跳到主要内容

3、gitlab部署(部署成功)

gitlab部署

此文档依赖于基础环境配置文档, 运行K8s集群并配置NFS存储。

代码库地址: https://jihulab.com/devopsvvip/myiac/-/tree/main/devops/gitlab

Docker镜像:

  • docker pull gitlab/gitlab-ce:16.2.2-ce.0

主机hosts文件更新: 192.168.1.200 gitlab.idevops.site

Step1 NFS目录

mkdir -p /data/storage/kubernetes/gitlab/{config,logs,data}
chmod 777 -R /data/storage/kubernetes/gitlab/ 

[root@devops-nuc-service devops]# ls -l /data/storage/kubernetes/gitlab/
总用量 0
drwxrwxr-x  3 root root 268 83 20:08 config
drwxr-xr-x 13 root root 237 83 20:09 data
drwxr-xr-x 10 root root 139 83 20:09 logs

Step2 部署GitLab

已经编写好了一套K8s 清单文件和一个声明式的Argo APP。【具体参考代码库】

docker pull uhub.service.ucloud.cn/onedayxyy/gitlab-ce:16.2.2-ce.0
docker tag uhub.service.ucloud.cn/onedayxyy/gitlab-ce:16.2.2-ce.0 gitlab/gitlab-ce:16.2.2-ce.0

## LoadDockerImage
kind load  docker-image gitlab/gitlab-ce:16.2.2-ce.0 --name devopscluster

#cd /root/myiac-gitee/devops/gitlab
kubectl -n argocd apply -f gitlab-argoapp.yaml
  • 部署成功后:

image-20240622154303895

  • 查看pod日志

image-20240622154249510

Step3 GitLab初始化配置

  • initial_root_password文件中获取初始密码:
cd /data/storage/kubernetes/gitlab/config

[root@devops-nuc-service config]# pwd
/data/storage/kubernetes/gitlab/config
[root@devops-nuc-service config]# ls -l
总用量 192
-rwxrwxrwx 1 root root 146358 83 20:08 gitlab.rb
-rwxrwxrwx 1 root root  19404 83 20:16 gitlab-secrets.json
-rwxrwxrwx 1 root root    749 83 20:08 initial_root_password
-rwxrwxrwx 1 root root    525 83 20:08 ssh_host_ecdsa_key
-rwxrwxrwx 1 root root    190 83 20:08 ssh_host_ecdsa_key.pub
-rwxrwxrwx 1 root root    419 83 20:08 ssh_host_ed25519_key
-rwxrwxrwx 1 root root    110 83 20:08 ssh_host_ed25519_key.pub
-rwxrwxrwx 1 root root   2622 83 20:08 ssh_host_rsa_key
-rwxrwxrwx 1 root root    582 83 20:08 ssh_host_rsa_key.pub
drwxrwxrwx 2 root root      6 83 20:08 trusted-certs
[root@devops-nuc-service config]# cat initial_root_password
# WARNING: This value is valid only in the following conditions
#          1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
#          2. Password hasn't been changed manually, either via UI or via command line.
#
#          If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

Password: iGru391uh1dE9LZ2eZFLdgwZPVLNQ4cKcPpGltdZwH8=

# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.
  • 登入GitLab: root/初始化密码 (nLU4eXA2YjRPjKZ)

Step4 修改密码

  • 耐心等待一会儿:

http://gitlab.idevops.site/

image-20240619093708763

image-20240619093809713

单击头像, 选择Preferences。

img

单击左侧Password

img

  • 完美,自己部署成功

http://gitlab.idevops.site/

image-20240619094058943

一键部署代码

mkdir -p /data/storage/kubernetes/gitlab/{config,logs,data}
chmod 777 -R /data/storage/kubernetes/gitlab/ 

## LoadDockerImage
kind load  docker-image gitlab/gitlab-ce:16.2.2-ce.0 --name devopscluster

#cd /root/myiac-gitee/devops/gitlab
kubectl -n argocd apply -f /root/myiac-gitee/devops/gitlab/gitlab-argoapp.yaml

FAQ

Q1 Unable to load host key: /etc/gitlab/ssh_host_ecdsa_

2023-08-03_12:37:56.33701 Unable to load host key: /etc/gitlab/ssh_host_ecdsa_key
2023-08-03_12:37:56.33713 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
2023-08-03_12:37:56.33713 @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
2023-08-03_12:37:56.33713 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
2023-08-03_12:37:56.33713 Permissions 0777 for '/etc/gitlab/ssh_host_ed25519_key' are too open.
2023-08-03_12:37:56.33713 It is required that your private key files are NOT accessible by others.
2023-08-03_12:37:56.33714 This private key will be ignored.

根据错误提示Permissions 0777 for '/etc/gitlab/ssh_host_ed25519_key' are too open. 判断为权限问题, 权限给的太大了,解决方法: chmod 600 ssh_host_*

[root@devops-nuc-service devops]# kubectl exec -it  gitlab-655c6f48db-j9htc -n gitlab bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
root@gitlab-655c6f48db-j9htc:/# cd /etc/gitlab/
root@gitlab-655c6f48db-j9htc:/etc/gitlab# ls -l
total 192
-rw------- 1 root root  19404 Aug  3 12:27 gitlab-secrets.json
-rwxrwxrwx 1 root root 146358 Aug  3 12:08 gitlab.rb
-rwxrwxrwx 1 root root    749 Aug  3 12:08 initial_root_password
-rwxrwxrwx 1 root root    525 Aug  3 12:08 ssh_host_ecdsa_key
-rwxrwxrwx 1 root root    190 Aug  3 12:08 ssh_host_ecdsa_key.pub
-rwxrwxrwx 1 root root    419 Aug  3 12:08 ssh_host_ed25519_key
-rwxrwxrwx 1 root root    110 Aug  3 12:08 ssh_host_ed25519_key.pub
-rwxrwxrwx 1 root root   2622 Aug  3 12:08 ssh_host_rsa_key
-rwxrwxrwx 1 root root    582 Aug  3 12:08 ssh_host_rsa_key.pub
drwxr-xr-x 2 root root      6 Aug  3 12:08 trusted-certs
root@gitlab-655c6f48db-j9htc:/etc/gitlab# chmod 600 ssh_host_*
root@gitlab-655c6f48db-j9htc:/etc/gitlab# ls -l
total 192
-rw------- 1 root root  19404 Aug  3 12:27 gitlab-secrets.json
-rwxrwxrwx 1 root root 146358 Aug  3 12:08 gitlab.rb
-rwxrwxrwx 1 root root    749 Aug  3 12:08 initial_root_password
-rw------- 1 root root    525 Aug  3 12:08 ssh_host_ecdsa_key
-rw------- 1 root root    190 Aug  3 12:08 ssh_host_ecdsa_key.pub
-rw------- 1 root root    419 Aug  3 12:08 ssh_host_ed25519_key
-rw------- 1 root root    110 Aug  3 12:08 ssh_host_ed25519_key.pub
-rw------- 1 root root   2622 Aug  3 12:08 ssh_host_rsa_key
-rw------- 1 root root    582 Aug  3 12:08 ssh_host_rsa_key.pub
drwxr-xr-x 2 root root      6 Aug  3 12:08 trusted-certs
  • 自己的环境后面也突然报这个错误了:

image-20240622063635144

  • 故障现象就是点击Gitlab后卡顿,无法操作:

image-20240622063704931

  • 按以上方法配置
[root@devops8 ~]#kubectl get po -ngitlab
NAME                      READY   STATUS    RESTARTS   AGE
gitlab-655c6f48db-7vfzk   1/1     Running   0          45m
[root@devops8 ~]#kubectl exec -it gitlab-655c6f48db-7vfzk -ngitlab -- bash
root@gitlab-655c6f48db-7vfzk:/# cd /etc/gitlab/
root@gitlab-655c6f48db-7vfzk:/etc/gitlab# ls -l
total 188
-rw------- 1 root root  19408 Jun 21 21:53 gitlab-secrets.json
-rwxrwxrwx 1 root root 146358 Jun 18 14:47 gitlab.rb
-rwxrwxrwx 1 root root    525 Jun 18 14:47 ssh_host_ecdsa_key
-rwxrwxrwx 1 root root    190 Jun 18 14:47 ssh_host_ecdsa_key.pub
-rwxrwxrwx 1 root root    419 Jun 18 14:47 ssh_host_ed25519_key
-rwxrwxrwx 1 root root    110 Jun 18 14:47 ssh_host_ed25519_key.pub
-rwxrwxrwx 1 root root   2622 Jun 18 14:47 ssh_host_rsa_key
-rwxrwxrwx 1 root root    582 Jun 18 14:47 ssh_host_rsa_key.pub
drwxr-xr-x 2 root root      6 Jun 18 14:47 trusted-certs
root@gitlab-655c6f48db-7vfzk:/etc/gitlab# chmod 600 ssh_host_*
root@gitlab-655c6f48db-7vfzk:/etc/gitlab# ls -l
total 188
-rw------- 1 root root  19408 Jun 21 21:53 gitlab-secrets.json
-rwxrwxrwx 1 root root 146358 Jun 18 14:47 gitlab.rb
-rw------- 1 root root    525 Jun 18 14:47 ssh_host_ecdsa_key
-rw------- 1 root root    190 Jun 18 14:47 ssh_host_ecdsa_key.pub
-rw------- 1 root root    419 Jun 18 14:47 ssh_host_ed25519_key
-rw------- 1 root root    110 Jun 18 14:47 ssh_host_ed25519_key.pub
-rw------- 1 root root   2622 Jun 18 14:47 ssh_host_rsa_key
-rw------- 1 root root    582 Jun 18 14:47 ssh_host_rsa_key.pub
drwxr-xr-x 2 root root      6 Jun 18 14:47 trusted-certs
root@gitlab-655c6f48db-7vfzk:/etc/gitlab#
  • 再次观察现象

image-20240622064126844

可以看到,配置后不会再报了。

0%