获取gitlab token
Setting->CI/CID Settings界面
需要借助helm完成
#添加源
helm repo add gitlab https://charts.gitlab.io
或者直接拉官网一个yaml
https://gitlab.com/gitlab-org/charts/gitlab-runner/blob/main/values.yaml
egrep -v "#" gitlab-runn.yaml | grep -v "^$"
imagePullPolicy: IfNotPresent
#gitlab服务器地址
gitlabUrl: http://192.168.10.9/
#runner注册token
runnerRegistrationToken: "mNaxzsqyxpwQQCxJkSTa"
#当停止管道时等待其他作业终止时间
terminationGracePeriodSeconds: 3600
#最大并发作业数量
concurrent: 10
#新作业检查时隔
checkInterval: 30
sessionServer:
enabled: false
rbac:
create: true
resources: ["pods", "pods/exec", "secrets"]
verbs: ["get", "list", "watch", "create", "patch", "delete"]
rules: []
clusterWideAccess: false
podSecurityPolicy:
enabled: false
resourceNames:
- gitlab-runner
metrics:
enabled: true
portName: metrics
port: 9252
serviceMonitor:
enabled: false
service:
enabled: false
type: ClusterIP
runners:
config: |
[[runners]]
[runners.kubernetes]
namespace = "{{.Release.Namespace}}"
image = "ubuntu:16.04"
#执行器类型
executor: kubernetes
#是否锁定false
locked: false
#你的tags
tags: "k8s-runner,k8s"
#是否运行没有标签的项目
runUntagged: true
#开启docker in docker
privileged: true
cache: {}
builds: {}
services: {}
helpers: {}
securityContext:
runAsUser: 100
fsGroup: 65533
resources: {}
affinity: {}
nodeSelector: {}
tolerations: []
hostAliases: []
podAnnotations: {}
podLabels: {}
secrets: []
configMaps: {}
重要参数列表
| gitlabUrl | http://192.168.10.9/ |
|---|---|
| runnerRegistrationToken | runner注册toke |
| terminationGracePeriodSeconds: | 当停止管道时等待其他作业终止时间: 3600 |
| concurrent: | 最大并发作业数量 10 |
| checkInterval: | 新作业检查时隔 30 |
| executor | 执行器类型 : kubernetes |
| locked | 是否锁定 false |
| tags | 你的"k8s-runner,k8s" |
| runUntagged | 是否运行没有标签的项目 true |
| privileged | 开启docker in docker |
个人比较喜欢yaml类型的,所以我生成yaml文件执行
helm template --namespace gitlab gitlab-runner -f gitlab-runn.yaml gitlab/gitlab-runner > runner-manifest.yaml
#执行
kubectl -n gitlab apply -f runner-manifest.yaml
最后配置连接k8s的api
-
1 设置全局变量
-
2 在左侧导航栏中,选择Settings > CI / CD。
-
3 单击Variables右侧的Expand。添加GitLab Runner可用的环境变量。本示例中,添加以下三个变量。
-
REGISTRY_USERNAME:镜像仓库用户名。
-
REGISTRY_PASSWORD:镜像仓库密码。
-
kube_config:KubeConfig的编码字符串。
-
执行以下命令生成KubeConfig的编码字符串
echo $(cat ~/.kube/config | base64) | tr -d " "
应用部署阶段
deploy:
tags:
- k8s
#image: rancher/kubectl:v1.23.3
image: registry.cn-hangzhou.aliyuncs.com/haoshuwei24/kubectl:1.16.6
stage: deploy
script:
- mkdir -p /etc/deploy
- echo $kube_config |base64 -d > $KUBECONFIG
- kubectl get pods -n gitlab
完成yaml
services:
- docker:19.03.7-dind
- golang:1.17.8-alpine3.15
- docker:stable
stages:
- package
- build and push docker image
- deploy
variables:
KUBECONFIG: /etc/deploy/config
build:
tags:
- k8s
image: golang:1.17.8-alpine3.15
stage: package
# 只作用在main分支
only:
- main
script:
- export GO111MODULE=on
- export GOPROXY=https://goproxy.cn
- go mod init app
- go mod tidy
- go build .
docker build:
tags:
- k8s
variables:
DOCKER_HOST: tcp://0.0.0.0:2375
DOCKER_TLS_CERTDIR: ""
image: docker:stable
stage: build and push docker image
# 只作用在main分支
only:
- main
script:
- docker build -t test:v01 .
deploy:
tags:
- k8s
#image: rancher/kubectl:v1.23.3
image: registry.cn-hangzhou.aliyuncs.com/haoshuwei24/kubectl:1.16.6
stage: deploy
script:
- mkdir -p /etc/deploy
- echo $kube_config |base64 -d > $KUBECONFIG
- kubectl get pods -n gitlab