第六篇：kubernetes部署gitlab

说明： 总的目标是在k8s集群部署gitlab、jenkins，并且在本地提交代码到gitlab后jenkin流水线可以自动编译打包成为docker镜像然后部署到k8s中并实现客户端外部域名访问，在文档分为多个部分，其中涉及的技术有docker安装、k8s搭建、部署gitlab、部署jenkins、部署sonarqube、gitlab和jenkin联动、jenkins和sonarqube联动、pipline脚本编写、istio部署、istio服务网关等…

此文档接第五篇：kubernetes部署dashboard(图形化界面)

这篇文档讲解的是如何在kubernetes中部署gitlab， 因为gitlab需要依赖redis和postgresql，所以我们部署顺序是redis、postgresql、gitlab， 最后部署istio的gateway和 virtualservice

1. 安装配置nfs

nfs可以安装在任何节点，只要集群网络可达就行（我们这里安装在192.168.100.235上），这里需要注意在kubernetes集群的每个节点都需要安装nfs的客户端（nfs-common）

#安装nfs服务端（192.168.100.235上执行） 命令如下：
root@nfs-serevr:~# apt-get install -y nfs-kernel-server

#安装nfs客户端（三个节点k8s-master、k8s-work01、k8s-work02上执行）
root@k8s-master:~# apt-get install -y nfs-common
root@k8s-work01:~# apt-get install -y nfs-common
root@k8s-work02:~# apt-get install -y nfs-common

#在nfs服务端（192.168.100.235上执行）创建目录:/dfs/k8s 命令是：mkdir -p /dfs/k8s

#更改/dfs/k8s目录权限 命令： chmod -R 777 /dfs/k8s

#配置nfs服务端（192.168.100.235上执行）首先打开文件/etc/exports

#添加一条配置如下：

root@nfs-serevr:/opt/k8s/devops# cat /etc/exports
# /etc/exports: the access control list for filesystems which may be exported
#               to NFS clients.  See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
#下面是新添加的内容
/dfs/k8s *(rw,sync,no_root_squash)

#重启nfs：systemctl restart nfs-server

#查看nfs开放的目录，命令：showmount -e 如下：

root@nfs-serevr:~# showmount -e
Export list for k8s-master:
/dfs/k8s *

2. 部署redis

2.1 添加redis的pvc

主节点执行：kubectl apply -f pv-redis.yaml 内容如下：

root@k8s-master:/opt/k8s/devops# cat pv-redis.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-redis
spec:
  capacity:
    storage: 2Gi
  volumeMode: Filesystem
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  storageClassName: "pv-redis"
  nfs:
    path: /dfs/k8s
    server: 192.168.100.235

部署完成后可以是用命令查看： kubectl get pv

root@k8s-master:/opt/k8s/devops_new# kubectl get pv
NAME       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM   STORAGECLASS   REASON   AGE
pv-redis   2Gi        RWX            Retain           Available           pv-redis                54s
root@k8s-master:/opt/k8s/devops_new#

2.2 部署redis

主节点执行：kubectl apply -f redis.yaml 内容如下：

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: redis-pvc
  namespace: devops
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: "pv-redis"
  resources:
    requests:
      storage: 2Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: redis
  namespace: devops
  labels:
    name: redis
spec:
  replicas: 1
  selector:
    matchLabels:
      name: redis
  template:
    metadata:
      name: redis
      labels:
        name: redis
    spec:
      containers:
        - name: redis
          image: sameersbn/redis:latest
          imagePullPolicy: IfNotPresent
          ports:
            - name: redis
              containerPort: 6379
          volumeMounts:
            - mountPath: /var/lib/redis
              name: data
              subPath: redis
          livenessProbe:
            exec:
              command:
                - redis-cli
                - ping
            initialDelaySeconds: 30
            timeoutSeconds: 5
          readinessProbe:
            exec:
              command:
                - redis-cli
                - ping