在openshift上部署Gitlab

1.在OperatorHub搜索GitLab

点击install

Update approval 改为 Manual

2.Create GitLab

yaml 复制代码
kind: GitLab
apiVersion: apps.gitlab.com/v1beta1
metadata:
  name: gitlab
  namespace: gitlab-system
spec:
  chart:
    values:
      certmanager:
        install: false
      global:
        hosts:
          domain: example.com ## 这里替换成自己的
          hostSuffix: null
        ingress:
          configureCertmanager: false
          tls:
            secretName: gitlab-tls
      postgresql:
        primary:
          extendedConfiguration: max_connections = 200
    version: 8.9.1

等待安装完成即可。

3.集成LDAP用户

新增configmap

yaml 复制代码
kind: ConfigMap
apiVersion: v1
metadata:
  name: ldap-config
  namespace: gitlab-system
data:
  set-config: |-
    #!/bin/bash

    set -eo pipefail

    TEMPLATE_DIRECTORY="$1"
    CONFIG_DIRECTORY="${2:-$1}"

    if [ -z "$TEMPLATE_DIRECTORY" ]; then
      echo 'usage: set-config <template_directory> [<config_directory>]'
      exit 1
    fi

    shopt -s nullglob  # Don't enter empty for loops

    if command -v erb &> /dev/null; then
      echo "Begin parsing .erb templates from $TEMPLATE_DIRECTORY"
      for template in ${TEMPLATE_DIRECTORY}/*.erb; do
        output_file="${CONFIG_DIRECTORY}/$(basename $template '.erb')"
        echo "Writing $output_file"
        erb -U -r yaml -r json -r fileutils "$template" > "$output_file"
      done
    fi

    if command -v gomplate &> /dev/null; then
      echo "Begin parsing .tpl templates from $TEMPLATE_DIRECTORY"
      for template in ${TEMPLATE_DIRECTORY}/*.tpl; do
        output_file="${CONFIG_DIRECTORY}/$(basename $template '.tpl')"
        echo "Writing $output_file"
        gomplate --left-delim '{%' --right-delim '%}' --file "${template}" --out "${output_file}"
      done
    fi

    if [ "$CONFIG_DIRECTORY" != "$TEMPLATE_DIRECTORY" ]; then
      echo "Copying other config files found in $TEMPLATE_DIRECTORY to $CONFIG_DIRECTORY"
      for configfile in ${TEMPLATE_DIRECTORY}/*.{yml,yaml,toml,rb,json}; do
        echo "Copying $(basename $configfile) into ${CONFIG_DIRECTORY}"
        cp "$configfile" "$CONFIG_DIRECTORY/"
      done
    fi

    shopt -u nullglob

    config_file="/srv/gitlab/config/gitlab.yml"

    # 使用 sed 删除 ldap 配置中的 'enabled: false' 行
    sed -i '/ldap:/,/^$/ { /enabled: false/ { d } }' "$config_file"

    # 使用 echo 追加新的 ldap 配置
    cat <<EOL >> "$config_file"
      ldap:
        enabled: true
        servers:
          main:
            label: ldap
            host: ldap.example.com
            port: 636
            uid: 'sAMAccountName'
            encryption: 'simple_tls'
            verify_certificates: false
            base: 'xxxx'
            user_filter: ''
            bind_dn: 'xxx'
            admin_group: ''
            password: 'xxx'
    EOL

    echo "LDAP 配置已更新。"

ldap配置根据你的实际情况进行更改。

修改deployment 的yaml,把此ldap-config的set-config挂载到gitlab-webservice-default的/scripts/set-config路径上。

yaml 复制代码
kind: Deployment
apiVersion: apps/v1
metadata:
  name: gitlab-webservice-default
spec:
  template:
    metadata:
    spec:
      volumes:
        - name: ldap-config
          configMap:
            name: ldap-config 
      containers:
        - name: webservice
          volumeMounts:
            - name: ldap-config
              mountPath: /scripts/set-config
              subPath: set-config

这样gitlab就集成了ldap

相关推荐
刘马想放假5 小时前
Git 从入门到进阶:一篇吃透版本管理的实战指南
git·gitlab
bukeyiwanshui12 小时前
20260626 k8sControllers介绍
云原生·容器·kubernetes
能有时光13 小时前
] K8s 核心组件使用指南
云原生·容器·kubernetes
云烟成雨TD14 小时前
Kubernetes 系列【13】控制器:可视化操作 Deployment
云原生·容器·kubernetes
运维老郭1 天前
【K8s运维实战】Kubernetes临时存储卷实战:emptyDir核心用法与gitRepo弃用迁移指南
运维·云原生·kubernetes
gs801401 天前
记一次多 Agent 架构在单节点 K8s 触发的 PID 耗尽与 Pod 驱逐(Evicted)大摸排
容器·架构·kubernetes
bukeyiwanshui1 天前
20260701 k8s Metric Server
容器·贪心算法·kubernetes
Zhu7582 天前
在k8s集群部署ApacheHadoop单节点单数据副本
云原生·容器·kubernetes
摇滚侠2 天前
云原生 Java 架构师的第一课 K8s+Docker+KubeSphere+DevOps 51-60
java·云原生·kubernetes