简介
K8S部署Gitlab
基本信息
操作系统: rocky9.0
K8S版本: 1.24
Gitlab镜像版本: gitlab-ee:15.4.3
namespace: gitlab
storageClass: nfs-local-k8s-1 # 使用nfs-sc进行挂载,如何使用nfs创建sc
安装Gitlab
# 创建namespace
kubectl create ns gitlab
# 创建`gitlab.yaml`文件
cat <<EOF | sudo tee gitlab.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: gitlab-ee
spec:
replicas: 1
serviceName: gitlab-ee-svc
selector:
matchLabels:
app: gitlab-ee
template:
metadata:
labels:
app: gitlab-ee
spec:
containers:
- name: gitlab-ee
image: 'gitlab/gitlab-ee:15.4.3-ee.0'
imagePullPolicy: IfNotPresent
ports: # 声明容器对外暴露端口,
- name: ssh
containerPort: 22
- name: http
containerPort: 80
- name: https
containerPort: 443
livenessProbe: # 判断容器启动后正常运行探针
httpGet:
path: /
port: 80
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 30
periodSeconds: 15
successThreshold: 1
failureThreshold: 3
startupProbe: # 判断容器正常启动探针
httpGet:
path: /
port: 80
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 30
periodSeconds: 15
successThreshold: 1
failureThreshold: 12
volumeMounts:
- name: config
mountPath: /etc/gitlab
- name: logs
mountPath: /var/log/gitlab
- name: data
mountPath: /var/opt/gitlab
- name: localtime
mountPath: /etc/localtime
volumes:
- name: localtime
hostPath:
path: /etc/localtime
volumeClaimTemplates:
- metadata:
name: config
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: nfs-local-k8s-1
resources:
requests:
storage: 1Gi
- metadata:
name: logs
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: nfs-local-k8s-1
resources:
requests:
storage: 10Gi
- metadata:
name: data
spec:
accessModes: ["ReadWriteOnce"]
storageClassName: nfs-local-k8s-1
resources:
requests:
storage: 100Gi
---
apiVersion: v1
kind: Service
metadata:
name: gitlab-ee-svc
labels:
name: gitlab-ee
spec:
ports:
- name: http
protocol: TCP
port: 80
targetPort: http
nodePort: 31000 # 浏览器访问端口
- name: https
protocol: TCP
port: 443
targetPort: https
nodePort: 31001 # https的访问端口
- name: ssh
protocol: TCP
port: 22 # 集群访问端口
targetPort: ssh # 转发容器端口
nodePort: 31002 # 外部暴露端口
selector:
app: gitlab-ee
type: NodePort # 开启外网访问端口
EOF
# 安装Gitlab,等待完成启动
kubectl -n gitlab apply -f gitlab.yaml
因为部署文件端口是31000、31001、31002,需要修改gitlab配置。
# 进入gitlab pod
kubectl -n gitlab exec -it gitlab-ee-0 bash
# 修改gitlab配置文件
vi /etc/gitlab/gitlab.rb
....
gitlab_rails['gitlab_shell_ssh_port'] = 31002 # 修改外部访问显示的ssh端口,容器内运行时使用端口还是22,因为我们svc对外暴露的是31002,所以这里就配置31002
...
external_url 'http://[k8s node ip]:31000' # 修改外部访问url,主要给到http默认git地址展示
...
nginx['listen_port'] = 80 # 配置external_url需要再次配置为80端口,保证容器内端口还是80
...
# 使配置生效
gitlab-ctl reconfigure
测试访问Gitlab
浏览器打开: http://[k8s节点ip]:31000