Helm/GitLab: Difference between revisions
Jump to navigation
Jump to search
(63 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
helm repo add gitlab https://charts.gitlab.io | helm repo add gitlab https://charts.gitlab.io | ||
helm repo update && helm repo list | helm repo update && helm repo list | ||
kubectl config get-contexts | |||
==Config== | ==Config== | ||
Line 11: | Line 12: | ||
==Install== | ==Install== | ||
{| | {| | ||
| | |valign="top"| | ||
<syntaxhighlight lang="sql"> | |||
kubectl delete namespace gitlab | |||
cat << DDL | psql -U ${USER} | |||
DROP DATABASE IF EXISTS gitlab; | |||
DROP USER IF EXISTS gitlab; | |||
DDL | |||
</syntaxhighlight> | |||
---- | |||
<syntaxhighlight lang="sql"> | <syntaxhighlight lang="sql"> | ||
cat << DDL | psql -U ${USER} | cat << DDL | psql -U ${USER} | ||
CREATE DATABASE gitlab; | CREATE DATABASE gitlab; | ||
CREATE USER gitlab WITH ENCRYPTED PASSWORD 'sadaqah!'; | CREATE USER gitlab WITH ENCRYPTED PASSWORD 'sadaqah!'; | ||
GRANT ALL PRIVILEGES ON DATABASE | GRANT ALL PRIVILEGES ON DATABASE gitlab TO gitlab; | ||
ALTER USER gitlab WITH SUPERUSER; | |||
DDL | DDL | ||
</syntaxhighlight> | |||
---- | |||
<syntaxhighlight lang="bash"> | |||
helm show values gitlab/gitlab --version 8.0.1|less | |||
helm show values gitlab/gitlab --version 8.2.1|less | |||
kubectl get ns|grep gitlab | |||
kubectl create namespace gitlab | |||
</syntaxhighlight> | |||
|valign="top"| | |||
<syntaxhighlight lang="yaml" highlight="6,18-20" line> | |||
cat << YML | kubectl apply -n gitlab -f - | |||
--- | |||
apiVersion: v1 | |||
kind: Secret | |||
metadata: | |||
name: gitlab | |||
namespace: gitlab | |||
labels: | |||
app.kubernetes.io/managed-by: kubectl | |||
app.kubernetes.io/instance: gitlab | |||
app.kubernetes.io/version: 8.2.1 | |||
app.kubernetes.io/name: gitlab | |||
helm.sh/chart: gitlab-8.2.1 | |||
annotations: | |||
meta.helm.sh/release-name: gitlab | |||
meta.helm.sh/release-namespace: gitlab | |||
data: | |||
smtp-password: c2FkYXFhaCE= | |||
psql-password: c2FkYXFhaCE= | |||
root-password: c2FkYXFhaCE= | |||
type: Opaque | |||
YML | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 26: | Line 70: | ||
|- | |- | ||
|colspan="2"| | |colspan="2"| | ||
<syntaxhighlight lang="yaml" line> | <syntaxhighlight lang="yaml" highlight="23-25,31-33,42,44-50,65-67" line> | ||
cat <<YML | helm -n gitlab install gitlab gitlab/gitlab --version 8.2.1 -f - | |||
--- | |||
cat <<YML | helm -n gitlab install gitlab gitlab/gitlab --version 8.2.1 -f - | |||
global: | global: | ||
edition: ce | edition: ce | ||
Line 35: | Line 78: | ||
https: false | https: false | ||
domain: k8s.local | domain: k8s.local | ||
ssh: gitlab.k8s.local | |||
gitlab: | |||
name: gitlab.k8s.local | |||
https: false | |||
minio: | |||
name: minio.gitlab.k8s.local | |||
https: false | |||
ingress: | ingress: | ||
tls: | tls: | ||
enabled: false | enabled: false | ||
configureCertmanager: false | configureCertmanager: false | ||
psql: | |||
host: host.minikube.internal | |||
username: gitlab | |||
database: gitlab | |||
password: | |||
secret: gitlab | |||
key: psql-password | |||
smtp: | smtp: | ||
enabled: true | enabled: true | ||
address: mail. | address: mail.k8s.local | ||
port: 10587 | port: 10587 | ||
user_name: "dev@ | user_name: "dev@k8s.local" | ||
password: | password: | ||
secret: | secret: gitlab | ||
key: password | key: smtp-password | ||
domain: mail. | domain: mail.k8s.local | ||
authentication: "plain" | authentication: "plain" | ||
starttls_auto: true | starttls_auto: true | ||
email: | email: | ||
from: "gitlab@ | from: "gitlab@k8s.local" | ||
display_name: Academia Gitlab | display_name: Academia Gitlab | ||
reply_to: "no-reply@ | reply_to: "no-reply@k8s.local" | ||
registry: | |||
bucket: gitlab-registry | |||
appConfig: | appConfig: | ||
lfs: | |||
bucket: gitlab-lfs | |||
backups: | |||
tmpBucket: gitlab-tmp | |||
terraformState: | |||
enabled: true | |||
bucket: gitlab-tf-state | |||
omniauth: | omniauth: | ||
enabled: true | enabled: true | ||
Line 60: | Line 126: | ||
allowSingleSignOn: ["openid_connect"] | allowSingleSignOn: ["openid_connect"] | ||
syncProfileFromProvider: | | syncProfileFromProvider: | | ||
[{ 'name' => 'openid_connect', 'label' => 'Academia OpenID', 'icon' => '', 'args' => {'name' => 'openid_connect', 'scope' => ['openid','profile'], 'response_type' => 'code', 'issuer' => 'http://keycloak. | [{ 'name' => 'openid_connect', 'label' => 'Academia OpenID', 'icon' => '', 'args' => {'name' => 'openid_connect', 'scope' => ['openid','profile'], 'response_type' => 'code', 'issuer' => 'http://keycloak.k8s.local/realms/GoogleWorkspace', 'discovery' => true, 'client_auth_method' => 'query', 'uid_field' => 'sub', 'send_scope_to_token_endpoint' => 'false', 'client_options' => { 'identifier' => 'gitlab.k8s.local', 'secret' => '9f16a376-2114-45f4-9b69-873080764b15', 'redirect_uri' => 'http://gitlab.k8s.local/users/auth/openid_connect/callback' }}}] | ||
kas: | kas: | ||
enabled: false | enabled: false | ||
Line 69: | Line 135: | ||
registry: | registry: | ||
enabled: false | enabled: false | ||
initialRootPassword: | |||
secret: gitlab | |||
key: root-password | |||
time_zone: "Asia/Kuala_Lumpur" | time_zone: "Asia/Kuala_Lumpur" | ||
redis: | redis: | ||
install: true | install: true | ||
gitlab: | |||
webservice: | |||
minReplicas: 1 | |||
maxReplicas: 2 | |||
gitlab-shell: | |||
minReplicas: 1 | |||
maxReplicas: 2 | |||
registry: | |||
enabled: false | |||
hpa: | |||
minReplicas: 1 | |||
maxReplicas: 2 | |||
postgresql: | postgresql: | ||
install: | install: false | ||
prometheus: | prometheus: | ||
install: false | install: false | ||
certmanager: | certmanager: | ||
install: false | install: false | ||
upgradeCheck: | |||
enabled: false | |||
gitlab-runner: | gitlab-runner: | ||
install: false | install: false | ||
Line 109: | Line 192: | ||
helm uninstall -n gitlab gitlab | helm uninstall -n gitlab gitlab | ||
kubectl delete namespace gitlab | kubectl delete namespace gitlab | ||
</syntaxhighlight> | |||
==Swiss Knife== | |||
<syntaxhighlight lang="bash"> | |||
kubectl -n gitlab run -i --tty --rm psql --image=alpine --restart=Never -- sh | |||
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo | |||
apk --update add postgresql-client inetutils-telnet | |||
psql -d gitlab -U gitlab -h gitlab.gitlab-postgresql | |||
psql -d gitlab -U gitlab -h host.minikube.internal | |||
psql -d gitlab -U gitlab -h postgresql.postgresql | |||
</syntaxhighlight> | |||
==Patch== | |||
===Patch » Ingress=== | |||
{| | |||
|colspan="2"| | |||
<syntaxhighlight lang="yaml"> | |||
kubectl -n gitlab get ing/gitlab-webservice-default -ojson|jq -r '.spec.ingressClassName' | |||
kubectl -n gitlab get ing/gitlab-minio -ojson|jq -r '.spec.ingressClassName' | |||
</syntaxhighlight> | |||
|- | |||
|colspan="2"| | |||
---- | |||
|- | |||
|valign="top"| | |||
<syntaxhighlight lang="yaml"> | |||
cat <<YML | kubectl -n gitlab patch ing/gitlab-webservice-default --patch-file=/dev/stdin | |||
--- | |||
spec: | |||
ingressClassName: nginx | |||
YML | |||
</syntaxhighlight> | |||
|valign="top"| | |||
<syntaxhighlight lang="yaml"> | |||
cat <<YML | kubectl -n gitlab patch ing/gitlab-minio --patch-file=/dev/stdin | |||
--- | |||
spec: | |||
ingressClassName: nginx | |||
YML | |||
</syntaxhighlight> | |||
|} | |||
==Migration== | |||
<syntaxhighlight lang="bash"> | |||
kubectl -n postgresql cp ./gitlab_sdlc-20240820-T1622-ZP0800.sql.gz postgresql-0:/tmp/ | |||
kubectl -n postgresql exec -it svc/postgresql -c postgresql -- bash | |||
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo | |||
psql -d postgres -U postgres | |||
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo | |||
gunzip -c /tmp/./gitlab_sdlc-20240820-T1622-ZP0800.sql.gz|psql -Ugitlab gitlab | |||
psql -d gitlab -U gitlab | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 126: | Line 266: | ||
| colspan="2" | | | colspan="2" | | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
kubectl -n gitlab | kubectl -n gitlab get secret gitlab-gitlab-initial-root-password -ojsonpath='{.data.password}'|base64 -d;echo | ||
kubectl -n gitlab | kubectl -n gitlab get secret gitlab-gitlab-initial-root-password -ojson|jq -r '.data.password'|base64 -d;echo | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 136: | Line 276: | ||
| colspan="2" | | | colspan="2" | | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
kubectl -n gitlab get secret gitlab -o json|jq -r '.data."psql-password"'|base64 -d;echo | |||
kubectl -n gitlab get secret gitlab -o json|jq -r '.data."root-password"'|base64 -d;echo | |||
kubectl -n gitlab get secret gitlab -o json|jq -r '.data."smtp-password"'|base64 -d;echo | |||
kubectl -n gitlab exec -it svc/gitlab-postgresql -c postgresql -- psql -Ugitlab | kubectl -n gitlab exec -it svc/gitlab-postgresql -c postgresql -- psql -Ugitlab | ||
kubectl -n gitlab exec -it svc/gitlab-postgresql -c postgresql -- bash | kubectl -n gitlab exec -it svc/gitlab-postgresql -c postgresql -- bash | ||
kubectl -n gitlab exec -it svc/gitlab -c gitlab -- | |||
kubectl -n gitlab exec -it svc/gitlab -c | kubectl -n gitlab exec -it svc/gitlab-webservice-default -c gitlab-workhorse -- bash | ||
kubectl -n gitlab exec -it gitlab- | kubectl -n gitlab exec -it svc/gitlab-webservice-default -c webservice -- bash | ||
kubectl -n gitlab exec -it svc/gitlab-redis-master -c redis -- bash | |||
kubectl -n gitlab exec -it svc/gitlab-gitaly -c gitaly -- bash | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 189: | Line 333: | ||
| valign="top" | | | valign="top" | | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
kubectl -n gitlab exec -it gitlab- | kubectl -n gitlab exec -it gitlab-redis-master-0 -- bash | ||
kubectl -n gitlab | kubectl -n gitlab exec -it gitlab-postgresql-0 -- bash | ||
kubectl -n gitlab | kubectl -n gitlab exec -it gitlab-gitaly-0 -- bash | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 206: | Line 350: | ||
* [[Helm/Cert Manager|Helm » Cert Manager]] | * [[Helm/Cert Manager|Helm » Cert Manager]] | ||
* [[Helm/SonarQube|Helm » SonarQube]] | * [[Helm/SonarQube|Helm » SonarQube]] | ||
* [ | * [[Helm/Keycloak|Helm » Keycloak]] | ||
* [https://docs.gitlab.com/charts/quickstart/ Helm » GitLab] | * [https://docs.gitlab.com/charts/quickstart/ Helm » GitLab] | ||
* [[Helm]] | * [[Helm]] | ||
Line 218: | Line 362: | ||
* [https://docs.gitlab.com/charts/advanced/external-redis/ Helm » GitLab » External » Redis] | * [https://docs.gitlab.com/charts/advanced/external-redis/ Helm » GitLab » External » Redis] | ||
* [https://docs.gitlab.com/charts/advanced/external-db/ Helm » GitLab » External » DB] | * [https://docs.gitlab.com/charts/advanced/external-db/ Helm » GitLab » External » DB] | ||
* [ | * [[Helm/GitLab_External|Helm » GitLab » External]] | ||
* [https://gitlab.com/gitlab-org/charts/gitlab-runner Helm » GitLab » Runner] | * [https://gitlab.com/gitlab-org/charts/gitlab-runner Helm » GitLab » Runner] | ||
* [https://gitlab.com/gitlab-org/charts/gitlab-agent Helm » GitLab » Agent] | * [https://gitlab.com/gitlab-org/charts/gitlab-agent Helm » GitLab » Agent] | ||
Line 228: | Line 372: | ||
* [https://docs.gitlab.com/charts/advanced/internal-tls/ Helm » GitLab » Internal TLS] | * [https://docs.gitlab.com/charts/advanced/internal-tls/ Helm » GitLab » Internal TLS] | ||
* [https://docs.gitlab.com/charts/advanced/multiple-databases/ Helm » GitLab » Multiple DB] | * [https://docs.gitlab.com/charts/advanced/multiple-databases/ Helm » GitLab » Multiple DB] | ||
* [https://gitlab.com/charts/gitlab-omnibus Helm » GitLab » Omnibus] | |||
* [https://gitlab.com/gitlab-org/charts/gitlab/-/blob/8-2-stable/values.yaml?ref_type=heads Helm » GitLab » Values] | |||
* [https://docs.gitlab.com/charts/installation/migration/minio.html Helm » GitLab » MinIO] | * [https://docs.gitlab.com/charts/installation/migration/minio.html Helm » GitLab » MinIO] | ||
* [https://docs.gitlab.com/charts/advanced/geo/ Helm » GitLab » Geo] | * [https://docs.gitlab.com/charts/advanced/geo/ Helm » GitLab » Geo] | ||
* [https://docs.gitlab.com/charts/advanced/persistent-volumes/ Helm » GitLab » PV] | * [https://docs.gitlab.com/charts/advanced/persistent-volumes/ Helm » GitLab » PV] | ||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
* [https://docs.gitlab.com/charts/charts/gitlab/gitlab-shell/ Helm » GitLab » GitLab Shell] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/webservice/ Helm » GitLab » Webservice] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/migrations/ Helm » GitLab » Migrations] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/gitlab-exporter/ Helm » GitLab » Exporter] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/praefect/ Helm » GitLab » Praefect] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/sidekiq/ Helm » GitLab » Sidekiq] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/gitlab-runner/ Helm » GitLab » Runner] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/gitlab-pages/ Helm » GitLab » Pages] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/gitaly/ Helm » GitLab » Gitaly] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/kas/ Helm » GitLab » KAS] | |||
| valign="top" | | |||
* [https://docs.gitlab.com/charts/charts/gitlab/spamcheck/ Helm » GitLab » Spamcheck] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/mailroom/ Helm » GitLab » Mailroom] | |||
* [https://docs.gitlab.com/charts/charts/haproxy/ Helm » GitLab » HAProxy] | |||
* [https://docs.gitlab.com/charts/charts/registry/ Helm » GitLab » Registry] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/toolbox/ Helm » GitLab » Toolbox] | |||
* [https://docs.gitlab.com/charts/charts/shared-secrets.html Helm » GitLab » Secrets] | |||
* [https://docs.gitlab.com/charts/charts/traefik// Helm » GitLab » Traefik] | |||
* [https://docs.gitlab.com/charts/charts/nginx/ Helm » GitLab » Nginx] | |||
* [https://docs.gitlab.com/charts/charts/gitlab/gitlab-zoekt/ Helm » GitLab » Zoekt] | |||
* [https://docs.gitlab.com/charts/charts/minio/ Helm » GitLab » MinIO] | |||
| valign="top" | | |||
* [https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4713 Helm » GitLab » Node Selector] | |||
* [https://docs.gitlab.com/charts/advanced/ Helm » GitLab » Advanced] | |||
* [[Helm/PostgreSQL|Helm » PostgreSQL]] | |||
* [[Helm/MinIO|Helm » MinIO]] | |||
* [[Helm/Redis|Helm » Redis]] | |||
|- | |- | ||
Line 238: | Line 419: | ||
| valign="top" | | | valign="top" | | ||
* [https://docs.gitlab.com/charts/installation/migration/helm_to_package.html GitLab » Helm chart to the Linux package] | * [https://docs.gitlab.com/charts/installation/migration/helm_to_package.html GitLab » Helm chart to the Linux package] | ||
* [https://forum.gitlab.com/t/using-keycloak-as-sso-for-gitlab-with-pre-existing-users-no-autocreate/67833 GitLab » SSO with pre-existing users] | |||
* [https://gitlab.com/gitlab-org/charts/gitlab/-/tree/master/examples/objectstorage GitLab » Examples » Object Storage] | |||
* [https://dheeruthedeployer.medium.com/gitlab-integration-with-keycloak-e1b2ff11a177 GitLab » Integration with Keycloak] | * [https://dheeruthedeployer.medium.com/gitlab-integration-with-keycloak-e1b2ff11a177 GitLab » Integration with Keycloak] | ||
* [https://docs.gitlab.com/ee/administration/gitaly/ GitLab » Gitaly » Administration] | * [https://docs.gitlab.com/ee/administration/gitaly/ GitLab » Gitaly » Administration] | ||
Line 247: | Line 430: | ||
| valign="top" | | | valign="top" | | ||
* [https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/examples/objectstorage/registry.minio.yaml GitLab » Examples » Object Storage » MinIO » Registry] | |||
* [https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/examples/objectstorage/registry.s3.yaml GitLab » Examples » Object Storage » S3 » Registry] | |||
* [https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/examples/objectstorage/rails.minio.yaml GitLab » Examples » Object Storage » MinIO » Rails] | |||
* [https://stackoverflow.com/questions/66645970/ GitLab » Error » <code>kex_exchange_identification</code>] | |||
* [https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/examples/objectstorage/rails.s3.yaml GitLab » Examples » Object Storage » S3 » Rails] | |||
* [https://gitlab.com/gitlab-org/charts/gitlab/blob/master/examples/values-external-objectstorage.yaml GitLab » Examples » Object Storage » External] | |||
* [https://hub.docker.com/r/bitnami/gitlab-runner GitLab » Docker » <code>bitnami/gitlab-runner</code>] | |||
* [https://hub.docker.com/r/gitlab/gitlab-ce GitLab » Docker » <code>gitlab/gitlab-ce</code>] | |||
* [https://docs.gitlab.com/ee/update/deprecations.html GitLab » Version » Deprecations] | |||
* [https://docs.gitlab.com/ee/update/?tab=Docker GitLab » Docker » Upgrade] | |||
| valign="top" | | | valign="top" | | ||
* [https://hub.docker.com/r/gitlab/gitlab-ce/tags?name=17.1.3 GitLab » Docker » <code>gitlab/gitlab-ce:17.1.3</code>] | |||
* [https://hub.docker.com/r/gitlab/gitlab-ce/tags?name=16.1.3 GitLab » Docker » <code>gitlab/gitlab-ce:16.1.3</code>] | |||
* [https://hub.docker.com/r/gitlab/gitlab-ce/tags?name=15.1.3 GitLab » Docker » <code>gitlab/gitlab-ce:15.1.3</code>] | |||
* [[Docker/Compose/GitLab|GitLab » Docker » Compose]] | |||
|- | |- | ||
Line 267: | Line 464: | ||
| valign="top" | | | valign="top" | | ||
* [https://stackoverflow.com/questions/31870222 K8s » <code>kubectl run</code> » <code>sleep infinity</code>] | |||
* [https://kubernetes.io/docs/reference/kubectl/generated/kubectl_rollout/ K8s » <code>kubectl rollout</code>] | * [https://kubernetes.io/docs/reference/kubectl/generated/kubectl_rollout/ K8s » <code>kubectl rollout</code>] | ||
* [[K8s/CSI Hostpath Driver|K8s » CSI Hostpath Driver]] | * [[K8s/CSI Hostpath Driver|K8s » CSI Hostpath Driver]] | ||
* [[K8s/Swiss Knife|K8s » Swiss Knife]] | |||
* [[K8s/Ingress|K8s » Ingress]] | |||
* [[K8s/Service|K8s » Service]] | |||
* [[PostgreSQL]] | * [[PostgreSQL]] | ||
* [[K8s/Run|K8s » Run]] | |||
* [[MinIO]] | |||
* [[UFW]] | |||
| valign="top" | | | valign="top" | | ||
|} | |} |
Latest revision as of 05:02, 11 September 2024
helm repo add gitlab https://charts.gitlab.io helm repo update && helm repo list kubectl config get-contexts
Config
export KUBECONFIG="${HOME}/.kube/dev-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/gcp-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/config"
Install
kubectl delete namespace gitlab
cat << DDL | psql -U ${USER}
DROP DATABASE IF EXISTS gitlab;
DROP USER IF EXISTS gitlab;
DDL
cat << DDL | psql -U ${USER}
CREATE DATABASE gitlab;
CREATE USER gitlab WITH ENCRYPTED PASSWORD 'sadaqah!';
GRANT ALL PRIVILEGES ON DATABASE gitlab TO gitlab;
ALTER USER gitlab WITH SUPERUSER;
DDL
helm show values gitlab/gitlab --version 8.0.1|less
helm show values gitlab/gitlab --version 8.2.1|less
kubectl get ns|grep gitlab
kubectl create namespace gitlab
|
cat << YML | kubectl apply -n gitlab -f -
---
apiVersion: v1
kind: Secret
metadata:
name: gitlab
namespace: gitlab
labels:
app.kubernetes.io/managed-by: kubectl
app.kubernetes.io/instance: gitlab
app.kubernetes.io/version: 8.2.1
app.kubernetes.io/name: gitlab
helm.sh/chart: gitlab-8.2.1
annotations:
meta.helm.sh/release-name: gitlab
meta.helm.sh/release-namespace: gitlab
data:
smtp-password: c2FkYXFhaCE=
psql-password: c2FkYXFhaCE=
root-password: c2FkYXFhaCE=
type: Opaque
YML
|
| |
cat <<YML | helm -n gitlab install gitlab gitlab/gitlab --version 8.2.1 -f -
---
global:
edition: ce
hosts:
https: false
domain: k8s.local
ssh: gitlab.k8s.local
gitlab:
name: gitlab.k8s.local
https: false
minio:
name: minio.gitlab.k8s.local
https: false
ingress:
tls:
enabled: false
configureCertmanager: false
psql:
host: host.minikube.internal
username: gitlab
database: gitlab
password:
secret: gitlab
key: psql-password
smtp:
enabled: true
address: mail.k8s.local
port: 10587
user_name: "[email protected]"
password:
secret: gitlab
key: smtp-password
domain: mail.k8s.local
authentication: "plain"
starttls_auto: true
email:
from: "[email protected]"
display_name: Academia Gitlab
reply_to: "[email protected]"
registry:
bucket: gitlab-registry
appConfig:
lfs:
bucket: gitlab-lfs
backups:
tmpBucket: gitlab-tmp
terraformState:
enabled: true
bucket: gitlab-tf-state
omniauth:
enabled: true
blockAutoCreatedUsers: false
allowSingleSignOn: ["openid_connect"]
syncProfileFromProvider: |
[{ 'name' => 'openid_connect', 'label' => 'Academia OpenID', 'icon' => '', 'args' => {'name' => 'openid_connect', 'scope' => ['openid','profile'], 'response_type' => 'code', 'issuer' => 'http://keycloak.k8s.local/realms/GoogleWorkspace', 'discovery' => true, 'client_auth_method' => 'query', 'uid_field' => 'sub', 'send_scope_to_token_endpoint' => 'false', 'client_options' => { 'identifier' => 'gitlab.k8s.local', 'secret' => '9f16a376-2114-45f4-9b69-873080764b15', 'redirect_uri' => 'http://gitlab.k8s.local/users/auth/openid_connect/callback' }}}]
kas:
enabled: false
minio:
enabled: true
gitaly:
enabled: true
registry:
enabled: false
initialRootPassword:
secret: gitlab
key: root-password
time_zone: "Asia/Kuala_Lumpur"
redis:
install: true
gitlab:
webservice:
minReplicas: 1
maxReplicas: 2
gitlab-shell:
minReplicas: 1
maxReplicas: 2
registry:
enabled: false
hpa:
minReplicas: 1
maxReplicas: 2
postgresql:
install: false
prometheus:
install: false
certmanager:
install: false
upgradeCheck:
enabled: false
gitlab-runner:
install: false
nginx-ingress:
enabled: false
nginx-ingress-geo:
enabled: false
YML
| |
| |
xdg-open http://gitlab.k8s.local &>/dev/null &
gnome-open http://gitlab.k8s.local &>/dev/null &
|
x-www-browser http://gitlab.k8s.local &>/dev/null &
sensible-browser http://gitlab.k8s.local &>/dev/null &
|
Uninstall
helm uninstall -n gitlab gitlab
kubectl delete namespace gitlab
Swiss Knife
kubectl -n gitlab run -i --tty --rm psql --image=alpine --restart=Never -- sh
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo
apk --update add postgresql-client inetutils-telnet
psql -d gitlab -U gitlab -h gitlab.gitlab-postgresql
psql -d gitlab -U gitlab -h host.minikube.internal
psql -d gitlab -U gitlab -h postgresql.postgresql
Patch
Patch » Ingress
kubectl -n gitlab get ing/gitlab-webservice-default -ojson|jq -r '.spec.ingressClassName'
kubectl -n gitlab get ing/gitlab-minio -ojson|jq -r '.spec.ingressClassName'
| |
| |
cat <<YML | kubectl -n gitlab patch ing/gitlab-webservice-default --patch-file=/dev/stdin
---
spec:
ingressClassName: nginx
YML
|
cat <<YML | kubectl -n gitlab patch ing/gitlab-minio --patch-file=/dev/stdin
---
spec:
ingressClassName: nginx
YML
|
Migration
kubectl -n postgresql cp ./gitlab_sdlc-20240820-T1622-ZP0800.sql.gz postgresql-0:/tmp/
kubectl -n postgresql exec -it svc/postgresql -c postgresql -- bash
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo
psql -d postgres -U postgres
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo
gunzip -c /tmp/./gitlab_sdlc-20240820-T1622-ZP0800.sql.gz|psql -Ugitlab gitlab
psql -d gitlab -U gitlab
Playground
helm -n gitlab install gitlab gitlab/gitlab --version 8.0.1
helm -n gitlab upgrade -i gitlab gitlab/gitlab --version 8.2.1
helm show values gitlab/gitlab --version 8.2.1|less
| |
| |
kubectl -n gitlab get secret gitlab-gitlab-initial-root-password -ojsonpath='{.data.password}'|base64 -d;echo
kubectl -n gitlab get secret gitlab-gitlab-initial-root-password -ojson|jq -r '.data.password'|base64 -d;echo
| |
| |
kubectl -n gitlab get secret gitlab -o json|jq -r '.data."psql-password"'|base64 -d;echo
kubectl -n gitlab get secret gitlab -o json|jq -r '.data."root-password"'|base64 -d;echo
kubectl -n gitlab get secret gitlab -o json|jq -r '.data."smtp-password"'|base64 -d;echo
kubectl -n gitlab exec -it svc/gitlab-postgresql -c postgresql -- psql -Ugitlab
kubectl -n gitlab exec -it svc/gitlab-postgresql -c postgresql -- bash
kubectl -n gitlab exec -it svc/gitlab-webservice-default -c gitlab-workhorse -- bash
kubectl -n gitlab exec -it svc/gitlab-webservice-default -c webservice -- bash
kubectl -n gitlab exec -it svc/gitlab-redis-master -c redis -- bash
kubectl -n gitlab exec -it svc/gitlab-gitaly -c gitaly -- bash
| |
| |
kubectl config --kubeconfig=${HOME}/.kube/aws-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/dev-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/gcp-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/config view --flatten
| |
| |
kubectl -n gitlab delete all --all
kubectl -n gitlab delete ing --all
kubectl -n gitlab delete sts --all
|
kubectl -n gitlab delete svc --all
kubectl -n gitlab delete pvc --all
kubectl -n gitlab delete pv --all
|
| |
kubectl -n gitlab rollout history sts gitlab
kubectl -n gitlab rollout restart sts gitlab
kubectl -n gitlab rollout status sts gitlab
|
kubectl -n gitlab exec -it gitlab-redis-master-0 -- bash
kubectl -n gitlab exec -it gitlab-postgresql-0 -- bash
kubectl -n gitlab exec -it gitlab-gitaly-0 -- bash
|