helm安装gitrunner

gitrunner

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
#下载包
helm repo add gitlab https://charts.gitlab.io
helm pull gitlab/gitlab-runner --untar

#打标签
kubectl get nodes --show-labels
kubectl label nodes node-a002 ci=true

安装gitlab-runner
helm upgrade gitlab-runner-01 --install --namespace gitlab \
--set checkInterval=2 \
--set runners.image=alpine:latest --set runners.imagePullPolicy=if-not-present --set runners.tags=k8s-01 \
--set gitlabUrl=http://gitlab.******.net/,runnerRegistrationToken=AxwjhfK7bb8eDCs5PN --set runners.privileged=true \
--set gitRunnerCacheDir=/volume \
--set nodeSelector.ci=true \
.

mount 目录

在configmap.yaml 里 entrypoint 最后增加

1
2
3
4
5
6
7
8
{{ if .Values.gitRunnerCacheDir }}
cat >>/home/gitlab-runner/.gitlab-runner/config.toml <<EOF
[[runners.kubernetes.volumes.host_path]]
name = "git-runner-cache"
mount_path = {{ .Values.gitRunnerCacheDir | quote }}
host_path = {{ .Values.gitRunnerCacheDir | quote }}
EOF
{{- end }}

提示没有权限创建job

1
ERROR: Job failed (system failure): pods is forbidden: User "system:serviceaccount:gitlab:default" cannot create resource "pods" in API group "" in the namespace "gitlab"

添加权限绑定

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
namespace: gitlab
name: gitlab-admin-role
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: gitlab-admin-rolebinding
namespace: gitlab
subjects:
- kind: ServiceAccount
name: default
namespace: gitlab
roleRef:
kind: Role
name: gitlab-admin-role
apiGroup: rbac.authorization.k8s.io

跳过fetch

1
2
3
4
5
deploy_all:
variables:
GIT_STRATEGY: none
GIT_CHECKOUT: "false"
stage: deploy

参考:

GitlabCI 使用 S3 存储配置分布式缓存

Gitlab CI yaml官方配置文件翻译