Step2 部署GitLab
已经编写好了一套K8s 清单文件和一个声明式的Argo APP。【具体参考代码库】
bash
dockerpulluhub.service.ucloud.cn/onedayxyy/gitlab-ce:16.2.2-ce.0dockertaguhub.service.ucloud.cn/onedayxyy/gitlab-ce:16.2.2-ce.0gitlab/gitlab-ce:16.2.2-ce.0## LoadDockerImagekindloaddocker-imagegitlab/gitlab-ce:16.2.2-ce.0--namedevopscluster#cd /root/myiac-gitee/devops/gitlabkubectl-nargocdapply-fgitlab-argoapp.yaml- 部署成功后:
- 查看pod日志
Step3 GitLab初始化配置
- 从
initial_root_password文件中获取初始密码:
bash
cd/data/storage/kubernetes/gitlab/config[root@devops-nuc-service config]# pwd/data/storage/kubernetes/gitlab/config[root@devops-nuc-service config]# ls -l总用量192-rwxrwxrwx1rootroot1463588月320:08gitlab.rb-rwxrwxrwx1rootroot194048月320:16gitlab-secrets.json-rwxrwxrwx1rootroot7498月320:08initial_root_password-rwxrwxrwx1rootroot5258月320:08ssh_host_ecdsa_key-rwxrwxrwx1rootroot1908月320:08ssh_host_ecdsa_key.pub-rwxrwxrwx1rootroot4198月320:08ssh_host_ed25519_key-rwxrwxrwx1rootroot1108月320:08ssh_host_ed25519_key.pub-rwxrwxrwx1rootroot26228月320:08ssh_host_rsa_key-rwxrwxrwx1rootroot5828月320:08ssh_host_rsa_key.pubdrwxrwxrwx2rootroot68月320:08trusted-certs[root@devops-nuc-service config]# cat initial_root_password# WARNING:This value is valid only in the following conditions# 1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`,it was provided before database was seeded for the first time (usually,the first reconfigure run).# 2. Password hasn't been changed manually,either via UI or via command line.## If the password shown here doesn't work,you must reset the admin password following https:Password:iGru391uh1dE9LZ2eZFLdgwZPVLNQ4cKcPpGltdZwH8=# NOTE:This file will be automatically deleted in the first reconfigure run after 24 hours.- 登入GitLab: root/初始化密码 (nLU4eXA2YjRPjKZ)
Step4 修改密码
- 耐心等待一会儿:
FAQ
Q1 Unable to load host key:/etc/gitlab/ssh_host_ecdsa_
bash
2023-08-03_12:37:56.33701Unabletoloadhostkey:/etc/gitlab/ssh_host_ecdsa_key2023-08-03_12:37:56.33713@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@2023-08-03_12:37:56.33713@WARNING:UNPROTECTEDPRIVATEKEYFILE!@2023-08-03_12:37:56.33713@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@2023-08-03_12:37:56.33713Permissions0777for'/etc/gitlab/ssh_host_ed25519_key'aretooopen.2023-08-03_12:37:56.33713ItisrequiredthatyourprivatekeyfilesareNOTaccessiblebyothers.2023-08-03_12:37:56.33714Thisprivatekeywillbeignored.根据错误提示Permissions 0777 for '/etc/gitlab/ssh_host_ed25519_key'are too open.判断为权限问题, 权限给的太大了,解决方法: chmod 600 ssh_host_*
bash
[root@devops-nuc-service devops]# kubectl exec -it gitlab-655c6f48db-j9htc -n gitlab bashkubectlexec[POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.root@gitlab-655c6f48db-j9htc:/#cd/etc/gitlab/root@gitlab-655c6f48db-j9htc:/etc/gitlab#ls-ltotal192-rw-------1rootroot19404Aug312:27gitlab-secrets.json-rwxrwxrwx1rootroot146358Aug312:08gitlab.rb-rwxrwxrwx1rootroot749Aug312:08initial_root_password-rwxrwxrwx1rootroot525Aug312:08ssh_host_ecdsa_key-rwxrwxrwx1rootroot190Aug312:08ssh_host_ecdsa_key.pub-rwxrwxrwx1rootroot419Aug312:08ssh_host_ed25519_key-rwxrwxrwx1rootroot110Aug312:08ssh_host_ed25519_key.pub-rwxrwxrwx1rootroot2622Aug312:08ssh_host_rsa_key-rwxrwxrwx1rootroot582Aug312:08ssh_host_rsa_key.pubdrwxr-xr-x2rootroot6Aug312:08trusted-certsroot@gitlab-655c6f48db-j9htc:/etc/gitlab#chmod600ssh_host_*root@gitlab-655c6f48db-j9htc:/etc/gitlab#ls-ltotal192-rw-------1rootroot19404Aug312:27gitlab-secrets.json-rwxrwxrwx1rootroot146358Aug312:08gitlab.rb-rwxrwxrwx1rootroot749Aug312:08initial_root_password-rw-------1rootroot525Aug312:08ssh_host_ecdsa_key-rw-------1rootroot190Aug312:08ssh_host_ecdsa_key.pub-rw-------1rootroot419Aug312:08ssh_host_ed25519_key-rw-------1rootroot110Aug312:08ssh_host_ed25519_key.pub-rw-------1rootroot2622Aug312:08ssh_host_rsa_key-rw-------1rootroot582Aug312:08ssh_host_rsa_key.pubdrwxr-xr-x2rootroot6Aug312:08trusted-certs- 自己的环境后面也突然报这个错误了:
- 故障现象就是点击Gitlab后卡顿,无法操作:
- 按以上方法配置
bash
[root@devops8 ~]#kubectl get po -ngitlabNAMEREADYSTATUSRESTARTSAGEgitlab-655c6f48db-7vfzk1/1Running045m[root@devops8 ~]#kubectl exec -it gitlab-655c6f48db-7vfzk -ngitlab -- bashroot@gitlab-655c6f48db-7vfzk:/#cd/etc/gitlab/root@gitlab-655c6f48db-7vfzk:/etc/gitlab#ls-ltotal188-rw-------1rootroot19408Jun2121:53gitlab-secrets.json-rwxrwxrwx1rootroot146358Jun1814:47gitlab.rb-rwxrwxrwx1rootroot525Jun1814:47ssh_host_ecdsa_key-rwxrwxrwx1rootroot190Jun1814:47ssh_host_ecdsa_key.pub-rwxrwxrwx1rootroot419Jun1814:47ssh_host_ed25519_key-rwxrwxrwx1rootroot110Jun1814:47ssh_host_ed25519_key.pub-rwxrwxrwx1rootroot2622Jun1814:47ssh_host_rsa_key-rwxrwxrwx1rootroot582Jun1814:47ssh_host_rsa_key.pubdrwxr-xr-x2rootroot6Jun1814:47trusted-certsroot@gitlab-655c6f48db-7vfzk:/etc/gitlab#chmod600ssh_host_*root@gitlab-655c6f48db-7vfzk:/etc/gitlab#ls-ltotal188-rw-------1rootroot19408Jun2121:53gitlab-secrets.json-rwxrwxrwx1rootroot146358Jun1814:47gitlab.rb-rw-------1rootroot525Jun1814:47ssh_host_ecdsa_key-rw-------1rootroot190Jun1814:47ssh_host_ecdsa_key.pub-rw-------1rootroot419Jun1814:47ssh_host_ed25519_key-rw-------1rootroot110Jun1814:47ssh_host_ed25519_key.pub-rw-------1rootroot2622Jun1814:47ssh_host_rsa_key-rw-------1rootroot582Jun1814:47ssh_host_rsa_key.pubdrwxr-xr-x2rootroot6Jun1814:47trusted-certsroot@gitlab-655c6f48db-7vfzk:/etc/gitlab#- 再次观察现象
可以看到,配置后不会再报了。