第六篇:kubernetes部署gitlab
说明: 总的目标是在k8s集群部署gitlab、jenkins,并且在本地提交代码到gitlab后jenkin流水线可以自动编译打包成为docker镜像然后部署到k8s中并实现客户端外部域名访问,在文档分为多个部分,其中涉及的技术有docker安装、k8s搭建、部署gitlab、部署jenkins、部署sonarqube、gitlab和jenkin联动、jenkins和sonarqube联动、pi
·
说明: 总的目标是在k8s集群部署gitlab、jenkins,并且在本地提交代码到gitlab后jenkin流水线可以自动编译打包成为docker镜像然后部署到k8s中并实现客户端外部域名访问,在文档分为多个部分,其中涉及的技术有docker安装、k8s搭建、部署gitlab、部署jenkins、部署sonarqube、gitlab和jenkin联动、jenkins和sonarqube联动、pipline脚本编写、istio部署、istio服务网关等…
此文档接第五篇:kubernetes部署dashboard(图形化界面)
这篇文档讲解的是如何在kubernetes中部署gitlab, 因为gitlab需要依赖redis和postgresql,所以我们部署顺序是redis、postgresql、gitlab, 最后部署istio的gateway和 virtualservice
文章目录
1. 安装配置nfs
nfs可以安装在任何节点,只要集群网络可达就行(我们这里安装在192.168.100.235上),这里需要注意在kubernetes集群的每个节点都需要安装nfs的客户端(nfs-common)
#安装nfs服务端(192.168.100.235上执行) 命令如下:
root@nfs-serevr:~# apt-get install -y nfs-kernel-server
#安装nfs客户端(三个节点k8s-master、k8s-work01、k8s-work02上执行)
root@k8s-master:~# apt-get install -y nfs-common
root@k8s-work01:~# apt-get install -y nfs-common
root@k8s-work02:~# apt-get install -y nfs-common
#在nfs服务端(192.168.100.235上执行)创建目录:/dfs/k8s 命令是:mkdir -p /dfs/k8s
#更改/dfs/k8s目录权限 命令: chmod -R 777 /dfs/k8s
#配置nfs服务端(192.168.100.235上执行)首先打开文件/etc/exports
#添加一条配置如下:
root@nfs-serevr:/opt/k8s/devops# cat /etc/exports
# /etc/exports: the access control list for filesystems which may be exported
# to NFS clients. See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check)
#下面是新添加的内容
/dfs/k8s *(rw,sync,no_root_squash)
#重启nfs:systemctl restart nfs-server
#查看nfs开放的目录,命令:showmount -e 如下:
root@nfs-serevr:~# showmount -e
Export list for k8s-master:
/dfs/k8s *
2. 部署redis
2.1 添加redis的pvc
主节点执行:kubectl apply -f pv-redis.yaml 内容如下:
root@k8s-master:/opt/k8s/devops# cat pv-redis.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-redis
spec:
capacity:
storage: 2Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: "pv-redis"
nfs:
path: /dfs/k8s
server: 192.168.100.235
部署完成后可以是用命令查看: kubectl get pv
root@k8s-master:/opt/k8s/devops_new# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pv-redis 2Gi RWX Retain Available pv-redis 54s
root@k8s-master:/opt/k8s/devops_new#
2.2 部署redis
主节点执行:kubectl apply -f redis.yaml 内容如下:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: redis-pvc
namespace: devops
spec:
accessModes:
- ReadWriteMany
storageClassName: "pv-redis"
resources:
requests:
storage: 2Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis
namespace: devops
labels:
name: redis
spec:
replicas: 1
selector:
matchLabels:
name: redis
template:
metadata:
name: redis
labels:
name: redis
spec:
containers:
- name: redis
image: sameersbn/redis:latest
imagePullPolicy: IfNotPresent
ports:
- name: redis
containerPort: 6379
volumeMounts:
- mountPath: /var/lib/redis
name: data
subPath: redis
livenessProbe:
exec:
command:
- redis-cli
- ping
initialDelaySeconds: 30
timeoutSeconds: 5
readinessProbe:
exec:
command:
- redis-cli
- ping
initialDelaySeconds: 5
timeoutSeconds: 1
volumes:
- name: data
persistentVolumeClaim:
claimName: redis-pvc
---
apiVersion: v1
kind: Service
metadata:
name: redis
namespace: devops
labels:
name: redis
spec:
ports:
- name: redis
port: 6379
targetPort: redis
selector:
name: redis
2.3 查看部署结果
root@k8s-master:/opt/k8s/devops_new# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pv-redis 2Gi RWX Retain Bound devops/redis-pvc pv-redis 55m
root@k8s-master:/opt/k8s/devops_new# kubectl get pvc -ndevops
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
redis-pvc Bound pv-redis 2Gi RWX pv-redis 53m
root@k8s-master:/opt/k8s/devops_new# kubectl get deployments.apps -n devops
NAME READY UP-TO-DATE AVAILABLE AGE
redis 1/1 1 1 53m
3. 部署postgresql
3.1 添加postgresql的pvc
主节点执行:kubectl apply -f pv-postgredql.yaml 内容如下:
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-postgresql
spec:
capacity:
storage: 2Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: "pv-postgresql"
nfs:
path: /dfs/k8s
server: 192.168.100.235
3.2 部署postgreslq
主节点执行:kubectl apply -f postgresql.yaml 内容如下:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgresql-pvc
namespace: devops
spec:
accessModes:
- ReadWriteMany
storageClassName: "pv-postgresql"
resources:
requests:
storage: 2Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgresql
namespace: devops
labels:
name: postgresql
spec:
replicas: 1
selector:
matchLabels:
name: postgresql
template:
metadata:
name: postgresql
labels:
name: postgresql
spec:
containers:
- name: postgresql
image: sameersbn/postgresql:12-20200524
imagePullPolicy: IfNotPresent
env:
- name: DB_USER
value: gitlab
- name: DB_PASS
value: passw0rd
- name: DB_NAME
value: gitlab_production
- name: DB_EXTENSION
value: pg_trgm,btree_gist
ports:
- name: postgres
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql
name: data
subPath: postgresql
livenessProbe:
exec:
command:
- pg_isready
- -h
- localhost
- -U
- postgres
initialDelaySeconds: 5
timeoutSeconds: 1
readinessProbe:
exec:
command:
- pg_isready
- -h
- localhost
- -U
- postgres
initialDelaySeconds: 5
timeoutSeconds: 1
startupProbe:
exec:
command:
- pg_isready
- -h
- localhost
- -U
- postgres
initialDelaySeconds: 90
periodSeconds: 5
failureThreshold: 100
timeoutSeconds: 1
volumes:
- name: data
persistentVolumeClaim:
claimName: postgresql-pvc
---
apiVersion: v1
kind: Service
metadata:
name: postgresql
namespace: devops
labels:
name: postgresql
spec:
ports:
- name: postgres
port: 5432
targetPort: 5432
selector:
name: postgresql
3.3 查看部署结果
root@k8s-master:/opt/k8s/devops_new# kubectl get svc -n devops
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
postgresql ClusterIP 10.97.68.10 <none> 5432/TCP 9m25s
redis ClusterIP 10.104.96.160 <none> 6379/TCP 71m
root@k8s-master:/opt/k8s/devops_new# kubectl get pv -n devops
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pv-postgresql 2Gi RWX Retain Bound devops/postgresql-pvc pv-postgresql 14m
pv-redis 2Gi RWX Retain Bound devops/redis-pvc pv-redis 73m
root@k8s-master:/opt/k8s/devops_new# kubectl get pvc -n devops
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
postgresql-pvc Bound pv-postgresql 2Gi RWX pv-postgresql 9m33s
redis-pvc Bound pv-redis 2Gi RWX pv-redis 71m
root@k8s-master:/opt/k8s/devops_new# kubectl get deployment -n devops
NAME READY UP-TO-DATE AVAILABLE AGE
postgresql 1/1 1 1 9m52s
redis 1/1 1 1 71m
4. 部署gitlab
4.1 添加gitlab的pvc
主节点执行:kubectl apply -f pv-gitlab.yaml 内容如下:
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-gitlab
spec:
capacity:
storage: 2Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: "pv-gitlab"
nfs:
path: /dfs/k8s
server: 192.168.100.235
4.2 部署gitlab
主节点执行:kubectl apply -f gitlab.yaml 内容如下:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitlab-pvc
namespace: devops
spec:
accessModes:
- ReadWriteMany
storageClassName: "pv-gitlab"
resources:
requests:
storage: 2Gi
---
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: devops
name: gitlab-sa
labels:
account: gitlab
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gitlab
namespace: devops
labels:
app: gitlab
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: gitlab
version: v1
template:
metadata:
labels:
app: gitlab
version: v1
spec:
serviceAccountName: gitlab-sa
containers:
- name: gitlab
image: sameersbn/gitlab:15.6.0
imagePullPolicy: IfNotPresent
env:
- name: TZ
value: Asia/Shanghai
- name: GITLAB_TIMEZONE
value: Beijing
- name: GITLAB_SECRETS_DB_KEY_BASE
value: long-and-random-alpha-numeric-string
- name: GITLAB_SECRETS_SECRET_KEY_BASE
value: long-and-random-alpha-numeric-string
- name: GITLAB_SECRETS_OTP_KEY_BASE
value: long-and-random-alpha-numeric-string
- name: GITLAB_ROOT_PASSWORD
value: admin123
- name: GITLAB_ROOT_EMAIL
value: 10000@163.com
- name: GITLAB_HOST
value: gitlab.core.ez
- name: GITLAB_PORT
value: "80"
- name: GITLAB_SSH_PORT
value: "31022"
- name: GITLAB_NOTIFY_ON_BROKEN_BUILDS
value: "true"
- name: GITLAB_NOTIFY_PUSHER
value: "false"
- name: GITLAB_BACKUP_SCHEDULE
value: daily
- name: GITLAB_BACKUP_TIME
value: 01:00
- name: DB_TYPE
value: postgres
- name: DB_HOST
value: postgresql
- name: DB_PORT
value: "5432"
- name: DB_USER
value: gitlab
- name: DB_PASS
value: passw0rd
- name: DB_NAME
value: gitlab_production
- name: REDIS_HOST
value: redis
- name: REDIS_PORT
value: "6379"
ports:
- name: http
containerPort: 80
- name: ssh
containerPort: 22
volumeMounts:
- mountPath: /home/git/data
name: data
subPath: gitlab
livenessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 180
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 5
timeoutSeconds: 1
startupProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 90
periodSeconds: 5
failureThreshold: 100
timeoutSeconds: 1
volumes:
- name: data
persistentVolumeClaim:
claimName: gitlab-pvc
---
apiVersion: v1
kind: Service
metadata:
name: gitlab
namespace: devops
labels:
app: gitlab
service: gitlab
spec:
type: ClusterIP
ports:
- name: http
port: 80
targetPort: http
- name: ssh
port: 22
targetPort: ssh
selector:
app: gitlab
4.3 查看部署结果
root@k8s-master:/opt/k8s/devops_new# kubectl get sa -n devops
NAME SECRETS AGE
default 1 3d1h
gitlab-sa 1 11m
root@k8s-master:/opt/k8s/devops_new# kubectl get svc -n devops
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
gitlab ClusterIP 10.98.60.56 <none> 80/TCP,22/TCP 11m
postgresql ClusterIP 10.97.68.10 <none> 5432/TCP 36m
redis ClusterIP 10.104.96.160 <none> 6379/TCP 98m
root@k8s-master:/opt/k8s/devops_new# kubectl get pvc -n devops
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
gitlab-pvc Bound pv-gitlab 2Gi RWX pv-gitlab 11m
postgresql-pvc Bound pv-postgresql 2Gi RWX pv-postgresql 36m
redis-pvc Bound pv-redis 2Gi RWX pv-redis 98m
root@k8s-master:/opt/k8s/devops_new# kubectl get svc -n devops
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
gitlab ClusterIP 10.98.60.56 <none> 80/TCP,22/TCP 11m
postgresql ClusterIP 10.97.68.10 <none> 5432/TCP 36m
redis ClusterIP 10.104.96.160 <none> 6379/TCP 98m
5. 部署istio代理网关资源
5.1 部署istio的gateway资源
主节点执行: kubectl apply -f gitlab-gateway.yaml 内容如下:
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: gitlab-gateway
namespace: devops
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "gitlab.core.ez"
5.2 部署istio的VirtualService资源
主节点执行: kubectl apply -f gitlab-vs.yaml 内容如下:
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: gitlab-vs
namespace: devops
spec:
hosts:
- "gitlab.core.ez"
gateways:
- gitlab-gateway
http:
- match:
- uri:
prefix: /
route:
- destination:
host: gitlab
port:
number: 80
5.3 本地host添加gitlab域名映射
如果向在本地访问刚才部署的gitlab, 需要在本地机器添加一条域名解析
打开文件:C:\Windows\System32\drivers\etc\hosts
在其中添加一条gilab记录 如下:
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
192.168.100.230 dashboard.core.ez
#新加的记录如下
192.168.100.230 gitlab.core.ez
5.4 访问gitlab
我们在浏览器访问地址:http://gitlab.core.ez就可以访问到gitlab页面了 如下图:
输入用户名和密码: root/admin123 ,就可以访问到gitlab页面了
接下来一章将讲解jenkins的部署:第七篇:kubernetes部署jenkins
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
1
0- 0
已为社区贡献7条内容
所有评论(0)