GitOps环境准备
1. 主机规划
| 序号 | 主机名 | 主机ip | 主机功能 | 软件 |
|---|---|---|---|---|
| 1 | dev | 192.168.31.1 | 开发者 项目代码 apidemo | git,golang,goland |
| 2 | gitlab | 192.168.31.14 | 代码仓库,CI操作 | git-lab,git,golang,docker,gitlab-runner |
| 3 | harbor | 192.168.31.104 | 管理和存储镜像 | docker,docker-compose,harbor |
| 4 | k8s-master | 192.168.31.41 | k8s-master | k8s,ArgoCd |
| 5 | k8s-node1 | 192.168.31.51 | k8s-worker | k8s,ArgoCd |
| 6 | k8s-node2 | 192.168.31.52 | k8s-worker | k8s,ArgoCd |
2. 安装Gitlab
2.1 配置Gitlab-ce源
curl https://packages.gitlab.com/gpg.key 2> /dev/null | sudo apt-key add - &>/dev/null
echo "deb https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/ubuntu bionic main" >> /etc/apt/source.list
2.2 安装Gitlab-ce
apt-get install gitlab-ce
2.3 修改配置文件
vi /etc/gitlab/gitlab.rb
修改32行
external_url 'http://192.168.31.14'
2.4 启动Gitlab-ce
gitlab-ctl reconfigure
查看运行状态
gitlab-ctl status
2.5 访问Gitlab-ce
http://192.168.31.14
2.6 Gitlab登录密码
第一次登陆gitlab用户名是root,密码在/etc/gitlab/initial_root_password文件中
cat /etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
# 1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
# 2. Password hasn't been changed manually, either via UI or via command line.
#
# If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.
Password: PPXMp+5t/Wlv1UJD0ERSFzpud0YH1CTDxRoqnAAfU3o=
# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.
2.7 密码修改
3. 安装go
3.1 安装go
golan镜像地址
https://mirrors.aliyun.com/golang/?spm=a2c6h.13651104.0.0.288b1e579O2M3R
下载
wget https://mirrors.aliyun.com/golang/go1.20.linux-amd64.tar.gz
tar xf go1.20.linux-amd64.tar.gz -C /usr/local/
mkdir -p /usr/local/go/gopath/{src,bin,pkg}
chmod -R 757 /usr/local/go/gopath
ln -sf /usr/local/go/bin/go /usr/bin/go
3.2 环境变量
在/etc/profile追加以下内容
export GOROOT="/usr/local/go"
export GOPATH="/usr/local/go/gopath"
export GOBIN="$GOROOT/bin"
export PATH=$PATH:$GOBIN
加载环境变量
source /etc/profile
3.3 配置GO环境变量
go env -w GOPROXY=http://goproxy.cn
go env -w GO111MODULE=on
4. 安装Docker-ce
# step 1: 安装必要的一些系统工具
sudo apt-get update
sudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common
# step 2: 安装GPG证书
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
# Step 3: 写入软件源信息
sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
# Step 4: 更新并安装Docker-CE
sudo apt-get -y update
sudo apt-get -y install docker-ce
5. 部署metallb
需要给 MetalLB 分配一段 IP,接着它会根据 service 中的相关配置来给LoadBalancer的服务分配IP,LoadBalancer的IP可以手动指定,也可以让MetalLB自动分配;同时还可以在 MetalLB 的configmap中配置多个 IP 段,并且单独设置每个 IP 段是否开启自动分配。
地址分配(address allocation)主要就是由作为 deployment 部署的 controller 来实现,它负责监听集群中的 service 状态并且分配 IP。
# cat namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: metallb-system
labels:
app: metallb
# kubectl apply -f metallb.yaml
podsecuritypolicy.policy/controller created
podsecuritypolicy.policy/speaker created
serviceaccount/controller created
serviceaccount/speaker created
clusterrole.rbac.authorization.k8s.io/metallb-system:controller created
clusterrole.rbac.authorization.k8s.io/metallb-system:speaker created
role.rbac.authorization.k8s.io/config-watcher created
role.rbac.authorization.k8s.io/pod-lister created
role.rbac.authorization.k8s.io/controller created
clusterrolebinding.rbac.authorization.k8s.io/metallb-system:controller created
clusterrolebinding.rbac.authorization.k8s.io/metallb-system:speaker created
rolebinding.rbac.authorization.k8s.io/config-watcher created
rolebinding.rbac.authorization.k8s.io/pod-lister created
rolebinding.rbac.authorization.k8s.io/controller created
daemonset.apps/speaker created
deployment.apps/controller created
创建configmap
# cat metallb-conf.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: default
protocol: layer2
addresses:
- 192.168.31.230-192.168.31.240
root@master-01:~/metallb/metallb-0.12.1/manifests# kubectl apply -f metallb-conf.yaml
configmap/config created
ingress
#365行
# 把type改为LoadBalancer
type: LoadBalancer
# kubectl apply -f ingress-deploy.yaml
