GitLab Agent Server (KAS)
安装KAS
参考资料
独立部署的gitlab
开启KAS
独立部署的gitlab安装kas比较简单,首先编辑gitlab的配置文件/etc/gitlab/gitlab.rb
# 取消相关注释 ##! Enable GitLab KAS gitlab_kas['enable'] = true
重新部署gitlab
sudo gitlab-ctl reconfigure
执行该命令后系统会重新部署gitlab开启KAS的功能,原本的数据等信息不会丢失。
启用KAS
参考资料
配置存储库(项目)
找到我们需要使用kAS的项目,在项目根目录下添加文件
# config.yaml 的内容可以为空 .gitlab/agents/<agent-name>/config.yaml
注册KAS
项目-基础设置-kubernetes集群
找到右上角的Actions,选择我们刚刚创建的KAS配置文件,进行注册
选择完成后系统会提示如何进行注册安装
docker run --pull=always --rm \ registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable generate \ --agent-token=P7k_4zbn4QuEcVKUGLBvEozZZscHShFyhFAMBUQzyQHDw2px1A \ --kas-address=ws://gitlab.ilomumu.xyz/-/kubernetes-agent \ --agent-version stable \ --namespace gitlab-kubernetes-agent | kubectl apply -f -
由于我们的集群使用的是containerd,并没有docker命令,所以这个命令无法直接使用
安装nerdctl
参考资料
安装nerdctl
下载相关文件并且解压到指定目录即可
sudo tar -zxvf nerdctl-0.15.0-linux-amd64.tar.gz -C /usr/local/bin
使用nerdctl 注册KAS
修改下命令并且执行
sudo ctr images pull registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable sudo nerdctl run --rm \ registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable generate \ --agent-token=P7k_4zbn4QuEcVKUGLBvEozZZscHShFyhFAMBUQzyQHDw2px1A \ --kas-address=ws://gitlab.ilomumu.xyz/-/kubernetes-agent \ --agent-version stable \ --namespace gitlab-kubernetes-agent | kubectl apply -f -
查看下k8s相关资源
问题处理
connection closed before server preface received
首先我们可能会遇到这样的报错
{"level":"error","time":"2021-12-30T03:52:35.060Z","msg":"Error handling a connection","mod_name":"reverse_tunnel","error":"Connect(): rpc error: code = Unavailable desc = connection closed before server preface received"}
这是由于我们的gitlab域名无法解析到导致的,所以我们要添加hosts文件进行解析。
正确的添加方法如下
在pods或者deployment的配置文件中进行添加(根据情况判断)
这里我们需要在deployment的配置文件中添加相关配置
spec: # 添加这部分内容 hostAliases: - hostnames: - gitlab.ilomumu.xyz ip: 172.16.0.12 # 到这里结束
完整的配置如下
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "4"
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"gitlab-agent","namespace":"gitlab-kubernetes-agent"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"gitlab-agent"}},"strategy":{"rollingUpdate":{"maxSurge":0,"maxUnavailable":1},"type":"RollingUpdate"},"template":{"metadata":{"annotations":{"prometheus.io/path":"/metrics","prometheus.io/port":"8080","prometheus.io/scrape":"true"},"labels":{"app":"gitlab-agent"}},"spec":{"containers":[{"args":["--token-file=/config/token","--kas-address","ws://gitlab.ilomumu.xyz/-/kubernetes-agent"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}}],"image":"registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:stable","livenessProbe":{"httpGet":{"path":"/liveness","port":8080},"initialDelaySeconds":15,"periodSeconds":20},"name":"agent","readinessProbe":{"httpGet":{"path":"/readiness","port":8080},"initialDelaySeconds":5,"periodSeconds":10},"volumeMounts":[{"mountPath":"/config","name":"token-volume"}]}],"serviceAccountName":"gitlab-agent","volumes":[{"name":"token-volume","secret":{"secretName":"gitlab-agent-token-69t456m2dg"}}]}}}}
creationTimestamp: "2021-12-30T03:52:12Z"
generation: 4
name: gitlab-agent
namespace: gitlab-kubernetes-agent
resourceVersion: "7967661"
uid: dbd46470-0b4d-4dae-aa29-2587eec13bfb
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: gitlab-agent
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
annotations:
kubectl.kubernetes.io/restartedAt: "2021-12-30T06:14:23Z"
prometheus.io/path: /metrics
prometheus.io/port: "8080"
prometheus.io/scrape: "true"
creationTimestamp: null
labels:
app: gitlab-agent
spec:
containers:
- args:
- --token-file=/config/token
- --kas-address
- ws://gitlab.ilomumu.xyz/-/kubernetes-agent
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
image: registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:stable
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /liveness
port: 8080
scheme: HTTP
initialDelaySeconds: 15
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 1
name: agent
readinessProbe:
failureThreshold: 3
httpGet:
path: /readiness
port: 8080
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /config
name: token-volume
dnsPolicy: ClusterFirst
# 添加这部分内容
hostAliases:
- hostnames:
- gitlab.ilomumu.xyz
ip: 172.16.0.12
# 到这里结束
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: gitlab-agent
serviceAccountName: gitlab-agent
terminationGracePeriodSeconds: 30
volumes:
- name: token-volume
secret:
defaultMode: 420
secretName: gitlab-agent-token-69t456m2dgError while dialing failed to WebSocket dial: expected handshake response status code 101 but got 301
另外一个报错
{"level":"error","time":"2021-12-30T06:15:23.631Z","msg":"Error handling a connection","mod_name":"reverse_tunnel","error":"Connect(): rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing failed to WebSocket dial: expected handshake response status code 101 but got 301\""}
这个错误的原因是由于我们的链接地址结尾没有一个/
再次修改deployment的配置文件
spec: containers: - args: - --token-file=/config/token - --kas-address # 这里结尾加一个斜杠 - ws://gitlab.ilomumu.xyz/-/kubernetes-agent/
完成的配置文件
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "4"
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"gitlab-agent","namespace":"gitlab-kubernetes-agent"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"gitlab-agent"}},"strategy":{"rollingUpdate":{"maxSurge":0,"maxUnavailable":1},"type":"RollingUpdate"},"template":{"metadata":{"annotations":{"prometheus.io/path":"/metrics","prometheus.io/port":"8080","prometheus.io/scrape":"true"},"labels":{"app":"gitlab-agent"}},"spec":{"containers":[{"args":["--token-file=/config/token","--kas-address","ws://gitlab.ilomumu.xyz/-/kubernetes-agent"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}}],"image":"registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:stable","livenessProbe":{"httpGet":{"path":"/liveness","port":8080},"initialDelaySeconds":15,"periodSeconds":20},"name":"agent","readinessProbe":{"httpGet":{"path":"/readiness","port":8080},"initialDelaySeconds":5,"periodSeconds":10},"volumeMounts":[{"mountPath":"/config","name":"token-volume"}]}],"serviceAccountName":"gitlab-agent","volumes":[{"name":"token-volume","secret":{"secretName":"gitlab-agent-token-69t456m2dg"}}]}}}}
creationTimestamp: "2021-12-30T03:52:12Z"
generation: 4
name: gitlab-agent
namespace: gitlab-kubernetes-agent
resourceVersion: "7967661"
uid: dbd46470-0b4d-4dae-aa29-2587eec13bfb
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: gitlab-agent
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
annotations:
kubectl.kubernetes.io/restartedAt: "2021-12-30T06:14:23Z"
prometheus.io/path: /metrics
prometheus.io/port: "8080"
prometheus.io/scrape: "true"
creationTimestamp: null
labels:
app: gitlab-agent
spec:
containers:
- args:
- --token-file=/config/token
- --kas-address
- ws://gitlab.ilomumu.xyz/-/kubernetes-agent
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
image: registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:stable
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /liveness
port: 8080
scheme: HTTP
initialDelaySeconds: 15
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 1
name: agent
readinessProbe:
failureThreshold: 3
httpGet:
path: /readiness
port: 8080
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /config
name: token-volume
dnsPolicy: ClusterFirst
# 添加这部分内容
hostAliases:
- hostnames:
- gitlab.ilomumu.xyz
ip: 172.16.0.12
# 到这里结束
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: gitlab-agent
serviceAccountName: gitlab-agent
terminationGracePeriodSeconds: 30
volumes:
- name: token-volume
secret:
defaultMode: 420
secretName: gitlab-agent-token-69t456m2dg
