Install Gitlab to On-Premise k8s cluster,use ssh for git clone need password
Summary
Install Gitlab v2.4.6 to On-Premise k8s cluster, the cert-manager(Use a self-signed certificate), ingress-controller, metallb, nfs-storage already installed in the k8s cluster, So I use the following command to generate a yaml file
export release=mygitlab
helm template . \
--name ${release} \
--set global.edition=ce \
--set global.hosts.domain=k8s.test\
--set global.grafana.enabled=false \
--set global.ingress.class=nginx \
--set certmanager.install=false \
--set global.ingress.configureCertmanager=false \
--set gitlab.unicorn.ingress.tls.secretName=release-gitlab-tls \
--set registry.ingress.tls.secretName=release-registry-tls \
--set minio.ingress.tls.secretName=release-minio-tls \
--set global.ingress.annotations."cert-manager\.io\/cluster-issuer"=cluster-issuer \
--set global.registry.certificate.secret=${release}-registry-secret \
--set nginx-ingress.enabled=false \
--set prometheus.install=false \
--namespace gitlab \
> gitlab.yaml
kubectl create -f gitlab.yamlgitlab runs successfully
[root@k8s-m1 gitlab-v2.4.6]# kubectl get pods -n gitlab
NAME READY STATUS RESTARTS AGE
mygitlab-gitaly-0 1/1 Running 0 123m
mygitlab-gitlab-exporter-9f6b6c956-8hfkd 1/1 Running 0 123m
mygitlab-gitlab-runner-847d9954cf-shww2 1/1 Running 0 123m
mygitlab-gitlab-shell-6dc75dc7b9-mdfmm 1/1 Running 0 123m
mygitlab-gitlab-shell-6dc75dc7b9-xmgkf 1/1 Running 0 123m
mygitlab-gitlab-upgrade-check-84h8g 0/1 Completed 0 123m
mygitlab-migrations.0-d98qv 0/1 Completed 0 123m
mygitlab-minio-5df8d68956-rdsk8 1/1 Running 0 123m
mygitlab-minio-create-buckets.0-zb9gg 0/1 Completed 0 123m
mygitlab-postgresql-5d49d8c57d-72j4v 2/2 Running 0 123m
mygitlab-redis-68864679bb-hssh6 2/2 Running 0 123m
mygitlab-registry-85c79f7866-8zbb4 1/1 Running 0 123m
mygitlab-registry-85c79f7866-ngc5w 1/1 Running 0 123m
mygitlab-shared-secrets.0-3jv-gzp4s 0/1 Completed 0 123m
mygitlab-shared-secrets.0-5ds-selfsign-56v6c 0/1 Completed 0 123m
mygitlab-sidekiq-all-in-1-b8b4d49cd-skzjm 1/1 Running 0 123m
mygitlab-task-runner-868bdc6f77-khnxq 1/1 Running 0 123m
mygitlab-unicorn-7b4999c756-j6xkk 2/2 Running 0 123m
mygitlab-unicorn-7b4999c756-rzjrr 2/2 Running 0 123m
mygitlab-unicorn-test-runner-e7hnr 0/1 Error 0 123m
[root@k8s-m1 gitlab-v2.4.6]# kubectl get pvc -n gitlab
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
mygitlab-minio Bound pvc-31eb011a-ad35-4485-a4b4-e01a692f2ef2 10Gi RWO managed-nfs-storage 134m
mygitlab-postgresql Bound pvc-49b7a52c-f85c-4d82-9f07-e1213ef23feb 8Gi RWO managed-nfs-storage 134m
mygitlab-redis Bound pvc-4152b254-6de4-4b2a-bbe3-969b0af74eb3 5Gi RWO managed-nfs-storage 134m
repo-data-mygitlab-gitaly-0 Bound pvc-be4da1b1-6d8d-49ca-b3fa-ec9a1ca8a8e1 50Gi RWO managed-nfs-storage 134m
[root@k8s-m1 gitlab-v2.4.6]# kubectl get svc -n gitlab
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
mygitlab-gitaly ClusterIP None <none> 8075/TCP,9236/TCP 134m
mygitlab-gitlab-exporter ClusterIP 10.108.119.27 <none> 9168/TCP 134m
mygitlab-gitlab-shell ClusterIP 10.102.225.109 <none> 22/TCP 134m
mygitlab-minio-svc ClusterIP 10.100.89.255 <none> 9000/TCP 134m
mygitlab-postgresql ClusterIP 10.108.76.244 <none> 5432/TCP 134m
mygitlab-redis ClusterIP 10.98.75.71 <none> 6379/TCP,9121/TCP 134m
mygitlab-registry ClusterIP 10.99.21.177 <none> 5000/TCP 134m
mygitlab-unicorn ClusterIP 10.99.36.67 <none> 8080/TCP,8181/TCP 134m
[root@k8s-m1 gitlab-v2.4.6]# kubectl get secret -n gitlab
NAME TYPE DATA AGE
default-token-d5v4h kubernetes.io/service-account-token 3 135m
gitlab-incoming-imap-pwd-secret Opaque 1 135m
gitlab-outgoing-smtp-pwd-secret Opaque 1 135m
gitlab.k8s.aisino.crt Opaque 1 135m
istio.default istio.io/key-and-cert 3 135m
istio.mygitlab-gitlab-runner istio.io/key-and-cert 3 134m
istio.mygitlab-shared-secrets istio.io/key-and-cert 3 134m
mygitlab-gitaly-secret Opaque 1 134m
mygitlab-gitlab-initial-root-password Opaque 1 134m
mygitlab-gitlab-runner-secret Opaque 2 134m
mygitlab-gitlab-runner-token-p8847 kubernetes.io/service-account-token 3 134m
mygitlab-gitlab-shell-host-keys Opaque 8 134m
mygitlab-gitlab-shell-secret Opaque 1 134m
mygitlab-gitlab-workhorse-secret Opaque 1 134m
mygitlab-minio-secret Opaque 2 134m
mygitlab-postgresql-password Opaque 1 134m
mygitlab-rails-secret Opaque 1 134m
mygitlab-redis-secret Opaque 1 134m
mygitlab-registry-httpsecret Opaque 1 134m
mygitlab-registry-secret Opaque 2 135m
mygitlab-shared-secrets-token-fgvsc kubernetes.io/service-account-token 3 134m
mygitlab-wildcard-tls kubernetes.io/tls 2 134m
mygitlab-wildcard-tls-ca Opaque 1 134m
release-gitlab-tls kubernetes.io/tls 3 134m
release-minio-tls kubernetes.io/tls 3 134m
release-registry-tls kubernetes.io/tls 3 134m
After configuring the ssh keys, I can't git clone the code through ssh, prompting for password.
$ git clone git@gitlab.k8s.test:hekai/test.git
Cloning into 'test'...
git@gitlab.k8s.test's password:Current behavior
can not git clone through ssh.
Expected behavior
can git clone through ssh.
Versions
- Chart: (v2.4.6)
- Platform:
- Self-hosted: (On-Premise k8s cluster)
- Kubernetes: (
kubectl version)- Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.0", GitCommit:"e8462b5b5dc2584fdcd18e6bcfe9f1e4d970a529", GitTreeState:"clean", BuildDate:"2019-06-19T16:40:16Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
- Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.0", GitCommit:"e8462b5b5dc2584fdcd18e6bcfe9f1e4d970a529", GitTreeState:"clean", BuildDate:"2019-06-19T16:32:14Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
- Helm: (
helm version)- Client: &version.Version{SemVer:"v2.14.1", GitCommit:"5270352a09c7e8b6e8c9593002a73535276507c0", GitTreeState:"clean"}
- Server: &version.Version{SemVer:"v2.14.1", GitCommit:"5270352a09c7e8b6e8c9593002a73535276507c0", GitTreeState:"clean"}
Relevant logs
(Please provide any relevate log snippets you have collected, using code blocks (```) to format)