smtpPassword: password
smtpTls: false  # 默认为True
service:
  type: ClusterIP

# 邮箱为:腾讯企业邮箱
# 修改mariadb的storageClass: "gluster-heketi",使用gfs动态存储

2.3 创建pv

  • 注意:redmine的持久化使用的nfs

2.3.1 NFS(k8s-node01)

[root@k8s-node01 redmine-helm]# pwd
/nfs/redmine-helm

[root@k8s-node01 redmine-helm]# more /etc/exports
/nfs/es/ 192.168.2.0/24(rw,sync,no_subtree_check,no_root_squash)
/nfs/rmp-cluster/ 192.168.2.0/24(rw,sync,no_subtree_check,no_root_squash)
/nfs/redis-cluster/ 192.168.2.0/24(rw,sync,no_subtree_check,no_root_squash)
/nfs/redis-sentinel/ 192.168.2.0/24(rw,sync,no_subtree_check,no_root_squash)
/nfs/redmine-helm/ 192.168.2.0/24(rw,sync,no_subtree_check,no_root_squash)

[root@k8s-node01 redmine-helm]# exportfs -rv
exporting 192.168.2.0/24:/nfs/redmine-helm
exporting 192.168.2.0/24:/nfs/redis-sentinel
exporting 192.168.2.0/24:/nfs/redis-cluster
exporting 192.168.2.0/24:/nfs/rmp-cluster
exporting 192.168.2.0/24:/nfs/es

2.3.2 修改 redmine.pv

[root@k8s-master01 redmine-helm]# more redmine.pv
apiVersion: v1
kind: PersistentVolume
metadata:
  name: redmine-data
spec:
  capacity:
    storage: 4Gi
  accessModes:
    - ReadWriteOnce
  volumeMode: Filesystem
  persistentVolumeReclaimPolicy: Recycle
  storageClassName: "redmine-data"
  nfs:
    # real share directory
    path: /nfs/redmine-helm
    # nfs real ip
    server: 192.168.2.101
[root@k8s-master01 redmine-helm]# kubectl create -f redmine.pv
persistentvolume/redmine-data created

2.3.3 查看pv

[root@k8s-master01 redmine-helm]# kubectl get pv | grep redmine-data
redmine-data                               4Gi        RWO            Recycle          Available                                                                               redmine-data                       2m22s

2.4 安装redmine

helm install --name redmine .  --debug --namespace public-service
[root@k8s-master01 redmine-helm]# helm install --name redmine .  --debug --namespace public-service
[debug] Created tunnel using local port: '34106'

[debug] SERVER: "127.0.0.1:34106"

[debug] Original chart version: ""
[debug] CHART PATH: /opt/redmine-helm

NAME:   redmine
REVISION: 1
RELEASED: Tue Dec 18 17:24:21 2018
CHART: redmine-7.0.0
USER-SUPPLIED VALUES:

....
配置文档
....

LAST DEPLOYED: Tue Dec 18 17:24:21 2018
NAMESPACE: public-service
STATUS: DEPLOYED

RESOURCES:
==> v1/Secret
NAME             AGE
redmine-mariadb  2s
redmine-redmine  2s

==> v1/ConfigMap
redmine-mariadb        2s
redmine-mariadb-tests  2s

==> v1/PersistentVolumeClaim
redmine-redmine  2s

==> v1/Service
redmine-mariadb  2s
redmine-redmine  1s

==> v1beta1/Deployment
redmine-redmine  1s

==> v1beta1/StatefulSet
redmine-mariadb  1s


NOTES:
1. Get the Redmine URL:

  echo "Redmine URL: http://127.0.0.1:3000/"
  kubectl port-forward --namespace public-service svc/redmine-redmine 3000:3000

2. Login with the following credentials

  echo Username: user
  echo Password: $(kubectl get secret --namespace public-service redmine-redmine -o jsonpath="{.data.redmine-password}" | base64 --decode)

2.4.1 查看pods pv pvc

  • pod
[root@k8s-master01 redmine-helm]# kubectl get pod -n public-service | grep redmine
redmine-mariadb-0                  1/1     Running   0          16m
redmine-redmine-579bdb6749-4qjcg   1/1     Running   0          16m
  • pv
[root@k8s-master01 redmine-helm]# kubectl get pv -n public-service | grep redmine
pvc-b984ec62-02a6-11e9-87ec-000c2925b928   3Gi        RWO            Delete           Bound         public-service/data-redmine-mariadb-0                                     gluster-heketi                       2m59s
redmine-data                               4Gi        RWO            Recycle          Bound         public-service/redmine-redmine                                            redmine-data                       23m
  • pvc
[root@k8s-master01 redmine-helm]# kubectl get pvc -n public-service | grep redmine
data-redmine-mariadb-0                                     Bound    pvc-b984ec62-02a6-11e9-87ec-000c2925b928   3Gi        RWO            gluster-heketi                 3m50s
redmine-redmine                                            Bound    redmine-data                               4Gi        RWO            redmine-data                   3m52s

2.5 创建ingress,也可以直接在values.yaml指定

[root@k8s-master01 redmine-helm]# kubectl create -f traefik-redmine.yaml
ingress.extensions/redmine created
[root@k8s-master01 redmine-helm]# more traefik-redmine.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: redmine
  namespace: public-service
  annotations:
    kubernetes.io/ingress.class: traefik
spec:
  rules:
  - host: redmine.k8s.net
    http:
      paths:
      - backend:
          serviceName: redmine-redmine
          servicePort: 3000
[root@k8s-master01 redmine-helm]# kubectl get ingress -n public-service  | grep redmine
redmine   redmine.k8s.net             80      3m

2.6 查看密码

[root@k8s-master01 redmine-helm]# kubectl get secret --namespace public-service redmine-redmine -o jsonpath={.data.redmine-password} | base64 --decode
cdPAXfSp5L

3, 登录 配置 redmine

3.1 将 redmine.k8s.net 添加解析至集群

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第1张图片

3.2 登录 redmine

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第2张图片

3.3 语言配置

1306461-20181219090407673-1761839504.png

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第3张图片

3.4 密码修改

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第4张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第5张图片

3.5 LDAP配置

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第6张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第7张图片

  • 主机名及端口

1306461-20181219091249905-1842094534.png

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第8张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第9张图片

3.6 用户配置

  • 上述虽然勾选了即时生成用户,但是并未生成,所以需要创建与之对应的用户。注意:我采用的email认证,为了防止重名,如果使用用户名的话登录名属性填写uid。

3.6.1 创建一个项目:DevItem

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第10张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第11张图片

3.6.2 创建dev组

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第12张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第13张图片

3.6.3 创建对应用户

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第14张图片

  • 注意上述使用的mail认证方式,所以登录名为邮箱,如果采用uid则写cn的名字

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第15张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第16张图片

3.6.4 登录测试

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第17张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第18张图片

3.7 邮件测试

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第19张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第20张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第21张图片

Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 OpenLDAP_第22张图片

4,插件安装

  • 下载地址:http://www.redmineup.com/pages/plugins/agile
  • 将安装包解压并复制到redmine的插件目录,默认为/home/redmine/data/plugins

4.1 获取到redmine的pv地址的path

[root@k8s-master01 redmine-helm]# kubectl get pv | grep redmine
pvc-cf51d1c8-02ad-11e9-b0c8-000c2927a0d0   3Gi        RWO            Delete           Bound         public-service/data-redmine-mariadb-0                                     gluster-heketi                       16h
redmine-data                               4Gi        RWO            Recycle          Bound         public-service/redmine-redmine                                            redmine-data                       17h

[root@k8s-master01 redmine-helm]# kubectl describe pv redmine-data
Name:            redmine-data
Labels:          
Annotations:     pv.kubernetes.io/bound-by-controller: yes
Finalizers:      [kubernetes.io/pv-protection]
StorageClass:    redmine-data
Status:          Bound
Claim:           public-service/redmine-redmine
Reclaim Policy:  Recycle
Access Modes:    RWO
Capacity:        4Gi
Node Affinity:   
Message:
Source:
    Type:      NFS (an NFS mount that lasts the lifetime of a pod)
    Server:    192.168.2.101
    Path:      /nfs/redmine-helm
    ReadOnly:  false
Events:        

4.2 挂载该path至宿主机

[root@k8s-master01 redmine-helm]# mount -t nfs 192.168.2.101:/nfs/redmine-helm /mnt

4.3 下载压缩包并解压

[root@k8s-master01 redmine-helm]# cd /mnt/plugins/

[root@k8s-master01 plugins]# unzip redmine_agile-1_4_7-light.zip

[root@k8s-master01 plugins]# rm -f redmine_agile-1_4_7-light.zip

测试未成功

4.4 重启redmine即可,其他插件安装方式相同

# 删除 redmine release
[root@k8s-master01 redmine-helm]# helm delete redmine
release "redmine" deleted

[root@k8s-master01 redmine-helm]# helm del --purge redmine
release "redmine" deleted

# 重新创建 redmine
[root@k8s-master01 redmine-helm]# helm install --name redmine .  --debug --namespace public-service
  • 参考:
    • https://www.cnblogs.com/dukuan/p/10020266.html

转载于:https://www.cnblogs.com/xiaoqshuo/p/10141307.html

你可能感兴趣的:(git,ldap)