Helm/GitLab External: Difference between revisions
Jump to navigation
Jump to search
(Created page with " helm repo add gitlab https://charts.gitlab.io helm repo update && helm repo list kubectl config get-contexts ==Config== <syntaxhighlight lang="properties"> export KUBECONFIG="${HOME}/.kube/dev-kubeconfig.yaml" export KUBECONFIG="${HOME}/.kube/gcp-kubeconfig.yaml" export KUBECONFIG="${HOME}/.kube/config" </syntaxhighlight> ==Install== {| |valign="top"| <syntaxhighlight lang="sql"> kubectl delete namespace gitlab cat << DDL | psql -U ${USER} DROP DATABASE IF EXISTS gi...") |
|||
(32 intermediate revisions by the same user not shown) | |||
Line 14: | Line 14: | ||
|valign="top"| | |valign="top"| | ||
<syntaxhighlight lang="sql"> | <syntaxhighlight lang="sql"> | ||
kubectl | kubectl -n postgresql exec -it svc/postgresql -c postgresql -- bash | ||
cat << DDL | psql -U | cat << DDL | psql -U postgres | ||
DROP DATABASE IF EXISTS gitlab; | DROP DATABASE IF EXISTS gitlab; | ||
DROP USER IF EXISTS gitlab; | DROP USER IF EXISTS gitlab; | ||
Line 22: | Line 22: | ||
---- | ---- | ||
<syntaxhighlight lang="sql"> | <syntaxhighlight lang="sql"> | ||
cat << DDL | psql -U | cat << DDL | psql -U postgres | ||
CREATE DATABASE gitlab; | CREATE DATABASE gitlab; | ||
CREATE USER gitlab WITH ENCRYPTED PASSWORD 'sadaqah!'; | CREATE USER gitlab WITH ENCRYPTED PASSWORD 'sadaqah!'; | ||
GRANT ALL PRIVILEGES ON DATABASE | GRANT ALL PRIVILEGES ON DATABASE gitlab TO gitlab; | ||
ALTER DATABASE gitlab OWNER TO gitlab; | |||
DDL | DDL | ||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
helm show values gitlab/gitlab --version 8.2.1|less | helm show values gitlab/gitlab --version 8.2.1|less | ||
kubectl delete namespace gitlab | |||
kubectl get ns|grep gitlab | kubectl get ns|grep gitlab | ||
Line 102: | Line 103: | ||
|- | |- | ||
|colspan="2"| | |colspan="2"| | ||
<syntaxhighlight lang="yaml" highlight=" | <syntaxhighlight lang="yaml" highlight="20-22,28-30,39,41-52,67-69,84-86" line> | ||
cat <<YML | helm -n gitlab install gitlab gitlab/gitlab --version 8.2.1 -f - | cat <<YML | helm -n gitlab install gitlab gitlab/gitlab --version 8.2.1 -f - | ||
--- | --- | ||
Line 113: | Line 114: | ||
gitlab: | gitlab: | ||
name: gitlab.k8s.local | name: gitlab.k8s.local | ||
https: false | https: false | ||
ingress: | ingress: | ||
Line 122: | Line 120: | ||
configureCertmanager: false | configureCertmanager: false | ||
psql: | psql: | ||
host: | host: postgresql.postgresql | ||
username: gitlab | username: gitlab | ||
database: gitlab | database: gitlab | ||
Line 143: | Line 141: | ||
display_name: Academia Gitlab | display_name: Academia Gitlab | ||
reply_to: "[email protected]" | reply_to: "[email protected]" | ||
registry: | |||
bucket: gitlab-registry | |||
appConfig: | appConfig: | ||
lfs: | lfs: | ||
bucket: gitlab-lfs | bucket: gitlab-lfs | ||
backups: | backups: | ||
tmpBucket: gitlab-tmp | tmpBucket: gitlab-tmp | ||
object_store: | object_store: | ||
enabled: true | enabled: true | ||
Line 171: | Line 156: | ||
enabled: true | enabled: true | ||
bucket: gitlab-tf-state | bucket: gitlab-tf-state | ||
omniauth: | omniauth: | ||
enabled: true | enabled: true | ||
Line 201: | Line 183: | ||
minReplicas: 1 | minReplicas: 1 | ||
maxReplicas: 2 | maxReplicas: 2 | ||
traefik: | traefik: | ||
install: false | install: false | ||
Line 258: | Line 234: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== | ==Swiss Knife== | ||
<syntaxhighlight lang="bash"> | |||
kubectl -n gitlab run -i --tty --rm psql --image=alpine --restart=Never -- sh | |||
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo | |||
apk --update add postgresql-client inetutils-telnet | |||
psql -d gitlab -U gitlab -h gitlab.gitlab-postgresql | |||
psql -d gitlab -U gitlab -h host.minikube.internal | |||
psql -d gitlab -U gitlab -h postgresql.postgresql | |||
</syntaxhighlight> | |||
==Patch== | |||
===Patch » Ingress=== | |||
{| | {| | ||
| | |valign="top"| | ||
<syntaxhighlight lang=" | <syntaxhighlight lang="yaml"> | ||
kubectl -n gitlab get ing/gitlab-webservice-default -ojson|jq -r '.spec.ingressClassName' | |||
cat <<YML | kubectl -n gitlab patch ing/gitlab-webservice-default --patch-file=/dev/stdin | |||
--- | |||
spec: | |||
ingressClassName: nginx | |||
YML | |||
</syntaxhighlight> | </syntaxhighlight> | ||
|valign="top"| | |||
|- | |- | ||
| colspan="2" | | |colspan="2"| | ||
---- | ---- | ||
|- | |- | ||
|valign="top"| | |||
|valign="top"| | |||
|} | |||
==Migration== | |||
<syntaxhighlight lang="bash"> | |||
kubectl -n postgresql cp ./gitlab_sdlc-20240820-T1622-ZP0800.sql.gz postgresql-0:/tmp/ | |||
kubectl -n postgresql exec -it svc/postgresql -c postgresql -- bash | |||
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo | |||
psql -d postgres -U postgres | |||
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo | |||
gunzip -c /tmp/./gitlab_sdlc-20240820-T1622-ZP0800.sql.gz|psql -Ugitlab gitlab | |||
psql -d gitlab -U gitlab | |||
</syntaxhighlight> | |||
==Playground== | |||
{| | |||
| colspan="2" | | | colspan="2" | | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
helm -n gitlab install gitlab gitlab/gitlab --version 8.0.1 | |||
helm -n gitlab upgrade -i gitlab gitlab/gitlab --version 8.2.1 | |||
helm show values gitlab/gitlab --version 8.2.1|less | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 283: | Line 298: | ||
| colspan="2" | | | colspan="2" | | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
kubectl -n gitlab get secret gitlab | kubectl -n gitlab get secret gitlab -o json|jq -r '.data."psql-password"'|base64 -d;echo | ||
kubectl -n gitlab get secret gitlab | kubectl -n gitlab get secret gitlab -o json|jq -r '.data."root-password"'|base64 -d;echo | ||
kubectl -n gitlab get secret gitlab | kubectl -n gitlab get secret gitlab -o json|jq -r '.data."smtp-password"'|base64 -d;echo | ||
kubectl -n gitlab exec -it svc/gitlab-webservice-default -c gitlab-workhorse -- bash | kubectl -n gitlab exec -it svc/gitlab-webservice-default -c gitlab-workhorse -- bash | ||
kubectl -n gitlab exec -it svc/gitlab-webservice-default -c webservice -- bash | kubectl -n gitlab exec -it svc/gitlab-webservice-default -c webservice -- bash | ||
kubectl -n postgresql exec -it svc/postgresql -c postgresql -- psql -Ugitlab | |||
kubectl -n postgresql exec -it svc/postgresql -c postgresql -- bash | |||
kubectl -n gitlab exec -it svc/gitlab-redis-master -c redis -- bash | kubectl -n gitlab exec -it svc/gitlab-redis-master -c redis -- bash | ||
Line 416: | Line 431: | ||
* [https://docs.gitlab.com/charts/advanced/ Helm » GitLab » Advanced] | * [https://docs.gitlab.com/charts/advanced/ Helm » GitLab » Advanced] | ||
* [[Helm/PostgreSQL|Helm » PostgreSQL]] | * [[Helm/PostgreSQL|Helm » PostgreSQL]] | ||
* [[Helm/Traefik|Helm » Traefik]] | |||
* [[Helm/MinIO|Helm » MinIO]] | * [[Helm/MinIO|Helm » MinIO]] | ||
* [[Helm/Redis|Helm » Redis]] | * [[Helm/Redis|Helm » Redis]] | ||
Line 442: | Line 458: | ||
* [https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/examples/objectstorage/rails.s3.yaml GitLab » Examples » Object Storage » S3 » Rails] | * [https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/examples/objectstorage/rails.s3.yaml GitLab » Examples » Object Storage » S3 » Rails] | ||
* [https://gitlab.com/gitlab-org/charts/gitlab/blob/master/examples/values-external-objectstorage.yaml GitLab » Examples » Object Storage » External] | * [https://gitlab.com/gitlab-org/charts/gitlab/blob/master/examples/values-external-objectstorage.yaml GitLab » Examples » Object Storage » External] | ||
* [https://hub.docker.com/r/bitnami/gitlab-runner GitLab » Docker » <code>bitnami/gitlab-runner</code>] | |||
* [https://hub.docker.com/r/gitlab/gitlab-ce GitLab » Docker » <code>gitlab/gitlab-ce</code>] | |||
* [https://docs.gitlab.com/ee/update/deprecations.html GitLab » Version » Deprecations] | |||
* [https://docs.gitlab.com/ee/update/?tab=Docker GitLab » Docker » Upgrade] | |||
| valign="top" | | | valign="top" | | ||
* [https://hub.docker.com/r/gitlab/gitlab-ce/tags?name=17.1.3 GitLab » Docker » <code>gitlab/gitlab-ce:17.1.3</code>] | |||
* [https://hub.docker.com/r/gitlab/gitlab-ce/tags?name=16.1.3 GitLab » Docker » <code>gitlab/gitlab-ce:16.1.3</code>] | |||
* [https://hub.docker.com/r/gitlab/gitlab-ce/tags?name=15.1.3 GitLab » Docker » <code>gitlab/gitlab-ce:15.1.3</code>] | |||
* [https://gitlab.com/gitlab-org/charts/gitlab/-/issues/1693 GitLab » K8s » Git SSH Clone Passkey] | |||
* [https://github.com/IBM/Kubernetes-container-service-GitLab-sample/blob/master/docs/ssh-port-ingress.md GitLab » IKS » Expose SSH Port] | |||
* [https://gitlab.com/gitlab-org/charts/gitlab/-/issues/2995 GitLab » EKS » Git Over SSH] | |||
* [[Docker/Compose/GitLab|GitLab » Docker » Compose]] | |||
|- | |- | ||
Line 462: | Line 489: | ||
| valign="top" | | | valign="top" | | ||
* [https://stackoverflow.com/questions/31870222 K8s » <code>kubectl run</code> » <code>sleep infinity</code>] | |||
* [https://kubernetes.io/docs/reference/kubectl/generated/kubectl_rollout/ K8s » <code>kubectl rollout</code>] | * [https://kubernetes.io/docs/reference/kubectl/generated/kubectl_rollout/ K8s » <code>kubectl rollout</code>] | ||
* [[K8s/CSI Hostpath Driver|K8s » CSI Hostpath Driver]] | * [[K8s/CSI Hostpath Driver|K8s » CSI Hostpath Driver]] | ||
* [[K8s/Swiss Knife|K8s » Swiss Knife]] | |||
* [[K8s/Ingress|K8s » Ingress]] | |||
* [[K8s/Service|K8s » Service]] | |||
* [[PostgreSQL]] | * [[PostgreSQL]] | ||
* [[K8s/Run|K8s » Run]] | |||
* [[MinIO]] | * [[MinIO]] | ||
* [[UFW]] | * [[UFW]] |
Latest revision as of 02:43, 30 September 2024
helm repo add gitlab https://charts.gitlab.io helm repo update && helm repo list kubectl config get-contexts
Config
export KUBECONFIG="${HOME}/.kube/dev-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/gcp-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/config"
Install
kubectl -n postgresql exec -it svc/postgresql -c postgresql -- bash
cat << DDL | psql -U postgres
DROP DATABASE IF EXISTS gitlab;
DROP USER IF EXISTS gitlab;
DDL
cat << DDL | psql -U postgres
CREATE DATABASE gitlab;
CREATE USER gitlab WITH ENCRYPTED PASSWORD 'sadaqah!';
GRANT ALL PRIVILEGES ON DATABASE gitlab TO gitlab;
ALTER DATABASE gitlab OWNER TO gitlab;
DDL
helm show values gitlab/gitlab --version 8.2.1|less
kubectl delete namespace gitlab
kubectl get ns|grep gitlab
kubectl create namespace gitlab
|
cat << YML | kubectl apply -n gitlab -f -
---
apiVersion: v1
kind: Secret
metadata:
name: gitlab
namespace: gitlab
labels:
app.kubernetes.io/managed-by: kubectl
app.kubernetes.io/instance: gitlab
app.kubernetes.io/version: 8.2.1
app.kubernetes.io/name: gitlab
helm.sh/chart: gitlab-8.2.1
annotations:
meta.helm.sh/release-name: gitlab
meta.helm.sh/release-namespace: gitlab
data:
smtp-password: c2FkYXFhaCE=
psql-password: c2FkYXFhaCE=
root-password: c2FkYXFhaCE=
type: Opaque
YML
|
| |
cat <<YML | kubectl -n gitlab create secret generic gitlab-rails-storage --from-file=connection=/dev/stdin
---
provider: AWS
path_style: true
region: us-east-1
host: minio.minio
aws_signature_version: 4
endpoint: "http://minio.minio:9000"
aws_access_key_id: Tnen3kCv71osfJKkhcIP
aws_secret_access_key: rxMU6fWayQD6no1p1LO7orBmxNMtbKuyHITpflBJ
YML
|
cat <<YML | kubectl -n gitlab create secret generic gitlab-registry-storage --from-file=config=/dev/stdin
---
s3:
v4auth: true
pathstyle: true
region: us-east-1
bucket: gitlab-registry
accesskey: Tnen3kCv71osfJKkhcIP
regionendpoint: "http://minio.minio:9000"
secretkey: rxMU6fWayQD6no1p1LO7orBmxNMtbKuyHITpflBJ
YML
|
| |
cat <<YML | helm -n gitlab install gitlab gitlab/gitlab --version 8.2.1 -f -
---
global:
edition: ce
hosts:
https: false
domain: k8s.local
ssh: gitlab.k8s.local
gitlab:
name: gitlab.k8s.local
https: false
ingress:
tls:
enabled: false
configureCertmanager: false
psql:
host: postgresql.postgresql
username: gitlab
database: gitlab
password:
secret: gitlab
key: psql-password
smtp:
enabled: true
address: mail.k8s.local
port: 10587
user_name: "[email protected]"
password:
secret: gitlab
key: smtp-password
domain: mail.k8s.local
authentication: "plain"
starttls_auto: true
email:
from: "[email protected]"
display_name: Academia Gitlab
reply_to: "[email protected]"
registry:
bucket: gitlab-registry
appConfig:
lfs:
bucket: gitlab-lfs
backups:
tmpBucket: gitlab-tmp
object_store:
enabled: true
connection:
secret: gitlab-rails-storage
key: connection
terraformState:
enabled: true
bucket: gitlab-tf-state
omniauth:
enabled: true
blockAutoCreatedUsers: false
allowSingleSignOn: ["openid_connect"]
syncProfileFromProvider: |
[{ 'name' => 'openid_connect', 'label' => 'Academia OpenID', 'icon' => '', 'args' => {'name' => 'openid_connect', 'scope' => ['openid','profile'], 'response_type' => 'code', 'issuer' => 'http://keycloak.k8s.local/realms/GoogleWorkspace', 'discovery' => true, 'client_auth_method' => 'query', 'uid_field' => 'sub', 'send_scope_to_token_endpoint' => 'false', 'client_options' => { 'identifier' => 'gitlab.k8s.local', 'secret' => '9f16a376-2114-45f4-9b69-873080764b15', 'redirect_uri' => 'http://gitlab.k8s.local/users/auth/openid_connect/callback' }}}]
kas:
enabled: false
minio:
enabled: false
gitaly:
enabled: true
registry:
enabled: false
initialRootPassword:
secret: gitlab
key: root-password
time_zone: "Asia/Kuala_Lumpur"
redis:
install: true
gitlab:
webservice:
minReplicas: 1
maxReplicas: 2
gitlab-shell:
minReplicas: 1
maxReplicas: 2
traefik:
install: false
registry:
enabled: false
storage:
secret: gitlab-registry-storage
key: config
hpa:
minReplicas: 1
maxReplicas: 2
postgresql:
install: false
prometheus:
install: false
certmanager:
install: false
upgradeCheck:
enabled: false
gitlab-runner:
install: false
nginx-ingress:
enabled: false
nginx-ingress-geo:
enabled: false
YML
| |
| |
xdg-open http://gitlab.k8s.local &>/dev/null &
gnome-open http://gitlab.k8s.local &>/dev/null &
|
x-www-browser http://gitlab.k8s.local &>/dev/null &
sensible-browser http://gitlab.k8s.local &>/dev/null &
|
Uninstall
helm uninstall -n gitlab gitlab
kubectl delete namespace gitlab
Swiss Knife
kubectl -n gitlab run -i --tty --rm psql --image=alpine --restart=Never -- sh
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo
apk --update add postgresql-client inetutils-telnet
psql -d gitlab -U gitlab -h gitlab.gitlab-postgresql
psql -d gitlab -U gitlab -h host.minikube.internal
psql -d gitlab -U gitlab -h postgresql.postgresql
Patch
Patch » Ingress
kubectl -n gitlab get ing/gitlab-webservice-default -ojson|jq -r '.spec.ingressClassName'
cat <<YML | kubectl -n gitlab patch ing/gitlab-webservice-default --patch-file=/dev/stdin
---
spec:
ingressClassName: nginx
YML
|
|
| |
Migration
kubectl -n postgresql cp ./gitlab_sdlc-20240820-T1622-ZP0800.sql.gz postgresql-0:/tmp/
kubectl -n postgresql exec -it svc/postgresql -c postgresql -- bash
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo
psql -d postgres -U postgres
echo -n password: ;read -s PGPASSWORD;export PGPASSWORD;echo
gunzip -c /tmp/./gitlab_sdlc-20240820-T1622-ZP0800.sql.gz|psql -Ugitlab gitlab
psql -d gitlab -U gitlab
Playground
helm -n gitlab install gitlab gitlab/gitlab --version 8.0.1
helm -n gitlab upgrade -i gitlab gitlab/gitlab --version 8.2.1
helm show values gitlab/gitlab --version 8.2.1|less
| |
| |
kubectl -n gitlab get secret gitlab -o json|jq -r '.data."psql-password"'|base64 -d;echo
kubectl -n gitlab get secret gitlab -o json|jq -r '.data."root-password"'|base64 -d;echo
kubectl -n gitlab get secret gitlab -o json|jq -r '.data."smtp-password"'|base64 -d;echo
kubectl -n gitlab exec -it svc/gitlab-webservice-default -c gitlab-workhorse -- bash
kubectl -n gitlab exec -it svc/gitlab-webservice-default -c webservice -- bash
kubectl -n postgresql exec -it svc/postgresql -c postgresql -- psql -Ugitlab
kubectl -n postgresql exec -it svc/postgresql -c postgresql -- bash
kubectl -n gitlab exec -it svc/gitlab-redis-master -c redis -- bash
kubectl -n gitlab exec -it svc/gitlab-gitaly -c gitaly -- bash
| |
| |
kubectl config --kubeconfig=${HOME}/.kube/aws-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/dev-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/gcp-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/config view --flatten
| |
| |
kubectl -n gitlab delete all --all
kubectl -n gitlab delete ing --all
kubectl -n gitlab delete sts --all
|
kubectl -n gitlab delete svc --all
kubectl -n gitlab delete pvc --all
kubectl -n gitlab delete pv --all
|
| |
kubectl -n gitlab rollout history sts gitlab
kubectl -n gitlab rollout restart sts gitlab
kubectl -n gitlab rollout status sts gitlab
|
kubectl -n gitlab exec -it gitlab-redis-master-0 -- bash
kubectl -n gitlab exec -it gitlab-postgresql-0 -- bash
kubectl -n gitlab exec -it gitlab-gitaly-0 -- bash
|