deploy gitlab with openldap and gfs on k8s

README.md

@@ -1 +1,8 @@
 # k8s
+````
+    Install EFK: https://www.cnblogs.com/dukuan/p/9891198.html
+    Install RabbitMQ Cluster: https://www.cnblogs.com/dukuan/p/9897443.html
+    Install openLDAP: https://www.cnblogs.com/dukuan/p/9983899.html
+    Install Redis Sentinel: https://www.cnblogs.com/dukuan/p/9913420.html
+    Install Redis Cluster: https://github.com/dotbalo/k8s/tree/master/redis/k8s-redis-cluster
+````

gitlab/gitlab-pvc.yaml

@@ -0,0 +1,11 @@
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: gitlab-gitlab
+  namespace: public-service
+spec:
+  accessModes: [ "ReadWriteMany" ]
+  storageClassName: "gluster-heketi"
+  resources:
+    requests:
+      storage: 5Gi

gitlab/gitlab-rc.yml

@@ -0,0 +1,149 @@
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  name: gitlab-ldap
+  namespace: public-service
+spec:
+  replicas: 1
+  selector:
+    name: gitlab
+  template:
+    metadata:
+      name: gitlab
+      labels:
+        name: gitlab
+    spec:
+      containers:
+      - name: gitlab
+        image: sameersbn/gitlab:11.5.1
+        env:
+        - name: TZ
+          value: Asia/Shanghai
+        - name: GITLAB_TIMEZONE
+          value: Beijing
+
+        - name: GITLAB_SECRETS_DB_KEY_BASE
+          value: long-and-random-alpha-numeric-string
+        - name: GITLAB_SECRETS_SECRET_KEY_BASE
+          value: long-and-random-alpha-numeric-string
+        - name: GITLAB_SECRETS_OTP_KEY_BASE
+          value: long-and-random-alpha-numeric-string
+
+        - name: GITLAB_ROOT_PASSWORD
+          value: gitlab123
+        - name: GITLAB_ROOT_EMAIL
+          value: dukuan@haixiangjinfu.com
+
+        - name: GITLAB_HOST
+          value: gitlab.xxx.net
+        - name: GITLAB_PORT
+          value: "80"
+        - name: GITLAB_SSH_PORT
+          value: "22"
+
+        - name: GITLAB_NOTIFY_ON_BROKEN_BUILDS
+          value: "true"
+        - name: GITLAB_NOTIFY_PUSHER
+          value: "false"
+
+        - name: GITLAB_BACKUP_SCHEDULE
+          value: daily
+        - name: GITLAB_BACKUP_TIME
+          value: 01:00
+
+        - name: DB_TYPE
+          value: postgres
+        - name: DB_HOST
+          value: postgresql
+        - name: DB_PORT
+          value: "5432"
+        - name: DB_USER
+          value: gitlab
+        - name: DB_PASS
+          value: passw0rd
+        - name: DB_NAME
+          value: gitlab_production
+
+        - name: REDIS_HOST
+          value: redis
+        - name: REDIS_PORT
+          value: "6379"
+
+        - name: SMTP_ENABLED
+          value: "true"
+        - name: SMTP_DOMAIN
+          value: smtp.exmail.qq.com
+        - name: SMTP_HOST
+          value: smtp.exmail.qq.com
+        - name: SMTP_PORT
+          value: "465"
+        - name: SMTP_USER
+          value: dukuan@xxx.com
+        - name: SMTP_PASS
+          value: "DKxxx"
+        - name: SMTP_STARTTLS
+          value: "true"
+        - name: SMTP_AUTHENTICATION
+          value: login
+
+        - name: IMAP_ENABLED
+          value: "false"
+        - name: IMAP_HOST
+          value: imap.gmail.com
+        - name: IMAP_PORT
+          value: "993"
+        - name: IMAP_USER
+          value: mailer@example.com
+        - name: IMAP_PASS
+          value: password
+        - name: IMAP_SSL
+          value: "true"
+        - name: IMAP_STARTTLS
+          value: "false"
+        - name: LDAP_ENABLED
+          value: "true"
+        - name: LDAP_LABEL
+          value: 'LDAP'
+        - name: LDAP_HOST
+          value: 'ldap-service'
+        - name: LDAP_PORT
+          value: '389'
+        - name: LDAP_UID
+          value: 'uid'
+        - name: LDAP_BIND_DN
+          value: 'cn=admin,dc=example,dc=org'
+        - name: LDAP_PASS
+          value: 'admin'
+        - name: LDAP_BASE
+          value: 'dc=example,dc=org'
+        - name: LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN
+          value: "true"
+        - name: LDAP_VERIFY_SSL
+          value: 'false'
+        - name: LDAP_METHOD
+          value: 'plain'
+        
+        ports:
+        - name: http
+          containerPort: 80
+        - name: ssh
+          containerPort: 22
+        volumeMounts:
+        - mountPath: /home/git/data
+          name: data
+        livenessProbe:
+          httpGet:
+            path: /
+            port: 80
+          initialDelaySeconds: 180
+          timeoutSeconds: 5
+        readinessProbe:
+          httpGet:
+            path: /
+            port: 80
+          initialDelaySeconds: 5
+          timeoutSeconds: 1
+      volumes:
+      - name: data
+        persistentVolumeClaim:
+          claimName: gitlab-gitlab

gitlab/gitlab-svc-lb.yaml

@@ -0,0 +1,21 @@
+kind: Service
+apiVersion: v1
+metadata:
+  labels:
+    name: gitlab
+    type: LoadBalancer
+  name: gitlab-balancer
+  namespace: public-service
+spec:
+  ports:
+  - name: http
+    port: 80
+    protocol: TCP
+    targetPort: 80
+  - name: ssh
+    port: 22
+    protocol: TCP
+    targetPort: 22
+  selector:
+    name: gitlab
+  type: NodePort

gitlab/gitlab-svc.yml

@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: gitlab
+  namespace: public-service
+  labels:
+    name: gitlab
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 80
+      targetPort: http
+    - name: ssh
+      port: 22
+      targetPort: ssh
+  selector:
+    name: gitlab

gitlab/postgresql-rc.yml

@@ -0,0 +1,69 @@
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  name: postgresql
+  namespace: public-service
+spec:
+  replicas: 1
+  selector:
+    name: postgresql
+  template:
+    metadata:
+      name: postgresql
+      labels:
+        name: postgresql
+    spec:
+      containers:
+      - name: postgresql
+        image: sameersbn/postgresql:10
+        env:
+        - name: DB_USER
+          value: gitlab
+        - name: DB_PASS
+          value: passw0rd
+        - name: DB_NAME
+          value: gitlab_production
+        - name: DB_EXTENSION
+          value: pg_trgm
+        ports:
+        - name: postgres
+          containerPort: 5432
+        volumeMounts:
+        - mountPath: /var/lib/postgresql
+          name: data
+        livenessProbe:
+          exec:
+            command:
+            - pg_isready
+            - -h
+            - localhost
+            - -U
+            - postgres
+          initialDelaySeconds: 30
+          timeoutSeconds: 5
+        readinessProbe:
+          exec:
+            command:
+            - pg_isready
+            - -h
+            - localhost
+            - -U
+            - postgres
+          initialDelaySeconds: 5
+          timeoutSeconds: 1
+      volumes:
+      - name: data
+        persistentVolumeClaim:
+          claimName: gitlab-pg
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: gitlab-pg
+  namespace: public-service
+spec:
+  accessModes: [ "ReadWriteMany" ]
+  storageClassName: "gluster-heketi"
+  resources:
+    requests:
+      storage: 5Gi

gitlab/postgresql-svc.yml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgresql
+  namespace: public-service
+  labels:
+    name: postgresql
+spec:
+  ports:
+    - name: postgres
+      port: 5432
+      targetPort: postgres
+  selector:
+    name: postgresql

gitlab/redis-rc.yml

@@ -0,0 +1,54 @@
+apiVersion: v1
+kind: ReplicationController
+metadata:
+  name: redis
+  namespace: public-service
+spec:
+  replicas: 1
+  selector:
+    name: redis
+  template:
+    metadata:
+      name: redis
+      labels:
+        name: redis
+    spec:
+      containers:
+      - name: redis
+        image: sameersbn/redis
+        ports:
+        - name: redis
+          containerPort: 6379
+        volumeMounts:
+        - mountPath: /var/lib/redis
+          name: data
+        livenessProbe:
+          exec:
+            command:
+            - redis-cli
+            - ping
+          initialDelaySeconds: 30
+          timeoutSeconds: 5
+        readinessProbe:
+          exec:
+            command:
+            - redis-cli
+            - ping
+          initialDelaySeconds: 5
+          timeoutSeconds: 1
+      volumes:
+      - name: data
+        persistentVolumeClaim:
+          claimName: gitlab-redis
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: gitlab-redis
+  namespace: public-service
+spec:
+  accessModes: [ "ReadWriteMany" ]
+  storageClassName: "gluster-heketi"
+  resources:
+    requests:
+      storage: 3Gi

gitlab/redis-svc.yml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: redis
+  namespace: public-service
+  labels:
+    name: redis
+spec:
+  ports:
+    - name: redis
+      port: 6379
+      targetPort: redis
+  selector:
+    name: redis

gitlab/traefik-gitlab.yml

@@ -0,0 +1,16 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: gitlab
+  namespace: public-service
+  annotations:
+    kubernetes.io/ingress.class: traefik
+spec:
+  rules:
+  - host: gitlab.xxx.net
+    http:
+      paths:
+      - backend:
+          serviceName: gitlab
+          servicePort: 80
+