k8s部署gitlab

一、创建资源
1.1 pvc

cat > gitlab-pvc.yaml << EOF
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitlab-data-pvc
  namespace: cicd
spec:
  storageClassName: nfs-sc
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 50Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitlab-config-pvc
  namespace: cicd
spec:
  storageClassName: nfs-sc
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi
EOF

1.2 deployment

cat > gitlab-deployment.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitlab
  namespace: cicd
spec:
  selector:
    matchLabels:
      app: gitlab
  replicas: 1
  template:
    metadata:
      labels:
        app: gitlab
    spec:
      containers:
        - name: gitlab
          image: registry.cn-guangzhou.aliyuncs.com/xingcangku/gitlab-gitlab-ce-16.11.1-ce.0:16.11.1-ce.0
          env:
            - name: GITLAB_SKIP_UNMIGRATED_DATA_CHECK
              value: "true"
            - name: GITLAB_OMNIBUS_CONFIG
              value: |
                external_url = 'http://gitlab.local.com/'
                prometheus['enable'] = false
                alertmanager['enable'] = false
                gitlab_rails['time_zone'] = 'Asia/Shanghai'
                gitlab_rails['gitlab_email_enabled'] = false
                gitlab_rails['smtp_enable'] = false
                gitlab_rails['gravatar_plain_url'] = 'http://gravatar.loli.net/avatar/%{hash}?s=%{size}&d=identicon'
                gitlab_rails['gravatar_ssl_url'] = 'https://gravatar.loli.net/avatar/%{hash}?s=%{size}&d=identicon'
                nginx['worker_processes'] = 2
                postgresql['max_connections'] = 100
                postgresql['shared_buffers'] = "128MB"
          ports:
            - containerPort: 80
              name: http
            - containerPort: 443
              name: https
            - containerPort: 22
              name: ssh
          readinessProbe:
            exec:
              command: ["sh", "-c", "curl -s http://127.0.0.1/-/health"]
          livenessProbe:
            exec:
              command: ["sh", "-c", "curl -s http://127.0.0.1/-/health"]
            timeoutSeconds: 5
            failureThreshold: 3
            periodSeconds: 60
          startupProbe:
            exec:
              command: ["sh", "-c", "curl -s http://127.0.0.1/-/health"]
            failureThreshold: 20
            periodSeconds: 120
          resources:
            requests:
              memory: "4Gi"
              cpu: "2"
            limits:
              memory: "8Gi"
              cpu: "4"
          volumeMounts:
            - name: data
              mountPath: /var/opt/gitlab
            - name: config
              mountPath: /etc/gitlab
            - name: log
              mountPath: /var/log/gitlab
            - mountPath: /dev/shm
              name: cache-volume
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: gitlab-data-pvc
        - name: config
          persistentVolumeClaim:
            claimName: gitlab-config-pvc
        - name: log
          emptyDir: {}
        - name: cache-volume
          emptyDir:
            medium: Memory
            sizeLimit: 256Mi
EOF

1.3 SVC

cat > gitlab-svc.yaml << EOF
apiVersion: v1
kind: Service
metadata:
  name: gitlab-svc
  namespace: cicd
spec:
  type: NodePort  # 修改服务类型为 NodePort
  selector:
    app: gitlab
  ports:
    - port: 80
      targetPort: 80
      name: http
      nodePort: 30080  # 添加 NodePort 端口映射 (范围 30000-32767)
    - port: 443
      targetPort: 443
      name: https
      nodePort: 30443  # 添加 NodePort 端口映射
    - port: 22
      targetPort: 22
      name: ssh
      nodePort: 30022  # 添加 NodePort 端口映射
EOF

二、访问验证

root@k8s-01:~/gitlab# kubectl get all -n cicd
NAME                          READY   STATUS    RESTARTS   AGE
pod/gitlab-75dcff8b46-bl5mm   1/1     Running   0          10m
pod/jenkins-c884498c6-jt5rd   1/1     Running   0          13m

NAME                 TYPE       CLUSTER-IP    EXTERNAL-IP   PORT(S)                                   AGE
service/gitlab-svc   NodePort   10.101.0.24   <none>        80:30080/TCP,443:30443/TCP,22:30022/TCP   10m

NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/gitlab    1/1     1            1           10m
deployment.apps/jenkins   1/1     1            1           13m

NAME                                DESIRED   CURRENT   READY   AGE
replicaset.apps/gitlab-75dcff8b46   1         1         1       10m
replicaset.apps/jenkins-c884498c6   1         1         1       13m

验证访问

客户端新增hosts记录 192.168.3.160 gitlab.local.com
账号默认：root
密码需要去容器里面的 这里路径查看cat /etc/gitlab/initial_root_password
root@k8s-master-01:~/gitlab# kubectl exec -it -n cicd   gitlab-6fb47c476-vb6wf -- bash
root@gitlab-6fb47c476-vb6wf:/# cat /etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
#          1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
#          2. Password hasn't been changed manually, either via UI or via command line.
#
#          If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

Password: 8cF7BzixYvRbvtDI1sQjxr+PDMQ1sohG7a+WEiX42bY=

# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.

评论 (0)