在openshift上部署Gitlab

1.在OperatorHub搜索GitLab

点击install

Update approval 改为 Manual

2.Create GitLab

yaml 复制代码
kind: GitLab
apiVersion: apps.gitlab.com/v1beta1
metadata:
  name: gitlab
  namespace: gitlab-system
spec:
  chart:
    values:
      certmanager:
        install: false
      global:
        hosts:
          domain: example.com ## 这里替换成自己的
          hostSuffix: null
        ingress:
          configureCertmanager: false
          tls:
            secretName: gitlab-tls
      postgresql:
        primary:
          extendedConfiguration: max_connections = 200
    version: 8.9.1

等待安装完成即可。

3.集成LDAP用户

新增configmap

yaml 复制代码
kind: ConfigMap
apiVersion: v1
metadata:
  name: ldap-config
  namespace: gitlab-system
data:
  set-config: |-
    #!/bin/bash

    set -eo pipefail

    TEMPLATE_DIRECTORY="$1"
    CONFIG_DIRECTORY="${2:-$1}"

    if [ -z "$TEMPLATE_DIRECTORY" ]; then
      echo 'usage: set-config <template_directory> [<config_directory>]'
      exit 1
    fi

    shopt -s nullglob  # Don't enter empty for loops

    if command -v erb &> /dev/null; then
      echo "Begin parsing .erb templates from $TEMPLATE_DIRECTORY"
      for template in ${TEMPLATE_DIRECTORY}/*.erb; do
        output_file="${CONFIG_DIRECTORY}/$(basename $template '.erb')"
        echo "Writing $output_file"
        erb -U -r yaml -r json -r fileutils "$template" > "$output_file"
      done
    fi

    if command -v gomplate &> /dev/null; then
      echo "Begin parsing .tpl templates from $TEMPLATE_DIRECTORY"
      for template in ${TEMPLATE_DIRECTORY}/*.tpl; do
        output_file="${CONFIG_DIRECTORY}/$(basename $template '.tpl')"
        echo "Writing $output_file"
        gomplate --left-delim '{%' --right-delim '%}' --file "${template}" --out "${output_file}"
      done
    fi

    if [ "$CONFIG_DIRECTORY" != "$TEMPLATE_DIRECTORY" ]; then
      echo "Copying other config files found in $TEMPLATE_DIRECTORY to $CONFIG_DIRECTORY"
      for configfile in ${TEMPLATE_DIRECTORY}/*.{yml,yaml,toml,rb,json}; do
        echo "Copying $(basename $configfile) into ${CONFIG_DIRECTORY}"
        cp "$configfile" "$CONFIG_DIRECTORY/"
      done
    fi

    shopt -u nullglob

    config_file="/srv/gitlab/config/gitlab.yml"

    # 使用 sed 删除 ldap 配置中的 'enabled: false' 行
    sed -i '/ldap:/,/^$/ { /enabled: false/ { d } }' "$config_file"

    # 使用 echo 追加新的 ldap 配置
    cat <<EOL >> "$config_file"
      ldap:
        enabled: true
        servers:
          main:
            label: ldap
            host: ldap.example.com
            port: 636
            uid: 'sAMAccountName'
            encryption: 'simple_tls'
            verify_certificates: false
            base: 'xxxx'
            user_filter: ''
            bind_dn: 'xxx'
            admin_group: ''
            password: 'xxx'
    EOL

    echo "LDAP 配置已更新。"

ldap配置根据你的实际情况进行更改。

修改deployment 的yaml,把此ldap-config的set-config挂载到gitlab-webservice-default的/scripts/set-config路径上。

yaml 复制代码
kind: Deployment
apiVersion: apps/v1
metadata:
  name: gitlab-webservice-default
spec:
  template:
    metadata:
    spec:
      volumes:
        - name: ldap-config
          configMap:
            name: ldap-config 
      containers:
        - name: webservice
          volumeMounts:
            - name: ldap-config
              mountPath: /scripts/set-config
              subPath: set-config

这样gitlab就集成了ldap

相关推荐
斯普信专业组16 小时前
K8s环境下基于Nginx WebDAV与TLS/SSL的文件上传下载部署指南
nginx·kubernetes·ssl
&如歌的行板&17 小时前
如何在postman中动态请求k8s中的pod ip(基于nacos)
云原生·容器·kubernetes
云妙算18 小时前
K8s 弹性伸缩踩坑实录:周末 2 天烧掉 10 万元!?
云原生·kubernetes
CC码码1 天前
管理你的多个 Git 密钥(多平台多账号)
git·gitlab·github
CC码码1 天前
管理你的多个 Git 密钥(单平台多账号)
git·gitlab·github
兔老大RabbitMQ1 天前
GitLab详细分析
gitlab
退役小学生呀10 天前
三、kubectl使用详解
云原生·容器·kubernetes·k8s
程序员小潘10 天前
Kubernetes多容器Pod实战
云原生·容器·kubernetes
编码如写诗11 天前
【信创-k8s】银河麒麟V10国防版+鲲鹏/飞腾(arm64架构)在线/离线部署k8s1.30+kubesphere
容器·架构·kubernetes