1.下載相應文件
# mkdir gitlab && cd gitlab
# vim url.txt
https://raw.githubusercontent.com/zhijiansd/ansible-k8s/master/addons/gitlab/gitlab-ns.yaml
https://raw.githubusercontent.com/zhijiansd/ansible-k8s/master/addons/gitlab/redis-svc.yaml
https://raw.githubusercontent.com/zhijiansd/ansible-k8s/master/addons/gitlab/redis-rc.yaml
https://raw.githubusercontent.com/zhijiansd/ansible-k8s/master/addons/gitlab/postgresql-svc.yaml
https://raw.githubusercontent.com/zhijiansd/ansible-k8s/master/addons/gitlab/postgresql-rc.yaml
https://raw.githubusercontent.com/zhijiansd/ansible-k8s/master/addons/gitlab/gitlab.rb
https://raw.githubusercontent.com/zhijiansd/ansible-k8s/master/addons/gitlab/gitlab-svc.yaml
https://raw.githubusercontent.com/zhijiansd/ansible-k8s/master/addons/gitlab/gitlab-rc.yaml
# vim download.sh
#!/bin/bash
if command -v wget >/dev/null 2>&1
then
echo 'Exists wget'
else
echo "Wget command not installed"
yum -y install wget
fi
file=/root/gitlab/url.txt
Num=`awk 'END{print NR}' $file`
echo Total: $Num URLs
cat $file | while read line
do
wget -c -i $file
done
2.部署 Namepace
# kubectl create -f gitlab-ns.yaml
3.部署 Redis
# kubectl create -f redis-svc.yaml
# kubectl create -f redis-rc.yaml
4.部署 PostgreSQL
# kubectl create -f postgresql-svc.yaml
# kubectl create -f postgresql-rc.yaml
5.部署 GitLab
A.創建 ConfigMap
# vim gitlab.rb
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = "[email protected]"
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "[email protected]"
gitlab_rails['smtp_password'] = "**********"
gitlab_rails['smtp_domain'] = "zhi.io"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_openssl_verify_mode'] = "peer"
gitlab_rails['smtp_tls'] = true
prometheus['monitor_kubernetes'] = true
prometheus['listen_address'] = '0.0.0.0:9090'
node_exporter['enable'] = true
redis_exporter['enable'] = true
postgres_exporter['enable'] = true
gitlab_monitor['enable'] = true
注:如上gitlab.rb配置上半部分實現發送郵件功能,下半部分配置了prometheus採集相關信息。
gitlab_rails['smtp_password']配置的是郵箱授權碼,不是郵箱密碼,開啓SMTP後,163郵箱會讓你自己配置授權碼,而QQ郵箱是自動生成的授權碼,謹記。
# kubectl -n gitlab create configmap gitlab-rb --from-file=gitlab.rb
# kubectl -n gitlab describe configmap gitlab-rb
Name: gitlab-rb
Namespace: gitlab
Labels: <none>
Annotations: <none>
Data
====
gitlab.rb:
----
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = "[email protected]"
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "[email protected]"
gitlab_rails['smtp_password'] = "**********"
gitlab_rails['smtp_domain'] = "zhi.io"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_openssl_verify_mode'] = "peer"
gitlab_rails['smtp_tls'] = true
prometheus['monitor_kubernetes'] = true
prometheus['listen_address'] = '0.0.0.0:9090'
node_exporter['enable'] = true
redis_exporter['enable'] = true
postgres_exporter['enable'] = true
gitlab_monitor['enable'] = true
Events: <none>
B.部署 Gitlab
# kubectl create -f gitlab-svc.yaml
# kubectl create -f gitlab-rc.yaml
關於gitlab-rc.yaml配置的幾點註釋:
-
GITLAB_SECRETS_OTP_KEY_BASE 用於加密數據庫中的2FA祕密。如果您丟失或輪換此密碼,則您的所有用戶都無法使用2FA登錄。
-
GITLAB_SECRETS_DB_KEY_BASE 用於加密數據庫中的CI密鑰變量以及導入憑證。如果丟失或輪換此祕密,您將無法使用現有的CI祕密。
-
GITLAB_SECRETS_SECRET_KEY_BASE 用於密碼重置鏈接和其他“標準”身份驗證功能。如果丟失或輪換此密碼,電子郵件中的密碼重置令牌將重置。
注:可以使用pwgen -Bsv1 64命令生成隨機字符串並將其指定爲如上值。
-
GITLAB_ROOT_PASSWORD配置GitLab的root密碼。
-
GITLAB_ROOT_EMAIL配置GitLab的root用戶的Email。
-
重要:由於加上探針,pod無法啓動,這裏我去掉了探針,很鬱悶。
C.查看 Pod 和 Services
# kubectl -n gitlab get pod
NAME READY STATUS RESTARTS AGE
gitlab-jmwbr 1/1 Running 0 1h
postgresql-k9p4s 1/1 Running 0 1h
redis-rxlqc 1/1 Running 0 1h
# kubectl -n gitlab get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
gitlab LoadBalancer 10.244.85.204 <pending> 80:41008/TCP,22:30270/TCP,9090:34210/TCP 1h
postgresql ClusterIP 10.244.130.245 <none> 5432/TCP 1h
redis ClusterIP 10.244.158.130 <none> 6379/TCP 1h
注:gitlab下載鏡像和初始化較久,畢竟鏡像就1個多G,所以請耐心等待幾分鐘,之後使用NodeIP:41008即可進入GitLab的web界面,使用nodeIP:34210即可進入Prometheus界面。
6.這裏我配置了traefik,且使用了Google Chrome的自動翻譯功能,實際gitlab並沒有中文版
這裏輸入如上配置的root帳號[email protected]和密碼wangzhijian即可登錄root用戶。
如下創建一個新用戶
普通用戶界面如下
測試忘記密碼功能
登錄郵箱查看是否收到
點擊“Reset password”,但是由於環境關係並不能跳轉訪問,如下:
http://gitlab-qgb77/users/password/edit?reset_password_token=HzupUf56ymL2gs12ApPf
這裏將gitlab-qgb77更改爲環境中的地址即可:
這時候就可以更改密碼了,更改完成後系統會發送郵件提示密碼已成功更改。
現在就可以創建項目了。
附註:
https://github.com/sameersbn/docker-gitlab
https://github.com/zhijiansd/ansible-k8s/tree/master/addons/gitlab