DevOps平台实践 (3)

使用postgres=true来指定节点

$ cat postgres.yaml apiVersion: v1 kind: Service metadata: name: postgres labels: app: postgres namespace: jenkins spec: ports: - name: server port: 5432 targetPort: 5432 protocol: TCP selector: app: postgres --- apiVersion: apps/v1 kind: Deployment metadata: namespace: jenkins name: postgres labels: app: postgres spec: replicas: 1 selector: matchLabels: app: postgres template: metadata: labels: app: postgres spec: nodeSelector: postgres: "true" tolerations: - operator: "Exists" containers: - name: postgres image: 192.168.136.10:5000/postgres:11.4 #若本地没有启动该仓库，换成postgres:11.4 imagePullPolicy: "IfNotPresent" ports: - containerPort: 5432 env: - name: POSTGRES_USER #PostgreSQL 用户名 valueFrom: secretKeyRef: name: gitlab-secret key: postgres.user.root - name: POSTGRES_PASSWORD #PostgreSQL 密码 valueFrom: secretKeyRef: name: gitlab-secret key: postgres.pwd.root resources: limits: cpu: 1000m memory: 2048Mi requests: cpu: 50m memory: 100Mi volumeMounts: - mountPath: /var/lib/postgresql/data name: postgredb volumes: - name: postgredb hostPath: path: /var/lib/postgres/ #部署到k8s-slave2节点 $ kubectl label node k8s-slave2 postgres=true #创建postgres $ kubectl create -f postgres.yaml # 创建数据库gitlab,为后面部署gitlab组件使用 $ kubectl -n jenkins exec -ti postgres-7ff9b49f4c-nt8zh bash root@postgres-7ff9b49f4c-nt8zh:/# psql root=# create database gitlab; CREATE DATABASE

部署redis

$ cat redis.yaml apiVersion: v1 kind: Service metadata: name: redis labels: app: redis namespace: jenkins spec: ports: - name: server port: 6379 targetPort: 6379 protocol: TCP selector: app: redis --- apiVersion: apps/v1 kind: Deployment metadata: namespace: jenkins name: redis labels: app: redis spec: replicas: 1 selector: matchLabels: app: redis template: metadata: labels: app: redis spec: tolerations: - operator: "Exists" containers: - name: redis image: sameersbn/redis:4.0.9-2 imagePullPolicy: "IfNotPresent" ports: - containerPort: 6379 resources: limits: cpu: 1000m memory: 2048Mi requests: cpu: 50m memory: 100Mi # 创建 $ kubectl create -f redis.yaml

部署gitlab

注意点：

使用ingress暴漏服务

添加annotation，指定nginx端上传大小限制，否则推送代码时会默认被限制1m大小，相当于给nginx设置client_max_body_size的限制大小

使用gitlab=true来选择节点

使用服务发现地址来访问postgres和redis

在secret中引用数据库账户和密码

数据库名称为gitlab

$ cat gitlab.yaml apiVersion: extensions/v1beta1 kind: Ingress metadata: name: gitlab namespace: jenkins annotations: nginx.ingress.kubernetes.io/proxy-body-size: "50m" spec: rules: - host: gitlab.luffy.com http: paths: - backend: serviceName: gitlab servicePort: 80 path: / --- apiVersion: v1 kind: Service metadata: name: gitlab labels: app: gitlab namespace: jenkins spec: ports: - name: server port: 80 targetPort: 80 protocol: TCP selector: app: gitlab --- apiVersion: apps/v1 kind: Deployment metadata: namespace: jenkins name: gitlab labels: app: gitlab spec: replicas: 1 selector: matchLabels: app: gitlab template: metadata: labels: app: gitlab spec: nodeSelector: gitlab: "true" tolerations: - operator: "Exists" containers: - name: gitlab image: sameersbn/gitlab:13.2.2 imagePullPolicy: "IfNotPresent" env: - name: GITLAB_HOST value: "gitlab.luffy.com" - name: GITLAB_PORT value: "80" - name: GITLAB_SECRETS_DB_KEY_BASE value: "long-and-random-alpha-numeric-string" - name: GITLAB_SECRETS_DB_KEY_BASE value: "long-and-random-alpha-numeric-string" - name: GITLAB_SECRETS_SECRET_KEY_BASE value: "long-and-random-alpha-numeric-string" - name: GITLAB_SECRETS_OTP_KEY_BASE value: "long-and-random-alpha-numeric-string" - name: DB_HOST value: "postgres" - name: DB_NAME value: "gitlab" - name: DB_USER valueFrom: secretKeyRef: name: gitlab-secret key: postgres.user.root - name: DB_PASS valueFrom: secretKeyRef: name: gitlab-secret key: postgres.pwd.root - name: REDIS_HOST value: "redis" - name: REDIS_PORT value: "6379" ports: - containerPort: 80 resources: limits: cpu: 2000m memory: 5048Mi requests: cpu: 100m memory: 500Mi volumeMounts: - mountPath: /home/git/data name: data volumes: - name: data hostPath: path: /var/lib/gitlab/ #部署到k8s-slave2节点 $ kubectl label node k8s-slave2 gitlab=true # 创建 $ kubectl create -f gitlab.yaml

配置hosts解析：

192.168.136.10 gitlab.luffy.com

设置root密码

访问，设置管理员密码

配置k8s-master节点的hosts

$ echo "192.168.136.10 gitlab.luffy.com" >>/etc/hosts

myblog项目推送到gitlab

mkdir demo cp -r myblog demo/ cd demo/myblog git remote rename origin old-origin git remote add origin git push -u origin --all git push -u origin --tags

钉钉推送

配置机器人