This post was originally written by Akram Ben Aissi in his blog: http://akrambenaissi.com/2016/02/23/deploy-gitlab-on-openshift/
GitLab is a great web git repository application for everyone that wants to run his own Git repository at home or office. Unfortunately, the home made GitLab installation requires some skills that I don’t have time to learn. The good thing is that some Docker images exists on Docker Hub, even the one from GitLab team. In this blog post, we will use
the sameersbn docker-gitlab image which demonstrated to working very well, supports volumes and also bring separate containers for postgresql and redis.
Installing postgres
For convenience reasons (and also for support if your are using OpenShift Enterprise), we are using the PostgreSQL image provided by OpenShift team to start ou postgresql instance. The image supports persistent volumes and will create the Persistent Volume Claim for you.
Simply use the oc new-app command to get your PostgreSQL instance up and running. Note that there an issue with this image that runs with a predefined user, you will have to allow it to run as AnyUid by using the corresponding Security Context Constraint.
oc new-app --template=postgresql-persistent \
-p POSTGRESQL_USER=admin,POSTGRESQL_PASSWORD=redhat,POSTGRESQL_DATABASE=gitlab
--> Deploying template postgresql-persistent in project openshift for "postgresql-persistent"
With parameters:
DATABASE_SERVICE_NAME=postgresql
POSTGRESQL_USER=admin
POSTGRESQL_PASSWORD=admin
POSTGRESQL_DATABASE=gitlab
VOLUME_CAPACITY=512Mi
--> Creating resources ...
Service "postgresql" created
Persistentvolumeclaims "postgresql" created
DeploymentConfig "postgresql" created
Configuring Security Context
Some of the containers that we will use need to run as root (GitLab) or any other user (Postgres has hardcoded user 26 but this will be fixed soon).
Hence, it is required to used the project’s service account (here we created a project called gitlab) to the SCC named anyuid.
oc edit scc anyuid
[...]
supplementalGroups:
type: RunAsAny
users:
- system:serviceaccount:gitlab:default
This configuration will work for postgres and gitlab image.
Installing Redis
Use the oc new-app command here again and directly pass it the Docker image name and you will get a redis instance up and running in seconds.
oc new-app sameersbn/redis
[...]
Service "redis" created
--> Success
Run 'oc status' to view your app.
<pre>
The new-app command will create Services, EndPoints and associated pods.
It is still required to add a persistent volume to the Deployment Configuration using the following command:
<pre>
oc volume dc/redis --add --overwrite -t persistentVolumeClaim \
--claim-name=redis-data --name=redis-volume-1 \
--mount-path=/var/lib/redis
Installing GitLab itself
The sameersbn image allows several parameters to be injected in order to configure the GitLab instance to be created.
For some reasons Services name resolutions are not working with the provided startup script, although going into the container and pinging the services works.
So, we will inject the PostgreSQL and Redis Services IP addresses manually using the parameters.
To get the Services IP addresses:
oc get svc postgresql redis
NAME CLUSTER_IP EXTERNAL_IP PORT(S) SELECTOR AGE
postgresql 172.30.25.83 <none> 5432/TCP app=postgresql,deploymentconfig=postgresql 1h
redis 172.30.198.140 <none> 6379/TCP app=redis,deploymentconfig=redis 1h
Use these IP addresses to start the GitLab container, again by using the new-app command:
One important thing to note: You need to use the –name parameter and the name to anything else than gitlab otherwise all your OpenShift injected environment variables will be named GITLAB_* , and gitlab already uses some of those. In our case the variables will be name GITLAB_CE_* which fixes troubles.
oc new-app sameersbn/gitlab --name=gitlab-ce
-e 'GITLAB_HOST=http://gitlab.apps.mycompany.com' \
-e 'DB_TYPE=postgres' -e 'DB_HOST=172.30.25.83' \
-e 'DB_PORT=5432' -e 'DB_NAME=gitlab' -e 'DB_USER=admin' \
-e 'DB_PASS=admin' -e 'REDIS_HOST=172.30.198.140 -e 'REDIS_PORT=6379' \
-e 'GITLAB_SECRETS_DB_KEY_BASE=1234567890' -e 'SMTP_ENABLED=true' \
-e 'SMTP_HOST=smtp.mycompany.com' -e 'SMTP_PORT=25' \
-e 'GITLAB_EMAIL=no-reply@mycompany.com'
[...]
Service "gitlab-ce" created
--> Success
Run 'oc status' to view your app.
Of course, do not forget to add the volumes to make your repositories and logs persistent:
oc volumes dc/gitlab-ce --add --claim-name=gitlab-log --mount-path=/var/log/gitlab \
-t persistentVolumeClaim --overwrite
oc volumes dc/gitlab-ce --add --claim-name=gitlab-data --mount-path=/home/git/data \
-t persistentVolumeClaim --overwrite
A word on persistent volumes
The persistent volumes that you will have to create may require specific configuration: This is because both postgresql and postgres uses some hardcoded uid/gid and tries to make chown on some files.
If you are using NFS backed Persistent Volume, you will run into permission denied issues on chmod and chown.
To bypass this, you will have to add supplementalGroups in the DeploymentConfig’s SecurityContext:
– for postgres: add 26
– for gitlab-ce: add 1000
You will have then to create the tow persistent volumes and chown to those UID/GID and use all_squash option.
chown -R 26:26 /srv/nfs/pv0001
chow -R 1000:1000 /srv/nfs/pv0002cat >> /etc/exports << EOF
/srv/nfs/pv0001 *(rw,all_squash)
/srv/nfs/pv0002 *(rw,all_squash)
EOFexportfs -a
Create then your PV and PVC using the following definitions:
apiVersion: v1
kind: PersistentVolume
metadata:
creationTimestamp: null
name: pv0005
spec:
accessModes:
- ReadWriteOnce
- ReadWriteMany
capacity:
storage: 8Gi
claimRef:
apiVersion: v1
kind: PersistentVolumeClaim
name: gitlab-data
namespace: gitlab
nfs:
path: /srv/nfs/pv0005
server: nfs-server.mycompany.com
persistentVolumeReclaimPolicy: Retain
status: {}
And for the PVC:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
name: gitlab-data
spec:
accessModes:
- ReadWriteOnce
- ReadWriteMany
resources:
requests:
storage: 5Gi
status: {}
Now, you have your GitLab running in OpenShift on the URL http://gitlab.apps.mycompany.com ! enjoy.
Author
Akram Ben Aissi
Cloud and Platform Architect,
Red Hat Consulting
LinkedIn: https://linkedin.
Twitter: @akrambenaissi
GitHub: https://github.com/akram
Sull'autore
Ricerca per canale
Automazione
Novità sull'automazione IT di tecnologie, team e ambienti
Intelligenza artificiale
Aggiornamenti sulle piattaforme che consentono alle aziende di eseguire carichi di lavoro IA ovunque
Hybrid cloud open source
Scopri come affrontare il futuro in modo più agile grazie al cloud ibrido
Sicurezza
Le ultime novità sulle nostre soluzioni per ridurre i rischi nelle tecnologie e negli ambienti
Edge computing
Aggiornamenti sulle piattaforme che semplificano l'operatività edge
Infrastruttura
Le ultime novità sulla piattaforma Linux aziendale leader a livello mondiale
Applicazioni
Approfondimenti sulle nostre soluzioni alle sfide applicative più difficili
Serie originali
Raccontiamo le interessanti storie di leader e creatori di tecnologie pensate per le aziende
Prodotti
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Servizi cloud
- Scopri tutti i prodotti
Strumenti
- Formazione e certificazioni
- Il mio account
- Supporto clienti
- Risorse per sviluppatori
- Trova un partner
- Red Hat Ecosystem Catalog
- Calcola il valore delle soluzioni Red Hat
- Documentazione
Prova, acquista, vendi
Comunica
- Contatta l'ufficio vendite
- Contatta l'assistenza clienti
- Contatta un esperto della formazione
- Social media
Informazioni su Red Hat
Red Hat è leader mondiale nella fornitura di soluzioni open source per le aziende, tra cui Linux, Kubernetes, container e soluzioni cloud. Le nostre soluzioni open source, rese sicure per un uso aziendale, consentono di operare su più piattaforme e ambienti, dal datacenter centrale all'edge della rete.
Seleziona la tua lingua
Red Hat legal and privacy links
- Informazioni su Red Hat
- Opportunità di lavoro
- Eventi
- Sedi
- Contattaci
- Blog di Red Hat
- Diversità, equità e inclusione
- Cool Stuff Store
- Red Hat Summit