CICD之二：GitLab的部署

部署 GitLab 环境 (K8S)

1. 准备镜像

   • 在 k8s worker 节点（如 worker233）上下载、导入并推送到 Harbor 仓库。

   [root@worker233 ~]# wget http://192.168.21.253/Resources/Kubernetes/Project/DevOps/images/oldboyedu-gitlab-ce-v17.5.2.tar.gz
   [root@worker233 ~]# docker load -i oldboyedu-gitlab-ce-v17.5.2.tar.gz
   [root@worker233 ~]# docker tag gitlab/gitlab-ce:17.5.2-ce.0  harbor250.oldboyedu.com/oldboyedu-devops/gitlab-ce:17.5.2-ce.0
   [root@worker233 ~]# docker push harbor250.oldboyedu.com/oldboyedu-devops/gitlab-ce:17.5.2-ce.0

2. 创建 NFS 共享目录 (用于数据持久化)

   [root@master231 ~]# mkdir -pv /yinzhengjie/data/nfs-server/case-demo/gitlab/{data,logs,conf}

3. 编写资源清单 (Deployment & Service)
   01-deploy-svc-gitlab.yaml

   apiVersion: apps/v1
   kind: Deployment
   metadata:
     name: deploy-gitlab
   spec:
     replicas: 1
     selector:
       matchLabels:
         apps: gitlab
     template:
       metadata:
         labels:
           apps: gitlab
       spec:
         volumes:
         - name: data
           nfs:
             server: 10.0.0.231
             path: /yinzhengjie/data/nfs-server/case-demo/gitlab/data
         - name: conf
           nfs:
             server: 10.0.0.231
             path: /yinzhengjie/data/nfs-server/case-demo/gitlab/conf
         - name: logs
           nfs:
             server: 10.0.0.231
             path: /yinzhengjie/data/nfs-server/case-demo/gitlab/logs
         containers:
         - name: c1
           image: harbor250.oldboyedu.com/oldboyedu-devops/gitlab-ce:17.5.2-ce.0
           ports:
           - containerPort: 22
             name: ssh
           - containerPort: 80
             name: http
           - containerPort: 443
             name: https
           volumeMounts:
           - name: logs
             mountPath: /var/log/gitlab
           - name: data
             mountPath: /var/opt/gitlab
           - name: conf
             mountPath: /etc/gitlab
   ---
   apiVersion: v1
   kind: Service
   metadata:
     name: svc-gitlab
   spec:
     type: LoadBalancer
     selector:
       apps: gitlab
     ports:
     - protocol: TCP
       port: 80
       name: http
     - protocol: TCP
       port: 443
       name: https
     - protocol: TCP
       port: 22
       name: sshd

4. 创建资源并验证

   [root@master231 ~]# kubectl apply -f 01-deploy-svc-gitlab.yaml
   [root@master231 ~]# kubectl get svc svc-gitlab
   NAME         TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)                                   AGE
   svc-gitlab   LoadBalancer   10.200.237.106   10.0.0.153    80:41391/TCP,443:15760/TCP,22:39022/TCP   9m12s

5. 获取 GitLab 初始密码

   [root@master231 ~]# POD_NAME=$(kubectl get pods -l apps=gitlab -o jsonpath='{.items[0].metadata.name}')
   [root@master231 ~]# kubectl exec $POD_NAME -- cat /etc/gitlab/initial_root_password
   Password: a9/WZNn+4VHTjFa3pd6h2niEodrEYQUcepGNjWc7AEc=

6. 访问并修改密码

   • 访问地址: http://10.0.0.153/
   • 用户名: root
   • 密码: 使用上一步获取的初始密码
   • 修改密码: 登录后，按提示修改密码，推荐密码: Linux98@2025

   [此处插入图片7: GitLab修改密码页面，红框标识了当前密码、新密码、确认密码输入框和 “Save password” 按钮，并有箭头指出密码太短的错误提示]

   

   [此处插入图片8: GitLab登录页面，红框标识了用户名(root)、密码(Linux98@2025)输入框和 “登录” 按钮]