This installation method is used in AWS EKS Cluster to Install Gitlab and Gitlab Kubernetes Executors.
Tech stack used in this installations:
- EKS Cluster(2 Node with )
- Controller EC2 Instance (To Manage the EKS cluster)
- Helm (Gitlab Installation)
- SSL certs(Self-Signed/SSL Provider/Private CA)
EKS Cluster:
Creating EKS cluster is not Part of this Discussion. Please fallow this EKS Cluster creation Doc.
Controller EC2 Instance:
Create Ec2 Instance with Proffered, in this case i am using Amazon Linux AMI.(Make Sure that EKS cluster and Controller in Same VPC.) In-Order to maintain the EKS you need kubectl installed in EC2 and also you need to import the kubeconfg from the Cluster. Lets see how we can do that.
And Also, we will be using helm to Install the Gitlab.
Install Kubectl:
https://docs.aws.amazon.com/eks/latest/userguide/install-kubectl.html curl -o kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.18.9/2020-11-02/bin/linux/amd64/kubect chmod +x ./kubectl mkdir -p $HOME/bin && cp ./kubectl $HOME/bin/kubectl && export PATH=$PATH:$HOME/bin yum install bash-completion kubectl version --client
Install Kubectl bash completion:
yum install bash-completion type _init_completion source /usr/share/bash-completion/bash_completion type _init_completion echo 'source <(kubectl completion bash)' >>~/.bashrc kubectl completion bash >/etc/bash_completion.d/kubectl
Get EKS Cluster list and Import kubeconfig:
(replace the –name with Cluster name)
aws eks update-kubeconfig --name <NAME OF THE EKS CLUSTER >
Install Helm:
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 chmod 700 get_helm.sh ./get_helm.sh cp /usr/local/bin/helm /usr/bin/
Install Helm Auto completion:
helm completion bash >> ~/.bash_completion . /etc/profile.d/bash_completion.sh . ~/.bash_completion source <(helm completion bash)
Now, EC2 instance is ready for the Gitlab installation. Before going to install the Gitlab in EKS. Let create TLS and Generic Secrets for Gitlab and Gitlab-Runner.
You can use any other SSL provider like(Lets Encrypt, Digicert, Comodo …). Here i am using Self Signed Certificates. You can generate Self Signed Certificates with this Link.
Create TLS Secret for Gitlab’s Helm chart Global Values:
kubectl create secret tls gitlab-self-signed --cert=gitlab.gitlabtesting.com.crt --key=gitlab.gitlabtesting.com.key
Here we created secret name gitlab-self-signed with cert and Key. It is better way of mounting the SSL certificate to Ingress.
Create SSL Generic cert Secret:
This will be used for communication between the Gitlab Server and Gitlab-runner Visa SSL. (IMPORTANT: Make sure the filename you mounting Match with the Domain). in this Case my Domain name is gitlab.gitlabtesting.com.
kubectl create secret generic gitlabsr-runner-certs-secret-3 --from-file=gitlab.gitlabtesting.com.crt=gitlab.gitlabtesting.com.crt
Create service account:(This will be used for gitlab-runner to perform actions)
vim gitlab-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: gitlab
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: gitlab-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: gitlab
namespace: kube-systemkubectl apply -f vim gitlab-serviceaccount.yaml
Now that everything ready lets create vaules.yaml for Gitlab Values.
Example file look below.
Add Gitlab Helm to repo:
certmanager-issuer:
email: [email protected]
certmanager:
install: false
gitlab:
sidekiq:
resources:
requests:
cpu: 50m
memory: 650M
webservice:
ingress:
tls:
secretName: gitlab-self-signed #TLS Secret we catered above
resources:
requests:
memory: 1.5G
gitlab-runner:
install: false
runners:
privileged: true
global:
hosts:
domain: gitlabtesting.com
ingress:
tls:
enabled: true
registry:
enabled: false
install: false
ingress:
tls:
secretName: gitlab-self-signed #TLS Secret we catered abovehelm repo add gitlab https://charts.gitlab.io/Install Gitlab with Helm with Values file we created above:
helm install gitlab gitlab/gitlab -f values.yamlAfter 5 min, all the pods will be up. You can check with below command and Also get Root password of Gitlab Login:
kubectl get po
#Get Root password:
kubectl get secret gitlab-gitlab-initial-root-password -ojsonpath='{.data.password}' | base64 --decode ; echo
Now Gitlab Installation Completed. You can access the Gitlab with https://gitlab.gitlabtesting.com
Continues….
15 replies on “Gitlab & Runner Install with Private CA SSL”
Leave a Commenthttps://pq.hosting/vps-vds-poland-warsaw
I realized more new things on this fat loss issue. One issue is a good nutrition is especially vital while dieting. An enormous reduction in bad foods, sugary foods, fried foods, sweet foods, pork, and white-colored flour products may perhaps be necessary. Keeping wastes organisms, and wastes may prevent targets for fat-loss. While selected drugs temporarily solve the condition, the terrible side effects usually are not worth it, and so they never give more than a short lived solution. It can be a known undeniable fact that 95 of celebrity diets fail. Thanks for sharing your opinions on this weblog.
https://www.ifashionstyles.com
Nice post. I learn one thing tougher on different blogs everyday. It’ll always be stimulating to read content material from other writers and follow just a little one thing from their store. I抎 prefer to use some with the content on my weblog whether you don抰 mind. Natually I抣l provide you with a link on your net blog. Thanks for sharing.
https://www.ifashionstyles.com
Someone essentially help to make seriously articles I would state. This is the first time I frequented your web page and thus far? I surprised with the research you made to make this particular publish incredible. Great job!
https://www.ifashionstyles.com
Nice read, I just passed this onto a colleague who was doing a little research on that. And he actually bought me lunch since I found it for him smile Thus let me rephrase that: Thanks for lunch!
https://www.hairstylesvip.com
Thanks for the sensible critique. Me and my neighbor were just preparing to do some research on this. We got a grab a book from our area library but I think I learned more clear from this post. I’m very glad to see such wonderful info being shared freely out there.
https://www.zoritolerimol.com
Great goods from you, man. I’ve bear in mind your stuff previous to and you are simply extremely fantastic. I actually like what you have bought right here, certainly like what you’re saying and the way wherein you are saying it. You’re making it enjoyable and you continue to take care of to keep it sensible. I can not wait to read much more from you. That is really a tremendous site.
https://www.ifashionstyles.com/health
Howdy! This post couldn’t be written any better! Reading through this post reminds me of my good old room mate! He always kept talking about this. I will forward this page to him. Fairly certain he will have a good read. Thank you for sharing!
https://www.hairstylesvip.com
Hiya, I am really glad I have found this information. Nowadays bloggers publish only about gossips and net and this is really irritating. A good site with exciting content, that’s what I need. Thanks for keeping this web-site, I will be visiting it. Do you do newsletters? Cant find it.
https://www.ifashionstyles.com/lifestyle
Customers can rely on Elitepipe Plastic Factory’s technical expertise and dedicated customer support to assist them in selecting the most suitable fittings for their specific needs. Elitepipe Plastic Factory
Wow! Thank you! I continuously needed to write on my site something like that. Can I include a portion of your post to my website?
https://www.ifashionstyles.com
The factory’s uPVC fittings are designed with meticulous attention to detail, ensuring secure and tight connections that minimize the risk of leaks or failures. Elitepipe Plastic Factory
Elitepipe Plastic Factory’s HDPE pipes offer excellent resistance to chemicals, abrasion, and environmental stress, making them ideal for a wide range of applications. Elitepipe Plastic Factory
Elitepipe Plastic Factory’s fittings undergo rigorous quality control processes to ensure that they meet the most stringent performance and durability requirements. Elitepipe Plastic Factory
It?¦s really a nice and useful piece of info. I am happy that you simply shared this helpful information with us. Please stay us up to date like this. Thank you for sharing.
https://officeblock.io