Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录

1,基本概念

  • 使用k8s安装gitlab-ce,采用GlusterFS实现持久化(注意PG使用的是NFS存储,使用动态存储重启postgresql的pod后无法成功启动pg,待解决),并集成了openLDAP。
  • 注意:使用的gitlab是独立于k8s集群之外的。

2,安装部署

  • 最一开始使用的是helm安装gitlab,网上的文档应该全部都是使用的这个chart:https://github.com/helm/charts/tree/master/stable/gitlab-ce
  • 但是这个chart已经被弃用,并推荐我们使用官方的chart

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第1张图片

  • 官方chart:https://docs.gitlab.com/ee/install/kubernetes/gitlab_chart.html
  • 使用官方chart部署完成以后,发现启动的容器太多,就放弃了这个方式,使用yaml文件部署。

2.1 下载yaml文件

git clone https://github.com/xiaoqshuo/k8s-cluster.git

2.2 修改对应的配置

  • 主要修改每个rc的namespace,使用的持久化存储方式(当前yaml使用的GFS动态存储,pg使用的是NFS,按需修改)
  • 修改gitlab-rc.yml里面的env,对应的LDAP信息和SMTP信息等
  • 修改traefik的域名
  • 创建gitlab
[root@k8s-master01 k8s-cluster]# kubectl apply -f gitlab/
persistentvolumeclaim/gitlab-gitlab created
replicationcontroller/gitlab-ldap created
service/gitlab-balancer created
service/gitlab created
persistentvolume/gitlab-pg-data created
replicationcontroller/postgresql created
persistentvolumeclaim/gitlab-pg created
service/postgresql created
replicationcontroller/redis created
persistentvolumeclaim/gitlab-redis created
service/redis created
ingress.extensions/gitlab created
# kubectl get pod,svc,pvc  -n public-service  | egrep 'gitlab|postgresql|redis'
pod/gitlab-ldap-z5p65              1/1     Running   0          16h

pod/postgresql-lxdbl               1/1     Running   0          16h
pod/redis-8mt9r                    1/1     Running   0          16h
service/gitlab                            ClusterIP   10.254.130.93            80/TCP,22/TCP               16h
service/gitlab-balancer                   NodePort    10.254.155.236           80:31830/TCP,22:30405/TCP   16h
service/glusterfs-dynamic-gitlab-gitlab   ClusterIP   10.254.73.71             1/TCP                       16h
service/glusterfs-dynamic-gitlab-redis    ClusterIP   10.254.87.158            1/TCP                       16h
service/postgresql                        ClusterIP   10.254.252.83            5432/TCP                    16h

service/redis                             ClusterIP   10.254.247.70            6379/TCP                    16h
persistentvolumeclaim/gitlab-gitlab   Bound    pvc-606b72bf-22e5-11e9-8948-000c2911f5ac   5Gi        RWX            gluster-heketi   16h
persistentvolumeclaim/gitlab-pg       Bound    gitlab-pg-data                             5Gi        RWX            gitlab-pg-data   16h
persistentvolumeclaim/gitlab-redis    Bound    pvc-61aa2884-22e5-11e9-8948-000c2911f5ac   3Gi        RWX            gluster-heketi   16h

3,配置 GitLab

3.1 登录

  • 默认账号密码:root/gitlab123

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第2张图片

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第3张图片

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第4张图片

3.2 ldap 登录

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第5张图片

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第6张图片

4,创建项目

4.1 首先创建一个群组

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第7张图片

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第8张图片

4.2 创建项目

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第9张图片

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第10张图片

4.3 添加用户权限

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第11张图片

  • 登录至该用户可查看到此项目

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第12张图片

4.4 添加SSH Key

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第13张图片

  • 如果没有Key需要使用ssh-keygen -t rsa -C "[email protected]"生成对应的Key。

4.5 拉取项目

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第14张图片

4.5.1 README

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第15张图片

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第16张图片

4.5.2 创建分支

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第17张图片

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第18张图片

4.5.3 拉代码
  • 克隆代码,注意此时需要更改git的地址,因为ssh端口并非22,可以通过service查看nodeport的端口
[root@k8s-master01 test]# kubectl get svc -n public-service | grep gitlab
NAME                              TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                     AGE
service/gitlab                            ClusterIP   10.254.130.93            80/TCP,22/TCP               16h
service/gitlab-balancer                   NodePort    10.254.155.236           80:31830/TCP,22:30405/TCP   16h
service/glusterfs-dynamic-gitlab-gitlab   ClusterIP   10.254.73.71             1/TCP                       16h
service/glusterfs-dynamic-gitlab-redis    ClusterIP   10.254.87.158            1/TCP                       16h
[root@k8s-master01 test]# git clone ssh://[email protected]:30405/platform/app1.git
Cloning into 'app1'...
The authenticity of host '[gitlab.k8s.net]:30405 ([192.168.2.100]:30405)' can't be established.
ECDSA key fingerprint is SHA256:G/NvmIH4x3QF94+PznkRDudBWxls/vgZjSsD81Nm5nk.
ECDSA key fingerprint is MD5:72:90:da:12:73:a6:fb:38:e8:08:6c:6c:e2:26:a9:ec.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[gitlab.k8s.net]:30405,[192.168.2.100]:30405' (ECDSA) to the list of known hosts.
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done.
[root@k8s-master01 test]# ls
app1
[root@k8s-master01 test]# cd app1/
[root@k8s-master01 app1]# ls
README.md
[root@k8s-master01 app1]# git branch -a
* master
  remotes/origin/HEAD -> origin/master
  remotes/origin/app1-develop
  remotes/origin/master
[root@k8s-master01 app1]# git checkout app1-develop
Branch app1-develop set up to track remote branch app1-develop from origin.
Switched to a new branch 'app1-develop'
[root@k8s-master01 app1]# git status
# On branch app1-develop
nothing to commit, working directory clean
[root@k8s-master01 app1]# ls
README.md
[root@k8s-master01 app1]# echo 'test file' > test.txt
[root@k8s-master01 app1]# ls
README.md  test.txt
[root@k8s-master01 app1]# git add .
[root@k8s-master01 app1]# git commit -m "test.txt"
[app1-develop 7e65647] test.txt
 1 file changed, 1 insertion(+)
 create mode 100644 test.txt
[root@k8s-master01 app1]# git push origin
warning: push.default is unset; its implicit value is changing in
Git 2.0 from 'matching' to 'simple'. To squelch this message
and maintain the current behavior after the default changes, use:

  git config --global push.default matching

To squelch this message and adopt the new behavior now, use:

  git config --global push.default simple

See 'git help config' and search for 'push.default' for further information.
(the 'simple' mode was introduced in Git 1.7.11. Use the similar mode
'current' instead of 'simple' if you sometimes use older versions of Git)

Counting objects: 4, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 276 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote:
remote: To create a merge request for app1-develop, visit:
remote:   http://gitlab.k8s.net/platform/app1/merge_requests/new?merge_request%5Bsource_branch%5D=app1-develop
remote:
To ssh://[email protected]:30405/platform/app1.git
   48d23d4..7e65647  app1-develop -> app1-develop
  • 查看文件

Kubernetes - - k8s - v1.12.3 持久化部署 GitLab 集成 OpenLDAP 登录_第19张图片

  • 参考:
    • https://www.cnblogs.com/dukuan/p/10036489.html
    • https://github.com/osixia/docker-gitlab
    • https://github.com/sameersbn/docker-gitlab
    • https://blog.csdn.net/agecntao/article/details/82557904

转载于:https://www.cnblogs.com/xiaoqshuo/p/10148871.html

你可能感兴趣的:(git,运维,网络)