GitLab之MINIO分布式缓存
首先安装miniohelm repo add bitnami https://charts.bitnami.com/bitnamihelm pull bitnami/minio --untar #修改你需要的参数或者helm install --namespace minio--set persistence.enabled=true--set accessKey=admin--set secre
·
首先安装minio
helm repo add bitnami https://charts.bitnami.com/bitnami
helm pull bitnami/minio --untar #修改你需要的参数
或者
helm install --namespace minio
--set persistence.enabled=true
--set accessKey=admin
--set secretKey=123456
--set persistence.size=1Gi
--set resources.requests.memory=1Gi
--set persistence.storageClass=ceph-block-storage
bitnami/minio --generate-name
启用客户端
kubectl run minio-client \
--rm --tty -i --restart='Never' \
--env MINIO_SERVER_ROOT_USER=$ROOT_USER \
--env MINIO_SERVER_ROOT_PASSWORD=$ROOT_PASSWORD \
--env MINIO_SERVER_HOST=minio-1646498520 \
--image docker.io/bitnami/minio-client:2022.3.3-debian-10-r1 -- admin info minio
注意web端口使用9001访问 gitlab上传数据需要9000端口
kubectl get svc
NodePort 10.105.85.217 <none> 9000:60852/TCP,9001:3749/TCP 16h
注册一个runner 有存储的
刚才在minio上创建一个用户密码给runner使用
kubectl create secret generic s3access \
--from-literal=accesskey="user00" \
--from-literal=secretkey="123qweasd"
[root@m50 123]# egrep -v "#" gitlab-runn.yaml | grep -v "^$"
imagePullPolicy: IfNotPresent
gitlabUrl: http://192.168.10.9/
runnerRegistrationToken: "mNaxzsqyxpwQQCxJkSTa"
terminationGracePeriodSeconds: 3600
concurrent: 10
checkInterval: 30
sessionServer:
enabled: false
rbac:
create: true
resources: ["pods", "pods/exec", "secrets"]
verbs: ["get", "list", "watch", "create", "patch", "delete"]
rules: []
clusterWideAccess: false
podSecurityPolicy:
enabled: false
resourceNames:
- gitlab-runner
metrics:
enabled: true
portName: metrics
port: 9252
serviceMonitor:
enabled: false
service:
enabled: false
type: ClusterIP
runners:
config: |
[[runners]]
[runners.kubernetes]
namespace = "{{.Release.Namespace}}"
image = "golang:1.17.8-alpine3.15"
executor: kubernetes
locked: false
tags: "k8s-s3,deployt"
runUntagged: true
privileged: true
cache:
cacheType: s3
cachePath: "gitlab-runner"
cacheShared: true
s3ServerAddress: minio-1646498520.default.svc.cluster.local:9000
s3BucketName: gitlab00
s3BucketLocation:
s3CacheInsecure: true
secretName: s3a
builds: {}
services: {}
helpers: {}
securityContext:
runAsUser: 100
fsGroup: 65533
resources: {}
affinity: {}
nodeSelector: {}
tolerations: []
hostAliases: []
podAnnotations: {}
podLabels: {}
secrets: []
configMaps: {}
cache:
cacheType: s3
cachePath: "gitlab-runner"
cacheShared: true
s3ServerAddress: minio-1646498520.default.svc.cluster.local:9000
s3BucketName: gitlab00
s3BucketLocation:
s3CacheInsecure: true
secretName: s3access
参数 | 表达 |
---|---|
cacheType: | 缓存的类型,指定s3 |
cachePath: | 缓存路径,值得是bucket中的目录。可以自定义。 |
CacheShared: | 是否共享,如果存在多个runner则需要开启。 |
s3ServerAddress: | S3服务器地址,minio域名。 |
s3BucketName: | S3 bucket的名称,参考上面我们创建的名称。 |
s3BucketLocation: | Location 默认即可,可选。 |
s3CacheInsecure: | 是否使用https。(这里官方chart有问题,配置的是不管是true还是false都是true,后面会修改) |
secretName: | 凭据名称, 我们在上面创建的s3凭据。 |
- 像上次一样创建
#添加源
helm repo add gitlab https://charts.gitlab.io
helm template gitlab-runner -f gitlab-runn.yaml gitlab/gitlab-runner > runner-manifest.yaml
#创建它
kubectl apply -f runner-manifest.yaml
我的都在k8s里。我就直接写别名了
存储桶
.gitlab-ci.yml 文件
services:
- docker:19.03.7-dind
- docker:stable
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- app
- templates/
stages:
- package
- build and push docker image
- deploy
variables:
KUBECONFIG: /etc/deploy/config
package build:
tags:
- k8s-s3
#image: golang:1.17.8-alpine3.15
stage: package
# 只作用在main分支
only:
- main
script:
- export GO111MODULE=on
- export GOPROXY=https://goproxy.cn,direct
- go get -d -v github.com/gin-gonic/gin
- go get -d -v github.com/shirou/gopsutil/cpu
- go get -d -v github.com/shirou/gopsutil/disk
- go get -d -v github.com/shirou/gopsutil/host
- go get -d -v github.com/shirou/gopsutil/load
- go get -d -v github.com/shirou/gopsutil/mem
- go get -d -v github.com/shirou/gopsutil/net
- go get -d -v github.com/shirou/gopsutil/process
- go mod init app
- go mod tidy
- go build .
- ls -lh
- pwd
docker build:
tags:
- k8s-s3
variables:
DOCKER_HOST: tcp://0.0.0.0:2375
DOCKER_TLS_CERTDIR: ""
image: docker:stable
stage: build and push docker image
# 只作用在main分支
only:
- main
cache:
key: "$CI_COMMIT_REF_SLUG"
paths:
- app
- templates/
script:
- pwd
- ls -lh
- docker build -t $HK:$CI_COMMIT_SHORT_SHA .
- docker login --username=$DOCKER_NAME --password=$DOCKER_PW registry-intl.cn-hongkong.aliyuncs.com
- docker push $HK:$CI_COMMIT_SHORT_SHA
- docker rmi $HK:$CI_COMMIT_SHORT_SHA
deploy:
tags:
- k8s-s3
#image: rancher/kubectl:v1.23.3@
image: registry.cn-hangzhou.aliyuncs.com/haoshuwei24/kubectl:1.16.6
stage: deploy
script:
- ls -lh
- sed -i "s/IMAGE_TAG/$CI_COMMIT_SHORT_SHA/g" gin.yaml
- mkdir -p /etc/deploy
- echo $kube_config |base64 -d > $KUBECONFIG
- kubectl apply -f gin.yaml
- kubectl get pods -n gitlab
http://git.rapha.top/jbjb/gitlab-ci-cd-demo.git
更多推荐
已为社区贡献7条内容
所有评论(0)