1.在OperatorHub搜索GitLab
点击install
Update approval 改为 Manual
2.Create GitLab
yaml
kind: GitLab
apiVersion: apps.gitlab.com/v1beta1
metadata:
name: gitlab
namespace: gitlab-system
spec:
chart:
values:
certmanager:
install: false
global:
hosts:
domain: example.com ## 这里替换成自己的
hostSuffix: null
ingress:
configureCertmanager: false
tls:
secretName: gitlab-tls
postgresql:
primary:
extendedConfiguration: max_connections = 200
version: 8.9.1等待安装完成即可。
3.集成LDAP用户
新增configmap
yaml
kind: ConfigMap
apiVersion: v1
metadata:
name: ldap-config
namespace: gitlab-system
data:
set-config: |-
#!/bin/bash
set -eo pipefail
TEMPLATE_DIRECTORY="$1"
CONFIG_DIRECTORY="${2:-$1}"
if [ -z "$TEMPLATE_DIRECTORY" ]; then
echo 'usage: set-config <template_directory> [<config_directory>]'
exit 1
fi
shopt -s nullglob # Don't enter empty for loops
if command -v erb &> /dev/null; then
echo "Begin parsing .erb templates from $TEMPLATE_DIRECTORY"
for template in ${TEMPLATE_DIRECTORY}/*.erb; do
output_file="${CONFIG_DIRECTORY}/$(basename $template '.erb')"
echo "Writing $output_file"
erb -U -r yaml -r json -r fileutils "$template" > "$output_file"
done
fi
if command -v gomplate &> /dev/null; then
echo "Begin parsing .tpl templates from $TEMPLATE_DIRECTORY"
for template in ${TEMPLATE_DIRECTORY}/*.tpl; do
output_file="${CONFIG_DIRECTORY}/$(basename $template '.tpl')"
echo "Writing $output_file"
gomplate --left-delim '{%' --right-delim '%}' --file "${template}" --out "${output_file}"
done
fi
if [ "$CONFIG_DIRECTORY" != "$TEMPLATE_DIRECTORY" ]; then
echo "Copying other config files found in $TEMPLATE_DIRECTORY to $CONFIG_DIRECTORY"
for configfile in ${TEMPLATE_DIRECTORY}/*.{yml,yaml,toml,rb,json}; do
echo "Copying $(basename $configfile) into ${CONFIG_DIRECTORY}"
cp "$configfile" "$CONFIG_DIRECTORY/"
done
fi
shopt -u nullglob
config_file="/srv/gitlab/config/gitlab.yml"
# 使用 sed 删除 ldap 配置中的 'enabled: false' 行
sed -i '/ldap:/,/^$/ { /enabled: false/ { d } }' "$config_file"
# 使用 echo 追加新的 ldap 配置
cat <<EOL >> "$config_file"
ldap:
enabled: true
servers:
main:
label: ldap
host: ldap.example.com
port: 636
uid: 'sAMAccountName'
encryption: 'simple_tls'
verify_certificates: false
base: 'xxxx'
user_filter: ''
bind_dn: 'xxx'
admin_group: ''
password: 'xxx'
EOL
echo "LDAP 配置已更新。"ldap配置根据你的实际情况进行更改。
修改deployment 的yaml,把此ldap-config的set-config挂载到gitlab-webservice-default的/scripts/set-config路径上。
yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: gitlab-webservice-default
spec:
template:
metadata:
spec:
volumes:
- name: ldap-config
configMap:
name: ldap-config
containers:
- name: webservice
volumeMounts:
- name: ldap-config
mountPath: /scripts/set-config
subPath: set-config这样gitlab就集成了ldap