duiniwukenaihe SRE Engineer(target)

docker 搭建gitlab迁移到kubernetes集群

2019-09-06
duiniwukenaihe

描述背景:

早前公司代码管理采用的docker compose搭建的gitlab管理。为完成资源优化,高可用。现在将环境迁移到kubernetes集群环境中。compose 文件基本是基于https://raw.githubusercontent.com/sameersbn/docker-gitlab/master/docker-compose.yml进行修改的,修改了gitlab images twang2218/gitlab-ce-zh:latest 中文版镜像.gitlab postgresql redis都挂载本地目录为/data/docker/相对应目录下 端口映射80映射到主机10080 22 映射到10022主机端口。

如下图:

gitlab1.png

gitlab 主要涉及Redis、Postgresql、Gitlab三个应用,现在基于kubernetes 先搭建gitlab初始化环境:

注: 个人存储使用了rook的ceph,所以持久化存储都采用了rook ceph.

环境搭建:

1 . gitlab redis 应用搭建

cat <<EOF >  gitlab-redis.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitlab-redis
  namespace: kube-ops
  labels:
    name: redis
spec:
  storageClassName: rook-ceph-block
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: redis
  namespace: kube-ops
  labels:
    name: redis
spec:
  selector:
    matchLabels:
      name: redis
  template:
    metadata:
      name: redis
      labels:
        name: redis
    spec:
      containers:
      - name: redis
        image: sameersbn/redis
        imagePullPolicy: IfNotPresent
        ports:
        - name: redis
          containerPort: 6379
        volumeMounts:
        - mountPath: /var/lib/redis
          name: gitlab-redis
        livenessProbe:
          exec:
            command:
            - redis-cli
            - ping
          initialDelaySeconds: 30
          timeoutSeconds: 5
        readinessProbe:
          exec:
            command:
            - redis-cli
            - ping
          initialDelaySeconds: 5
          timeoutSeconds: 1
      volumes:
      - name: gitlab-redis
        persistentVolumeClaim:
          claimName: gitlab-redis

---
apiVersion: v1
kind: Service
metadata:
  name: redis
  namespace: kube-ops
  labels:
    name: redis
spec:
  ports:
    - name: redis
      port: 6379
      targetPort: redis
  selector:
    name: redis
EOF
 kubectl apply -f gitlab-redis.yaml

2 . gitlab portgresql 环境搭建

cat <<EOF >gitlab-postgresql.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitlab-postgresql
  namespace: kube-ops
  labels:
    name: postgresql
spec:
  storageClassName: rook-ceph-block
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgresql
  namespace: kube-ops
  labels:
    name: postgresql
spec:
spec:
  selector:
    matchLabels:
      name: postgresql
  template:
    metadata:
      name: postgresql
      labels:
        name: postgresql
    spec:
      containers:
      - name: postgresql
        image: sameersbn/postgresql:10
        imagePullPolicy: IfNotPresent
        env:
        - name: DB_USER
          value: gitlab
        - name: DB_PASS
          value: passw0rd
        - name: DB_NAME
          value: gitlab_production
        - name: DB_EXTENSION
          value: pg_trgm
        ports:
        - name: postgres
          containerPort: 5432
        volumeMounts:
        - mountPath: /var/lib/postgresql
          name: gitlab-postgresql
        livenessProbe:
          exec:
            command:
            - pg_isready
            - -h
            - localhost
            - -U
            - postgres
          initialDelaySeconds: 30
          timeoutSeconds: 5
        readinessProbe:
          exec:
            command:
            - pg_isready
            - -h
            - localhost
            - -U
            - postgres
          initialDelaySeconds: 5
          timeoutSeconds: 1
      volumes:
      - name: gitlab-postgresql
        persistentVolumeClaim:
          claimName: gitlab-postgresql

---
apiVersion: v1
kind: Service
metadata:
  name: postgresql
  namespace: kube-ops
  labels:
    name: postgresql
spec:
  ports:
    - name: postgres
      port: 5432
      targetPort: postgres
  selector:
    name: postgresql

EOF
 kubectl apply -f gitlab-postgresql.yaml

3 . gitlab 应用搭建

cat <<EOF >gitlab.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gitlab
  labels:
    app: gitlab
  namespace: kube-ops
spec:
  storageClassName: rook-ceph-block
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 20Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: gitlab
  namespace: kube-ops
  labels:
    name: gitlab
spec:
spec:
  selector:
    matchLabels:
      name: gitlab
  template:
    metadata:
      name: gitlab
      labels:
        name: gitlab
    spec:
      containers:
      - name: gitlab
        image: twang2218/gitlab-ce-zh:10.8.3
        imagePullPolicy: IfNotPresent
        env:
        - name: TZ
          value: Asia/Shanghai
        - name: GITLAB_TIMEZONE
          value: Beijing
        - name: GITLAB_SECRETS_DB_KEY_BASE
          value: long-and-random-alpha-numeric-string
        - name: GITLAB_SECRETS_SECRET_KEY_BASE
          value: long-and-random-alpha-numeric-string
        - name: GITLAB_SECRETS_OTP_KEY_BASE
          value: long-and-random-alpha-numeric-string
        - name: GITLAB_ROOT_PASSWORD
          value: admin321
        - name: GITLAB_ROOT_EMAIL
          value: zhangpeng19871017@hotmail.com
        - name: GITLAB_HOST
          value: gitlab.zhangpeng.com
        - name: GITLAB_PORT
          value: "80"
        - name: GITLAB_SSH_PORT
          value: "22"
        - name: GITLAB_NOTIFY_ON_BROKEN_BUILDS
          value: "true"
        - name: GITLAB_NOTIFY_PUSHER
          value: "false"
        - name: GITLAB_BACKUP_SCHEDULE
          value: daily
        - name: GITLAB_BACKUP_TIME
          value: 01:00
        - name: DB_TYPE
          value: postgres
        - name: DB_HOST
          value: postgresql
        - name: DB_PORT
          value: "5432"
        - name: DB_USER
          value: gitlab
        - name: DB_PASS
          value: passw0rd
        - name: DB_NAME
          value: gitlab_production
        - name: REDIS_HOST
          value: redis
        - name: REDIS_PORT
          value: "6379"
        ports:
        - name: http
          containerPort: 80
        - name: ssh
          containerPort: 22
        volumeMounts:
        - mountPath: /var/opt/gitlab
          name: gitlab
        livenessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 180
          timeoutSeconds: 5
        readinessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 5
          timeoutSeconds: 1
      volumes:
      - name: gitlab
        persistentVolumeClaim:
          claimName: gitlab
---
apiVersion: v1
kind: Service
metadata:
  name: gitlab
  namespace: kube-ops
  labels:
    name: gitlab
spec:
  ports:
    - name: http
      port: 80
      targetPort: http
    - name: ssh
      port: 22
      targetPort: ssh
  selector:
    name: gitlab
EOF
kubectl apply -f gitlab.yaml

等待gitlab 容器状态 running & kubectl get svc -n kube-ops

gitlab2.png

4 . 访问主机ip+svc 对外暴露端口验证 gitlab3.png

备份原有docker gitlab环境项目备份:

主要参考:https://blog.csdn.net/ygqygq2/article/details/85007910#21__15

1 . 进入gitlab容器,备份仓库:

docker exec -it f80f368d857c bash
gitlab-rake gitlab:backup:create

gitlab4.png gitlabback1.png

2 . 进入宿主机挂载的对应目录发现备份文件生成&将备份文件copy 到kubernetes集群中master节点

cd /data/docker/gitlab/data/backups

gitlabback2.png

kubectl cp 1567739719_2019_09_06_10.8.3_gitlab_backup.tar gitlab-78b9f67956-s9nmr:/var/opt/gitlab/backups -n kube-ops 
kubectl exec -it gitlab-78b9f67956-s9nmr bash -n kube-ops
gitlab-rake gitlab:backup:restore

出现以下报错。看日志发现docker compose 环境下gitlab版本为10.8.3 。kubernetes集群版本gitlab image 为11.1.4.这也是比较推荐用详细版本号不要用latest版本的原因。

gitlabback3.png

修改gitlab.yaml 文件gitlab image 版本号 & kubectl apply gitlab.yaml ,出现下图所示还原完成

gitlabback3.png

用原有账号密码登录验证项目完整导入 gitlab5.png 域名代理方式用了腾讯云的slb gitlab_https.png gitlab_ssh.png

域名方式验证 gitlab6.png

找一台服务器:

ssh-keygen -t rsa -C "zhangpeng@k8s-node1.com"

添加ssh key 到gitlab  验证ssh访问ok

gitlab_ssh.png

注: 特别鸣谢阳明大佬,很多东西都是从阳明大佬博客借鉴的,https://www.qikqiak.com/post/gitlab-install-on-k8s/大佬的文章很全。自己写是为了加强自己的记忆


Similar Posts

Comments