303 lines
6.0 KiB
Markdown
303 lines
6.0 KiB
Markdown
# GitLab Kubernetes部署文档
|
||
|
||
本目录包含GitLab在Kubernetes集群上的部署配置和文档。
|
||
|
||
## 部署配置
|
||
|
||
### gitlab-deployment.yaml
|
||
|
||
```yaml
|
||
apiVersion: v1
|
||
kind: PersistentVolume
|
||
metadata:
|
||
name: gitlab-pv
|
||
spec:
|
||
capacity:
|
||
storage: 50Gi
|
||
accessModes:
|
||
- ReadWriteOnce
|
||
hostPath:
|
||
path: /data/gitlab
|
||
storageClassName: manual
|
||
---
|
||
apiVersion: v1
|
||
kind: PersistentVolumeClaim
|
||
metadata:
|
||
name: gitlab-pvc
|
||
namespace: default
|
||
spec:
|
||
accessModes:
|
||
- ReadWriteOnce
|
||
resources:
|
||
requests:
|
||
storage: 50Gi
|
||
storageClassName: manual
|
||
---
|
||
apiVersion: apps/v1
|
||
kind: Deployment
|
||
metadata:
|
||
name: gitlab
|
||
namespace: default
|
||
spec:
|
||
replicas: 1
|
||
selector:
|
||
matchLabels:
|
||
app: gitlab
|
||
template:
|
||
metadata:
|
||
labels:
|
||
app: gitlab
|
||
spec:
|
||
containers:
|
||
- name: gitlab
|
||
image: gitlab/gitlab-ce:latest
|
||
ports:
|
||
- containerPort: 80
|
||
name: http
|
||
- containerPort: 443
|
||
name: https
|
||
- containerPort: 22
|
||
name: ssh
|
||
env:
|
||
- name: GITLAB_OMNIBUS_CONFIG
|
||
value: |
|
||
external_url 'http://<节点IP>:30180'
|
||
gitlab_rails['gitlab_shell_ssh_port'] = 30122
|
||
nginx['listen_port'] = 80
|
||
nginx['listen_https'] = false
|
||
volumeMounts:
|
||
- name: gitlab-data
|
||
mountPath: /var/opt/gitlab
|
||
resources:
|
||
requests:
|
||
memory: "2Gi"
|
||
cpu: "1000m"
|
||
limits:
|
||
memory: "4Gi"
|
||
cpu: "2000m"
|
||
volumes:
|
||
- name: gitlab-data
|
||
persistentVolumeClaim:
|
||
claimName: gitlab-pvc
|
||
---
|
||
apiVersion: v1
|
||
kind: Service
|
||
metadata:
|
||
name: gitlab
|
||
namespace: default
|
||
spec:
|
||
type: NodePort
|
||
ports:
|
||
- port: 80
|
||
targetPort: 80
|
||
nodePort: 30180
|
||
name: http
|
||
- port: 443
|
||
targetPort: 443
|
||
nodePort: 30443
|
||
name: https
|
||
- port: 22
|
||
targetPort: 22
|
||
nodePort: 30122
|
||
name: ssh
|
||
selector:
|
||
app: gitlab
|
||
```
|
||
|
||
> 注意:在部署前,请将配置中的 `<节点IP>` 替换为实际的节点IP地址。
|
||
|
||
## 部署步骤
|
||
|
||
### 1. 创建数据目录
|
||
|
||
```bash
|
||
mkdir -p /data/gitlab
|
||
```
|
||
|
||
### 2. 修改配置文件
|
||
|
||
将上述YAML配置保存为 `gitlab-deployment.yaml` 文件,并将 `<节点IP>` 替换为实际的节点IP地址。
|
||
|
||
### 3. 应用部署配置
|
||
|
||
```bash
|
||
kubectl apply -f gitlab-deployment.yaml
|
||
```
|
||
|
||
### 4. 验证部署状态
|
||
|
||
```bash
|
||
# 查看Pod状态
|
||
kubectl get pods -l app=gitlab
|
||
|
||
# 查看Service状态
|
||
kubectl get svc gitlab
|
||
|
||
# 查看详细信息
|
||
kubectl describe pod <gitlab-pod-name>
|
||
```
|
||
|
||
## 访问地址
|
||
|
||
| 服务 | 端口 | 说明 |
|
||
|------|------|------|
|
||
| Web界面 | 30180 | GitLab Web管理界面(http://节点IP:30180) |
|
||
| HTTPS | 30443 | 安全HTTPS访问 |
|
||
| SSH | 30122 | Git代码推送 |
|
||
|
||
### 获取GitLab初始密码
|
||
|
||
```bash
|
||
kubectl exec -it $(kubectl get pod -l app=gitlab -o jsonpath='{.items[0].metadata.name}') -- grep 'Password:' /etc/gitlab/initial_root_password
|
||
```
|
||
|
||
首次登录后,默认用户名为 `root`,使用上述获取的密码登录。
|
||
|
||
## 配置参数
|
||
|
||
| 参数 | 值 | 说明 |
|
||
|------|-----|------|
|
||
| 镜像 | gitlab/gitlab-ce:latest | GitLab社区版最新版本 |
|
||
| 数据目录 | /data/gitlab | HostPath存储路径 |
|
||
| 存储容量 | 50Gi | PV/PVC分配存储 |
|
||
| 内存请求 | 2Gi | 最小内存需求 |
|
||
| 内存限制 | 4Gi | 最大内存限制 |
|
||
| CPU请求 | 1000m | 最小CPU需求 |
|
||
| CPU限制 | 2000m | 最大CPU限制 |
|
||
|
||
## 端口映射
|
||
|
||
| 容器端口 | NodePort | 用途 |
|
||
|----------|----------|------|
|
||
| 80 | 30180 | HTTP Web访问 |
|
||
| 443 | 30443 | HTTPS Web访问 |
|
||
| 22 | 30122 | SSH Git访问 |
|
||
|
||
## 常用管理命令
|
||
|
||
### 查看Pod状态
|
||
|
||
```bash
|
||
kubectl get pods -l app=gitlab
|
||
kubectl logs -f <gitlab-pod-name>
|
||
```
|
||
|
||
### 重启服务
|
||
|
||
```bash
|
||
kubectl rollout restart deployment gitlab
|
||
```
|
||
|
||
### 扩容/缩容
|
||
|
||
```bash
|
||
# 扩容到2个副本
|
||
kubectl scale deployment gitlab --replicas=2
|
||
|
||
# 缩容到1个副本
|
||
kubectl scale deployment gitlab --replicas=1
|
||
```
|
||
|
||
### 查看资源使用
|
||
|
||
```bash
|
||
kubectl top pods -l app=gitlab
|
||
```
|
||
|
||
### 备份数据
|
||
|
||
```bash
|
||
kubectl exec -it $(kubectl get pod -l app=gitlab -o jsonpath='{.items[0].metadata.name}') -- gitlab-backup create
|
||
```
|
||
|
||
## 故障排查
|
||
|
||
### Pod无法启动
|
||
|
||
#### ImagePullBackOff
|
||
|
||
```bash
|
||
# 查看Pod详细信息
|
||
kubectl describe pod <gitlab-pod-name>
|
||
|
||
# 手动拉取镜像
|
||
docker pull gitlab/gitlab-ce:latest
|
||
|
||
# 检查Docker镜像加速配置
|
||
cat /etc/docker/daemon.json
|
||
```
|
||
|
||
#### ContainerCreating状态持续
|
||
|
||
```bash
|
||
# 检查PV/PVC状态
|
||
kubectl get pv
|
||
kubectl get pvc
|
||
|
||
# 检查存储目录权限
|
||
ls -la /data/gitlab
|
||
|
||
# 调整目录权限
|
||
chmod -R 777 /data/gitlab
|
||
```
|
||
|
||
### 服务无法访问
|
||
|
||
```bash
|
||
# 检查Service状态
|
||
kubectl get svc gitlab
|
||
|
||
# 检查端口占用
|
||
netstat -tlnp | grep 30180
|
||
|
||
# 检查防火墙
|
||
iptables -L -n | grep 30180
|
||
```
|
||
|
||
### 性能问题
|
||
|
||
```bash
|
||
# 检查资源使用
|
||
kubectl top pods -l app=gitlab
|
||
|
||
# 检查Pod日志
|
||
kubectl logs <gitlab-pod-name>
|
||
|
||
# 调整资源限制
|
||
kubectl edit deployment gitlab
|
||
```
|
||
|
||
## 维护建议
|
||
|
||
### 定期备份
|
||
|
||
建议配置定期备份策略,在Pod中配置cron任务或使用GitLab内置备份功能。
|
||
|
||
### 监控告警
|
||
|
||
建议配置以下监控指标:
|
||
- **资源使用率**: CPU、内存、磁盘
|
||
- **Pod状态**: 运行状态、重启次数
|
||
- **服务可用性**: 访问延迟、错误率
|
||
|
||
### 升级策略
|
||
|
||
1. **镜像升级**: 更新Deployment中的镜像版本
|
||
2. **滚动更新**: 使用kubectl rollout实现零停机升级
|
||
3. **备份回滚**: 升级前先备份,失败时快速回滚
|
||
|
||
```bash
|
||
# 滚动更新
|
||
kubectl set image deployment/gitlab gitlab=gitlab/gitlab-ce:17.0.0
|
||
|
||
# 回滚
|
||
kubectl rollout undo deployment/gitlab
|
||
```
|
||
|
||
## 版本信息
|
||
|
||
| 项目 | 版本 |
|
||
|------|------|
|
||
| 文档版本 | v1.0 |
|
||
| GitLab | latest |
|
||
| 更新日期 | 2026-01-09 | |