kubernetes实战(十四):k8s持久化部署gitlab集成openLDAP登录

1、基本概念

  使用k8s安装gitlab-ce,采用GlusterFS实现持久化,并集成了openLDAP。

  注意:我公司使用的gitlab是独立于k8s集群之外的。

 

2、安装部署

  最一开始使用的是helm安装gitlab,网上的文档应该全部都是使用的这个chart:https://github.com/helm/charts/tree/master/stable/gitlab-ce

  但是这个chart已经被弃用,并推荐我们使用官方的chart

  官方chart:https://docs.gitlab.com/ee/install/kubernetes/gitlab_chart.html

  我在使用官方chart部署完成以后,发现启动的容器太多,就放弃了这个方式,使用yaml文件部署。

  下载yaml文件:

git clone https://github.com/dotbalo/k8s.git
[root@k8s-master01 gitlab]# pwd
/root/k8s/gitlab
[root@k8s-master01 gitlab]# ls
gitlab-rc.yml  gitlab-svc.yml  postgresql-rc.yml  postgresql-svc.yml  redis-rc.yml  redis-svc.yml
...

  修改对应的配置:

  主要修改每个rc的namespace,使用的持久化存储方式(当前yaml使用的GFS动态存储)

  修改gitlab-rc.yml里面的env,对应的LDAP信息和SMTP信息等

  修改traefik的域名

  创建gitlab

[root@k8s-master01 gitlab]# kubectl apply -f .
[root@k8s-master01 gitlab]# kubectl get po,svc,pvc -n public-service
NAME                   READY     STATUS    RESTARTS   AGE
pod/gitlab-cctr6       1/1       Running   2          37m
pod/postgresql-c6trh   1/1       Running   1          37m
pod/redis-b6vfk        1/1       Running   0          3h

NAME                                      TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                     AGE
service/gitlab                            ClusterIP   10.109.163.143   <none>        80/TCP,22/TCP               24m
service/gitlab-balancer                   NodePort    10.108.77.162    <none>        80:30049/TCP,22:30347/TCP   14m
service/glusterfs-dynamic-gitlab-gitlab   ClusterIP   10.102.192.68    <none>        1/TCP                       59m
service/glusterfs-dynamic-gitlab-pg       ClusterIP   10.96.14.147     <none>        1/TCP                       37m
service/glusterfs-dynamic-gitlab-redis    ClusterIP   10.106.253.41    <none>        1/TCP                       1h
service/postgresql                        ClusterIP   10.104.102.20    <none>        5432/TCP                    3h
service/redis                             ClusterIP   10.97.174.50     <none>        6379/TCP                    3h

NAME                                  STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS     AGE
persistentvolumeclaim/gitlab-gitlab   Bound     pvc-b8249829-f6bf-11e8-9640-000c298bf023   5Gi        RWX            gluster-heketi   59m
persistentvolumeclaim/gitlab-pg       Bound     pvc-b40b6227-f6c2-11e8-9640-000c298bf023   5Gi        RWX            gluster-heketi   37m
persistentvolumeclaim/gitlab-redis    Bound     pvc-28d0276d-f6af-11e8-8d2c-000c293bfe27   3Gi        RWX            gluster-heketi   2h

  等待全部pods启动成功后,访问gitlab,报错解决

 

3、访问

  默认账号密码:root/gitlab

  语言更改,注意:此时翻译是实验性的,更改后需要重新登录

   使用LDAP登录,均使用邮箱登录

 

 

  参考文档:https://github.com/sameersbn/docker-gitlab

 

4、创建项目

  我公司一个项目下有很多子项目,所以首先创建一个群组:

  创建项目

  添加README

 

  添加用户权限

  登录至该用户可查看到此项目

  添加SSH Key

  如果没有Key需要使用ssh-keygen -t rsa -C "your@email.com"生成对应的Key。

 5、拉取项目

 

   创建分支

 

   克隆代码,注意此时需要更改git的地址,因为ssh端口并非22,可以通过service查看nodeport的端口

λ git clone ssh://git@gitlab.xxx.net:32455/platform/app1.git
Cloning into 'app1'...
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done.
Checking connectivity... done.

D:\code
λ cd app1\

D:\code\app1 (master)
λ git branch -a
* master
  remotes/origin/HEAD -> origin/master
  remotes/origin/app1-develop
  remotes/origin/master

D:\code\app1 (master)
λ git checkout app1-develop
Branch app1-develop set up to track remote branch app1-develop from origin.
Switched to a new branch 'app1-develop'

D:\code\app1 (app1-develop)
λ touch.exe testfile

D:\code\app1 (app1-develop)
λ git add .

D:\code\app1 (app1-develop)
λ git commit -am "create a test file"
[app1-develop 9050e35] create a test file
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 testfile

D:\code\app1 (app1-develop)
λ git push origin app1-develop
Counting objects: 3, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 278 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote:
remote: To create a merge request for app1-develop, visit:
remote:   http://gitlab.xxx.net/platform/app1/merge_requests/new?merge_request%5Bsource_branch%5D=app1-develop remote:
To ssh://git@gitlab.xxx.net:32455/platform/app1.git
   0a63d86..9050e35  app1-develop -> app1-develop

  查看文件

  协同开发,同样方式将其他用户加入此项目

  克隆代码,并修改文件

[root@k8s-node02 ~]# git clone ssh://git@gitlab.xxx.net:32455/platform/app1.git
Cloning into 'app1'...
The authenticity of host '[gitlab.xxx.net]:32455 ([192.168.20.10]:32455)' can't be established.
ECDSA key fingerprint is SHA256:l6BYlMWpAWyXx/f5oTG8lK4JQvG9C2ZZ9opqdQZfIuc.
ECDSA key fingerprint is MD5:5b:b4:04:68:26:53:2e:ba:fe:f8:99:6c:8f:d3:fa:51.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[gitlab.xxx.net]:32455,[192.168.20.10]:32455' (ECDSA) to the list of known hosts.
remote: Enumerating objects: 6, done.
remote: Counting objects: 100% (6/6), done.
remote: Compressing objects: 100% (3/3), done.
remote: Total 6 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (6/6), done.
[root@k8s-node02 ~]# cd app1/
[root@k8s-node02 app1]# ls
README.md
[root@k8s-node02 app1]# git branch -a
* master
  remotes/origin/HEAD -> origin/master
  remotes/origin/app1-develop
  remotes/origin/master
[root@k8s-node02 app1]# git checkout app1-develop
Branch app1-develop set up to track remote branch app1-develop from origin.
Switched to a new branch 'app1-develop'
[root@k8s-node02 app1]# ls
README.md  testfile
[root@k8s-node02 app1]# echo "add something" >> testfile 
[root@k8s-node02 app1]# git add .
[root@k8s-node02 app1]# git commit -am "add someting to testfile"
[app1-develop 69d693c] add someting to testfile
 1 file changed, 1 insertion(+)
[root@k8s-node02 app1]# git push origin app1-develop
Counting objects: 5, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 305 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote: 
remote: To create a merge request for app1-develop, visit:
remote:   http://gitlab.xxx.net/platform/app1/merge_requests/new?merge_request%5Bsource_branch%5D=app1-develop
remote: 
To ssh://git@gitlab.xxx.net:32455/platform/app1.git
   9050e35..69d693c  app1-develop -> app1-develop

 

 

展开阅读全文

没有更多推荐了,返回首页