2-Kubernetes安装极狐Gitlab-runner

百里长风
122 阅读5分钟

Kuernetes安装极狐Gitlab-runner

一、前期说明

由于安装gitlab-runner,启用自签证书,尝试各种方法,参考各种官方文档,均遭失败,很尴尬,以下文档使用http注册,gitlab还是用https访问,详细改造方式,请看下文

以后有时间继续研究

二、前期准备

  1. Kubernetes集群安装

    • 1-Kubernetes基于Centos7构建基础环境(一)
    • 2-Kubernetes基于Centos7构建基础环境(二)
    • 3-Kubernetes基于Centos7构建基础环境(三)
    • 1-Kuernetes安装极狐github

  2. 修改 service/gitlab-webservice-default 将ClusterIP,改成NodePort,同时将端口号改为32000

    • 为下文,runner 注册提供ip和端口号
[root@master140 jihu-15.9.3]# kubectl -n gitlab get pod,svc
NAME                                             READY   STATUS      RESTARTS   AGE
pod/gitlab-gitaly-0                              1/1     Running     0          149m
pod/gitlab-gitlab-exporter-84dc494465-pnkpg      1/1     Running     0          149m
pod/gitlab-gitlab-shell-68df76c86c-bbf2p         1/1     Running     0          149m
pod/gitlab-gitlab-shell-68df76c86c-z44w4         1/1     Running     0          149m
pod/gitlab-kas-796dcfddf6-9dxlz                  1/1     Running     0          149m
pod/gitlab-kas-796dcfddf6-dk7ms                  1/1     Running     0          149m
pod/gitlab-migrations-1-v9zgh                    0/1     Completed   0          149m
pod/gitlab-minio-67ccd59c56-nzhtq                1/1     Running     0          149m
pod/gitlab-minio-create-buckets-1-2h4jj          0/1     Completed   0          149m
pod/gitlab-postgresql-0                          2/2     Running     0          149m
pod/gitlab-redis-master-0                        2/2     Running     0          149m
pod/gitlab-registry-6c69c7b68f-rwnnx             1/1     Running     0          149m
pod/gitlab-registry-6c69c7b68f-rzhjg             1/1     Running     0          149m
pod/gitlab-runner-6794799cb7-vrtwt               1/1     Running     0          34m
pod/gitlab-sidekiq-all-in-1-v2-769f56758-b8rwn   1/1     Running     0          149m
pod/gitlab-toolbox-5fd59d8bf9-zf7wx              1/1     Running     0          149m
pod/gitlab-webservice-default-5fcc77db88-rbzxf   2/2     Running     0          149m
pod/gitlab-webservice-default-5fcc77db88-vrsgl   2/2     Running     0          149m

NAME                                 TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)                                        AGE
service/gitlab-gitaly                ClusterIP   None          <none>        8075/TCP,9236/TCP                              149m
service/gitlab-gitlab-exporter       ClusterIP   10.96.1.193   <none>        9168/TCP                                       149m
service/gitlab-gitlab-shell          ClusterIP   10.96.2.115   <none>        22/TCP                                         149m
service/gitlab-kas                   ClusterIP   10.96.0.12    <none>        8150/TCP,8153/TCP,8154/TCP,8151/TCP            149m
service/gitlab-minio-svc             ClusterIP   10.96.3.247   <none>        9000/TCP                                       149m
service/gitlab-postgresql            ClusterIP   10.96.0.47    <none>        5432/TCP                                       149m
service/gitlab-postgresql-headless   ClusterIP   None          <none>        5432/TCP                                       149m
service/gitlab-postgresql-metrics    ClusterIP   10.96.2.237   <none>        9187/TCP                                       149m
service/gitlab-redis-headless        ClusterIP   None          <none>        6379/TCP                                       149m
service/gitlab-redis-master          ClusterIP   10.96.0.23    <none>        6379/TCP                                       149m
service/gitlab-redis-metrics         ClusterIP   10.96.0.140   <none>        9121/TCP                                       149m
service/gitlab-registry              ClusterIP   10.96.0.183   <none>        5000/TCP                                       149m
service/gitlab-webservice-default    NodePort    10.96.1.222   <none>        8080:32491/TCP,8181:32000/TCP,8083:32483/TCP   149m
[root@master140 jihu-15.9.3]#
  1. 上一章节介绍安装gitlab-runner 0.50.1 版本
[root@master140 jihu-15.9.3]# helm search repo gitlab -l
NAME                    CHART VERSION   APP VERSION     DESCRIPTION
gitlab/gitlab           6.9.3           15.9.3          The One DevOps Platform
gitlab/gitlab-runner    0.50.1          15.9.1          GitLab Runner
[root@master140 jihu-15.9.3]#
  1. 获取注册地址和注册token
    • 创建项目,在项目导航栏找到设置里面的CICD

image-20230404153908379

image-20230404153943346

image-20230404154216263

  • 此处只获取注册token,为自定义yaml文件准备
  1. 自定义 yaml文件
[root@master140 jihu-15.9.3]# cat gitlab-runner-values.yaml

imagePullPolicy: IfNotPresent                    # 镜像拉取规则
gitlabUrl: http://10.1.90.140:32000/             # runner 注册到 gitlab 的地址
runnerRegistrationToken: GR1348941f_Lo9QbfaybesVoeq3Hz   # gitlab token 地址
image: dev-bj.hatech.com.cn/library/jihulab-gitlab-runner:alpine-v15.9.1    # 提前准备好镜像,上传到私仓

#certsSecretName: gitlab-runner-secret            # 尴尬加1,设置ca证书不生效,此处不采用

concurrent: 10                                    # 并行运行 Job 的最大值
checkInterval: 30                                 # 极狐GitLab 实例检查新构建的时间间隔
logLevel: "debug"                                 # 设置日志级别

rbac:
  create: true
  clusterWideAccess: true
#  serviceAccountName: xincan-rbac                # 可以指定自己集群中的sa,也可以采用runner自建,此处采用后者

#podSecurityContext:                              # 设置runner容器权限
#  runAsUser: 100
  # runAsGroup: 65533
#  fsGroup: 65533
  # runAsNonRoot: false

imagePullSecrets:                                 # 设置 镜像下载权限(针对自己的harbor)
  - name: xincan-rbac-secret

runners:
  name: "sonar-runner"                            # 设置runner名称
  executor: "kubernetes"                          # 执行器选择 kubernetes
  privileged: "true"
  tags: "kubernetes,sonar"                        # 设置 runner 标签,ci编排时匹配指定的应用,才能用此 runner
  config: |
    [[runners]]
      clone_url = "http://10.1.90.140:32000"      # 设置runner克隆代码地址
      #tls-ca-file = "/home/gitlab-runner/.gitlab-runner/certs/ca.crt"  # 尴尬加2,设置ca证书不生效,此处不采用
      #tls-cert-file = "/home/gitlab-runner/.gitlab-runner/certs/gitlab.xincan.com.crt" # 尴尬加3,设置ca证书不生效,此处不采用
      #tls-key-file = "/home/gitlab-runner/.gitlab-runner/certs/gitlab.xincan.com.key"  # 尴尬加4,设置ca证书不生效,此处不采用
      extra_hosts = ["gitlab.xincan.com:10.1.90.140"]
      [runners.kubernetes]
        namespace = "{{.Release.Namespace}}"
        image = "dev-bj.hatech.com.cn/library/ubuntu:20.04"
        [[runners.kubernetes.volumes.host_path]]
          name = "docker"
          host_path = "/var/run/docker.sock"
          mount_path = "/var/run/docker.sock"
        #[[runners.kubernetes.host_aliases]]
        #  ip = "10.1.90.140"
        #  hostnames = ["gitlab.xincan.com"]
        #[[runners.kubernetes.volumes.secret]]
        #  name = "gitlab-runner-secret"
        #  mount_path = "/home/gitlab-runner/.gitlab-runner/certs"

  helpers:
    image: "dev-bj.hatech.com.cn/library/gitlab-runner-helper:x86_64-beb1c007"

resources:
  limits:
    memory: 2Gi
    cpu: 1
  requests:
    memory: 1Gi
    cpu: 0.5

#envVars:
#  - name: CI_SERVER_TLS_CA_FILE
#    value: /home/gitlab-runner/.gitlab-runner/certs/ca.crt

# 设置容器内部时间
volumeMounts:
  - name: host-time
    mountPath: /etc/localtime
    readOnly: true
volumes:
  - name: host-time
    hostPath:
      path: /etc/localtime
[root@master140 jihu-15.9.3]#
  1. runner 安装
[root@master140 jihu-15.9.3]# helm install -n gitlab gitlab-runner gitlab/gitlab-runner --version 0.50.1 -f gitlab-runner-values.yaml

# 
[root@master140 jihu-15.9.3]# helm upgrade --install -n gitlab gitlab-runner gitlab/gitlab-runner --version 0.50.1 -f gitlab-runner-values.yaml
  1. 查看安装结果
    • runner安装成功
[root@master140 ~]# kubectl -n gitlab get pod
NAME                                         READY   STATUS      RESTARTS   AGE
gitlab-gitaly-0                              1/1     Running     0          3h36m
gitlab-gitlab-exporter-84dc494465-pnkpg      1/1     Running     0          3h36m
gitlab-gitlab-shell-68df76c86c-bbf2p         1/1     Running     0          3h36m
gitlab-gitlab-shell-68df76c86c-z44w4         1/1     Running     0          3h36m
gitlab-kas-796dcfddf6-9dxlz                  1/1     Running     0          3h36m
gitlab-kas-796dcfddf6-dk7ms                  1/1     Running     0          3h36m
gitlab-migrations-1-v9zgh                    0/1     Completed   0          3h36m
gitlab-minio-67ccd59c56-nzhtq                1/1     Running     0          3h36m
gitlab-minio-create-buckets-1-2h4jj          0/1     Completed   0          3h36m
gitlab-postgresql-0                          2/2     Running     0          3h36m
gitlab-redis-master-0                        2/2     Running     0          3h36m
gitlab-registry-6c69c7b68f-rwnnx             1/1     Running     0          3h36m
gitlab-registry-6c69c7b68f-rzhjg             1/1     Running     0          3h36m
gitlab-runner-6794799cb7-vrtwt               1/1     Running     0          100m
gitlab-sidekiq-all-in-1-v2-769f56758-b8rwn   1/1     Running     0          3h36m
gitlab-toolbox-5fd59d8bf9-zf7wx              1/1     Running     0          3h36m
gitlab-webservice-default-5fcc77db88-rbzxf   2/2     Running     0          3h36m
gitlab-webservice-default-5fcc77db88-vrsgl   2/2     Running     0          3h36m

image-20230404154417245

发现,注册成功,runner名称,与yaml中的名称一致,初步部署完成,后续章节,介绍使用方式及过程

avatar
文章
阅读
粉丝
相关推荐
LigaAI x 极狐GitLab,共探 AI 时代研发提效新范式
746阅读
 · 
0点赞
极狐GitLab对接OAuth2实现SSO
703阅读
 · 
0点赞
极狐GitLab 如何在 helm 中恢复数据
993阅读
 · 
0点赞
如何启动极狐GitLab 静态网站Pages功能
976阅读
 · 
0点赞
如何使用极狐GitLab 代码推送规则,提高代码质量?
2.9k阅读
 · 
0点赞
gitlab-runner实现CI/CD基本流程
342阅读
 · 
2点赞
SQLE+GitLab-Runner 快速实现 SQL 自动审核
965阅读
 · 
3点赞
k3s x GitLab Runner Operator,GitLab CI 云原生构建新体验
728阅读
 · 
0点赞
极狐GitLab 集成 sonarqube 实践指南
1.2k阅读
 · 
0点赞
极狐GitLab DevSecOps 之容器镜像安全扫描
192阅读
 · 
0点赞

友情链接: