DevOps平臺GitLab發布了主要版本更新GitLab 15.0,該開發團隊在該平臺持續加入更多的DevOps功能,強化了可觀察性和持續安全性功能,協助用戶程式碼開發和協作,並且安全地交付軟體。
佈署gitlab-postgresql
# Service kind: Service apiVersion: v1 metadata: name: gitlab-postgresql labels: name: gitlab-postgresql spec: ports: - name: postgres protocol: TCP port: 5432 targetPort: postgres selector: name: postgresql type: ClusterIP --- # PVC apiVersion: v1 kind: PersistentVolumeClaim metadata: name: gitlab-postgresql-pv-claim labels: app: gitlab-postgresql spec: storageClassName: standard accessModes: - ReadWriteOnce resources: requests: storage: 50Gi --- # Deployment kind: Deployment apiVersion: apps/v1 metadata: name: gitlab-postgresql labels: name: gitlab-postgresql spec: replicas: 1 selector: matchLabels: name: postgresql template: metadata: name: postgresql labels: name: postgresql spec: containers: - name: gitlab-postgresql image: sameersbn/postgresql:12-20200524 ports: - name: postgres containerPort: 5432 env: - name: DB_USER value: gitlab - name: DB_PASS value: admin@1234 - name: DB_NAME value: gitlab_production - name: DB_EXTENSION value: 'pg_trgm,btree_gist' livenessProbe: exec: command: ["pg_isready","-h","localhost","-U","postgres"] initialDelaySeconds: 30 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: exec: command: ["pg_isready","-h","localhost","-U","postgres"] initialDelaySeconds: 5 timeoutSeconds: 1 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 volumeMounts: - name: gitlab-postgresql-persistent-storage mountPath: /var/lib/postgresql # 持久化存储配置 volumes: - name: gitlab-postgresql-persistent-storage persistentVolumeClaim: claimName: gitlab-postgresql-pv-claim
佈署gitlab-redis
# Service kind: Service apiVersion: v1 metadata: name: gitlab-redis labels: name: gitlab-redis spec: type: ClusterIP ports: - name: redis protocol: TCP port: 6379 targetPort: redis selector: name: gitlab-redis # PVC --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: gitlab-redis-pv-claim labels: app: gitlab spec: storageClassName: standard accessModes: - ReadWriteOnce resources: requests: storage: 5Gi --- # Deployment kind: Deployment apiVersion: apps/v1 metadata: name: gitlab-redis labels: name: gitlab-redis spec: replicas: 1 selector: matchLabels: name: gitlab-redis template: metadata: name: gitlab-redis labels: name: gitlab-redis spec: containers: - name: gitlab-redis image: 'redis:6.2' ports: - name: redis containerPort: 6379 protocol: TCP volumeMounts: - name: gitlab-redis-persistent-storage mountPath: /var/lib/redis livenessProbe: exec: command: - redis-cli - ping initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: exec: command: - redis-cli - ping initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 # 持久化存储配置 volumes: - name: gitlab-redis-persistent-storage persistentVolumeClaim: claimName: gitlab-redis-pv-claim
佈署Gitlab
# Service kind: Service apiVersion: v1 metadata: name: gitlab labels: name: gitlab spec: type: LoadBalancer ports: - name: http protocol: TCP port: 80 - name: ssh protocol: TCP port: 22 targetPort: ssh selector: name: gitlab --- # PVC apiVersion: v1 kind: PersistentVolumeClaim metadata: name: gitlab-pv-claim labels: app: gitlab spec: storageClassName: standard accessModes: - ReadWriteOnce resources: requests: storage: 50Gi --- # Deployment kind: Deployment apiVersion: apps/v1 metadata: name: gitlab labels: name: gitlab spec: replicas: 1 selector: matchLabels: name: gitlab template: metadata: name: gitlab labels: name: gitlab spec: containers: - name: gitlab image: 'gitlab/gitlab-ee:latest' ports: - name: ssh containerPort: 22 - name: http containerPort: 80 - name: https containerPort: 443 env: - name: TZ value: Asia/Shanghai - name: GITLAB_TIMEZONE value: Beijing - name: GITLAB_SECRETS_DB_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_SECRETS_SECRET_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_SECRETS_OTP_KEY_BASE value: long-and-random-alpha-numeric-string - name: GITLAB_ROOT_PASSWORD value: admin@1234 - name: GITLAB_ROOT_EMAIL value: [email protected] - name: GITLAB_HOST value: 'gitlab.yourdomain.com' - name: GITLAB_PORT value: '80' - name: GITLAB_SSH_PORT value: '22' - name: GITLAB_NOTIFY_ON_BROKEN_BUILDS value: 'true' - name: GITLAB_NOTIFY_PUSHER value: 'false' - name: DB_TYPE value: postgres - name: DB_HOST value: gitlab-postgresql - name: DB_PORT value: '5432' - name: DB_USER value: gitlab - name: DB_PASS value: admin@1234 - name: DB_NAME value: gitlab_production - name: REDIS_HOST value: gitlab-redis - name: REDIS_PORT value: '6379' livenessProbe: httpGet: path: / port: 80 scheme: HTTP initialDelaySeconds: 300 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: httpGet: path: / port: 80 scheme: HTTP initialDelaySeconds: 5 timeoutSeconds: 30 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 volumeMounts: - name: gitlab-persistent-storage mountPath: /home/git/data - name: localtime mountPath: /etc/localtime volumes: - name: gitlab-persistent-storage persistentVolumeClaim: claimName: gitlab-pv-claim - name: localtime hostPath: path: /etc/localtime
檢查是否正常
後台帳密 root / admin@1234
註冊Runner Menu -> Admin -> Runners
複製token
新增vaules.yaml 修改以下檔案的token、domain
imagePullPolicy: IfNotPresent gitlabUrl: "http://gitlab.yourdomain.com" runnerRegistrationToken: "YourToken" concurrent: 10 checkInterval: 30 logLevel: info rbac: create: true metrics: enabled: false runners: config: | [[runners]] [runners.kubernetes] namespace = "{{.Release.Namespace}}" image = "ubuntu:20.04" [[runners.kubernetes.volumes.host_path]] name = "docker" mount_path = "/var/run/docker.sock" host_path = "/var/run/docker.sock" privileged: "true" name: kubernetes-runner tags: "kubernetes,runner" securityContext: runAsUser: 100 # runAsGroup: 65533 fsGroup: 65533
執行以下安裝
kubectl create ns ji-k8s-runner
helm repo add gitlab https://charts.gitlab.io
helm repo list
helm install --namespace ji-k8s-runner ji-gitlab-runner -f values.yaml gitlab/gitlab-runner
註冊成功會顯示如下