Helm/GitLab: Difference between revisions
Jump to navigation
Jump to search
| Line 67: | Line 67: | ||
---- | ---- | ||
|- | |- | ||
| | |valign="top"| | ||
<syntaxhighlight lang="yaml"> | <syntaxhighlight lang="yaml"> | ||
cat <<YML | kubectl -n gitlab create secret generic \ | |||
cat <<YML | kubectl -n gitlab create secret generic gitlab-rails-storage --from-file=connection=/dev/stdin | gitlab-rails-storage --from-file=connection=/dev/stdin | ||
--- | --- | ||
provider: AWS | provider: AWS | ||
| Line 80: | Line 80: | ||
aws_access_key_id: Tnen3kCv71osfJKkhcIP | aws_access_key_id: Tnen3kCv71osfJKkhcIP | ||
aws_secret_access_key: rxMU6fWayQD6no1p1LO7orBmxNMtbKuyHITpflBJ | aws_secret_access_key: rxMU6fWayQD6no1p1LO7orBmxNMtbKuyHITpflBJ | ||
YML | |||
</syntaxhighlight> | |||
|valign="top"| | |||
<syntaxhighlight lang="yaml"> | |||
cat <<YML | kubectl -n gitlab create secret generic \ | |||
gitlab-registry-storage --from-file=config=/dev/stdin | |||
--- | |||
s3: | |||
v4auth: true | |||
pathstyle: true | |||
region: us-east-1 | |||
bucket: gitlab-registry | |||
accesskey: Tnen3kCv71osfJKkhcIP | |||
regionendpoint: "http://minio.minio:9000" | |||
secretkey: rxMU6fWayQD6no1p1LO7orBmxNMtbKuyHITpflBJ | |||
YML | YML | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 88: | Line 104: | ||
|- | |- | ||
|colspan="2"| | |colspan="2"| | ||
<syntaxhighlight lang="yaml" highlight="16-18,24-26,35- | <syntaxhighlight lang="yaml" highlight="16-18,24-26,35-64,79-81,94-97,102-104" line> | ||
cat <<YML | helm -n gitlab install gitlab gitlab/gitlab --version 8.2.1 -f - | cat <<YML | helm -n gitlab install gitlab gitlab/gitlab --version 8.2.1 -f - | ||
--- | --- | ||
| Line 123: | Line 139: | ||
reply_to: "[email protected]" | reply_to: "[email protected]" | ||
appConfig: | appConfig: | ||
lfs: | |||
bucket: gitlab-lfs | |||
connection: | |||
secret: gitlab-rails-storage | |||
key: connection | |||
backups: | |||
tmpBucket: gitlab-tmp | |||
artifacts: | |||
connection: | |||
secret: gitlab-rails-storage | |||
key: connection | |||
uploads: | |||
connection: | |||
secret: gitlab-rails-storage | |||
key: connection | |||
packages: | |||
connection: | |||
secret: gitlab-rails-storage | |||
key: connection | |||
object_store: | object_store: | ||
enabled: true | enabled: true | ||
| Line 130: | Line 165: | ||
terraformState: | terraformState: | ||
enabled: true | enabled: true | ||
bucket: gitlab-tf-state | |||
connection: | |||
secret: gitlab-rails-storage | |||
key: connection | |||
omniauth: | omniauth: | ||
enabled: true | enabled: true | ||
| Line 159: | Line 196: | ||
minReplicas: 1 | minReplicas: 1 | ||
maxReplicas: 2 | maxReplicas: 2 | ||
toolbox: | |||
backups: | |||
objectStorage: | |||
config: | |||
secret: gitlab-rails-storage | |||
key: connection | |||
traefik: | traefik: | ||
install: false | install: false | ||
registry: | registry: | ||
enabled: false | enabled: false | ||
storage: | |||
secret: gitlab-registry-storage | |||
key: config | |||
hpa: | hpa: | ||
minReplicas: 1 | minReplicas: 1 | ||
Revision as of 21:57, 22 August 2024
helm repo add gitlab https://charts.gitlab.io helm repo update && helm repo list kubectl config get-contexts
Config
export KUBECONFIG="${HOME}/.kube/dev-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/gcp-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/config"
Install
kubectl delete namespace gitlab
cat << DDL | psql -U ${USER}
DROP DATABASE IF EXISTS gitlab;
DROP USER IF EXISTS gitlab;
DDL
cat << DDL | psql -U ${USER}
CREATE DATABASE gitlab;
CREATE USER gitlab WITH ENCRYPTED PASSWORD 'sadaqah!';
GRANT ALL PRIVILEGES ON DATABASE gitlab TO gitlab;
DDL
helm show values gitlab/gitlab --version 8.0.1|less
helm show values gitlab/gitlab --version 8.2.1|less
kubectl get ns|grep gitlab
kubectl create namespace gitlab
|
cat << YML | kubectl apply -n gitlab -f -
---
apiVersion: v1
kind: Secret
metadata:
name: gitlab
namespace: gitlab
labels:
app.kubernetes.io/managed-by: kubectl
app.kubernetes.io/instance: gitlab
app.kubernetes.io/version: 8.2.1
app.kubernetes.io/name: gitlab
helm.sh/chart: gitlab-8.2.1
annotations:
meta.helm.sh/release-name: gitlab
meta.helm.sh/release-namespace: gitlab
data:
smtp-password: c2FkYXFhaCE=
psql-password: c2FkYXFhaCE=
root-password: c2FkYXFhaCE=
type: Opaque
YML
|
|
| |
cat <<YML | kubectl -n gitlab create secret generic \
gitlab-rails-storage --from-file=connection=/dev/stdin
---
provider: AWS
path_style: true
region: us-east-1
host: minio.minio
aws_signature_version: 4
endpoint: "http://minio.minio:9000"
aws_access_key_id: Tnen3kCv71osfJKkhcIP
aws_secret_access_key: rxMU6fWayQD6no1p1LO7orBmxNMtbKuyHITpflBJ
YML
|
cat <<YML | kubectl -n gitlab create secret generic \
gitlab-registry-storage --from-file=config=/dev/stdin
---
s3:
v4auth: true
pathstyle: true
region: us-east-1
bucket: gitlab-registry
accesskey: Tnen3kCv71osfJKkhcIP
regionendpoint: "http://minio.minio:9000"
secretkey: rxMU6fWayQD6no1p1LO7orBmxNMtbKuyHITpflBJ
YML
|
|
| |
cat <<YML | helm -n gitlab install gitlab gitlab/gitlab --version 8.2.1 -f -
---
global:
edition: ce
hosts:
https: false
domain: k8s.local
ingress:
tls:
enabled: false
configureCertmanager: false
psql:
host: host.minikube.internal
username: gitlab
database: gitlab
password:
secret: gitlab
key: psql-password
smtp:
enabled: true
address: mail.k8s.local
port: 10587
user_name: "[email protected]"
password:
secret: gitlab
key: smtp-password
domain: mail.k8s.local
authentication: "plain"
starttls_auto: true
email:
from: "[email protected]"
display_name: Academia Gitlab
reply_to: "[email protected]"
appConfig:
lfs:
bucket: gitlab-lfs
connection:
secret: gitlab-rails-storage
key: connection
backups:
tmpBucket: gitlab-tmp
artifacts:
connection:
secret: gitlab-rails-storage
key: connection
uploads:
connection:
secret: gitlab-rails-storage
key: connection
packages:
connection:
secret: gitlab-rails-storage
key: connection
object_store:
enabled: true
connection:
secret: gitlab-rails-storage
key: connection
terraformState:
enabled: true
bucket: gitlab-tf-state
connection:
secret: gitlab-rails-storage
key: connection
omniauth:
enabled: true
blockAutoCreatedUsers: false
allowSingleSignOn: ["openid_connect"]
syncProfileFromProvider: |
[{ 'name' => 'openid_connect', 'label' => 'Academia OpenID', 'icon' => '', 'args' => {'name' => 'openid_connect', 'scope' => ['openid','profile'], 'response_type' => 'code', 'issuer' => 'http://keycloak.k8s.local/realms/GoogleWorkspace', 'discovery' => true, 'client_auth_method' => 'query', 'uid_field' => 'sub', 'send_scope_to_token_endpoint' => 'false', 'client_options' => { 'identifier' => 'gitlab.k8s.local', 'secret' => '9f16a376-2114-45f4-9b69-873080764b15', 'redirect_uri' => 'http://gitlab.k8s.local/users/auth/openid_connect/callback' }}}]
kas:
enabled: false
minio:
enabled: false
gitaly:
enabled: true
registry:
enabled: false
initialRootPassword:
secret: gitlab
key: root-password
time_zone: "Asia/Kuala_Lumpur"
redis:
install: true
gitlab:
webservice:
minReplicas: 1
maxReplicas: 2
gitlab-shell:
minReplicas: 1
maxReplicas: 2
toolbox:
backups:
objectStorage:
config:
secret: gitlab-rails-storage
key: connection
traefik:
install: false
registry:
enabled: false
storage:
secret: gitlab-registry-storage
key: config
hpa:
minReplicas: 1
maxReplicas: 2
postgresql:
install: false
prometheus:
install: false
certmanager:
install: false
upgradeCheck:
enabled: false
gitlab-runner:
install: false
nginx-ingress:
enabled: false
nginx-ingress-geo:
enabled: false
YML
| |
|
| |
xdg-open http://gitlab.k8s.local &>/dev/null &
gnome-open http://gitlab.k8s.local &>/dev/null &
|
x-www-browser http://gitlab.k8s.local &>/dev/null &
sensible-browser http://gitlab.k8s.local &>/dev/null &
|
Uninstall
helm uninstall -n gitlab gitlab
kubectl delete namespace gitlab
Playground
helm -n gitlab install gitlab gitlab/gitlab --version 8.0.1
helm -n gitlab upgrade -i gitlab gitlab/gitlab --version 8.2.1
helm show values gitlab/gitlab --version 8.2.1|less
| |
|
| |
kubectl -n gitlab get secret gitlab-gitlab-initial-root-password -ojsonpath='{.data.password}'|base64 -d;echo
kubectl -n gitlab get secret gitlab-gitlab-initial-root-password -ojson|jq -r '.data.password'|base64 -d;echo
| |
|
| |
kubectl -n gitlab get secret gitlab-smtp-secret -o json|jq -r '.data.password'|base64 -d;echo
kubectl -n gitlab get secret gitlab-psql-secret -o json|jq -r '.data.password'|base64 -d;echo
kubectl -n gitlab get secret gitlab-root-secret -o json|jq -r '.data.password'|base64 -d;echo
kubectl -n gitlab exec -it svc/gitlab-postgresql -c postgresql -- psql -Ugitlab
kubectl -n gitlab exec -it svc/gitlab-postgresql -c postgresql -- bash
kubectl -n gitlab exec -it svc/gitlab-webservice-default -c gitlab-workhorse -- bash
kubectl -n gitlab exec -it svc/gitlab-webservice-default -c webservice -- bash
kubectl -n gitlab exec -it svc/gitlab-redis-master -c redis -- bash
kubectl -n gitlab exec -it svc/gitlab-gitaly -c gitaly -- bash
| |
|
| |
kubectl config --kubeconfig=${HOME}/.kube/aws-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/dev-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/gcp-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/config view --flatten
| |
|
| |
kubectl -n gitlab delete all --all
kubectl -n gitlab delete ing --all
kubectl -n gitlab delete sts --all
|
kubectl -n gitlab delete svc --all
kubectl -n gitlab delete pvc --all
kubectl -n gitlab delete pv --all
|
|
| |
kubectl -n gitlab rollout history sts gitlab
kubectl -n gitlab rollout restart sts gitlab
kubectl -n gitlab rollout status sts gitlab
|
kubectl -n gitlab exec -it gitlab-redis-master-0 -- bash
kubectl -n gitlab exec -it gitlab-postgresql-0 -- bash
kubectl -n gitlab exec -it gitlab-gitaly-0 -- bash
|