GitLab Agent Server (KAS)

木木2年前技术文章1461

安装KAS

参考资料

独立部署的gitlab

开启KAS

独立部署的gitlab安装kas比较简单,首先编辑gitlab的配置文件/etc/gitlab/gitlab.rb

# 取消相关注释
##! Enable GitLab KAS
gitlab_kas['enable'] = true

重新部署gitlab

sudo gitlab-ctl reconfigure

执行该命令后系统会重新部署gitlab开启KAS的功能,原本的数据等信息不会丢失。

启用KAS

参考资料

配置存储库(项目)

找到我们需要使用kAS的项目,在项目根目录下添加文件

# config.yaml 的内容可以为空
.gitlab/agents/<agent-name>/config.yaml

注册KAS

项目-基础设置-kubernetes集群

找到右上角的Actions,选择我们刚刚创建的KAS配置文件,进行注册

选择完成后系统会提示如何进行注册安装

docker run --pull=always --rm \
    registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable generate \
    --agent-token=P7k_4zbn4QuEcVKUGLBvEozZZscHShFyhFAMBUQzyQHDw2px1A \
    --kas-address=ws://gitlab.ilomumu.xyz/-/kubernetes-agent \
    --agent-version stable \
    --namespace gitlab-kubernetes-agent | kubectl apply -f -

由于我们的集群使用的是containerd,并没有docker命令,所以这个命令无法直接使用

安装nerdctl

参考资料

安装nerdctl

下载相关文件并且解压到指定目录即可

sudo tar -zxvf nerdctl-0.15.0-linux-amd64.tar.gz -C /usr/local/bin

使用nerdctl 注册KAS

修改下命令并且执行

sudo ctr images pull registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable
sudo nerdctl run --rm \
    registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable generate \
    --agent-token=P7k_4zbn4QuEcVKUGLBvEozZZscHShFyhFAMBUQzyQHDw2px1A \
    --kas-address=ws://gitlab.ilomumu.xyz/-/kubernetes-agent \
    --agent-version stable \
    --namespace gitlab-kubernetes-agent | kubectl apply -f -

查看下k8s相关资源

问题处理

connection closed before server preface received

首先我们可能会遇到这样的报错

{"level":"error","time":"2021-12-30T03:52:35.060Z","msg":"Error handling a connection","mod_name":"reverse_tunnel","error":"Connect(): rpc error: code = Unavailable desc = connection closed before server preface received"}

这是由于我们的gitlab域名无法解析到导致的,所以我们要添加hosts文件进行解析。

正确的添加方法如下

在pods或者deployment的配置文件中进行添加(根据情况判断)

这里我们需要在deployment的配置文件中添加相关配置

    spec:     
      # 添加这部分内容
      hostAliases:
      - hostnames:
        - gitlab.ilomumu.xyz
        ip: 172.16.0.12
      # 到这里结束

完整的配置如下

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "4"
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"gitlab-agent","namespace":"gitlab-kubernetes-agent"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"gitlab-agent"}},"strategy":{"rollingUpdate":{"maxSurge":0,"maxUnavailable":1},"type":"RollingUpdate"},"template":{"metadata":{"annotations":{"prometheus.io/path":"/metrics","prometheus.io/port":"8080","prometheus.io/scrape":"true"},"labels":{"app":"gitlab-agent"}},"spec":{"containers":[{"args":["--token-file=/config/token","--kas-address","ws://gitlab.ilomumu.xyz/-/kubernetes-agent"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}}],"image":"registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:stable","livenessProbe":{"httpGet":{"path":"/liveness","port":8080},"initialDelaySeconds":15,"periodSeconds":20},"name":"agent","readinessProbe":{"httpGet":{"path":"/readiness","port":8080},"initialDelaySeconds":5,"periodSeconds":10},"volumeMounts":[{"mountPath":"/config","name":"token-volume"}]}],"serviceAccountName":"gitlab-agent","volumes":[{"name":"token-volume","secret":{"secretName":"gitlab-agent-token-69t456m2dg"}}]}}}}
  creationTimestamp: "2021-12-30T03:52:12Z"
  generation: 4
  name: gitlab-agent
  namespace: gitlab-kubernetes-agent
  resourceVersion: "7967661"
  uid: dbd46470-0b4d-4dae-aa29-2587eec13bfb
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: gitlab-agent
  strategy:
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      annotations:
        kubectl.kubernetes.io/restartedAt: "2021-12-30T06:14:23Z"
        prometheus.io/path: /metrics
        prometheus.io/port: "8080"
        prometheus.io/scrape: "true"
      creationTimestamp: null
      labels:
        app: gitlab-agent
    spec:
      containers:
      - args:
        - --token-file=/config/token
        - --kas-address
        - ws://gitlab.ilomumu.xyz/-/kubernetes-agent
        env:
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
        - name: POD_NAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.name
        image: registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:stable
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /liveness
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 15
          periodSeconds: 20
          successThreshold: 1
          timeoutSeconds: 1
        name: agent
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /readiness
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 5
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /config
          name: token-volume
      dnsPolicy: ClusterFirst
      # 添加这部分内容
      hostAliases:
      - hostnames:
        - gitlab.ilomumu.xyz
        ip: 172.16.0.12
      # 到这里结束
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      serviceAccount: gitlab-agent
      serviceAccountName: gitlab-agent
      terminationGracePeriodSeconds: 30
      volumes:
      - name: token-volume
        secret:
          defaultMode: 420
          secretName: gitlab-agent-token-69t456m2dg

Error while dialing failed to WebSocket dial: expected handshake response status code 101 but got 301

另外一个报错

{"level":"error","time":"2021-12-30T06:15:23.631Z","msg":"Error handling a connection","mod_name":"reverse_tunnel","error":"Connect(): rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing failed to WebSocket dial: expected handshake response status code 101 but got 301\""}

这个错误的原因是由于我们的链接地址结尾没有一个/

再次修改deployment的配置文件

    spec:
      containers:
      - args:
        - --token-file=/config/token
        - --kas-address
        # 这里结尾加一个斜杠
        - ws://gitlab.ilomumu.xyz/-/kubernetes-agent/

完成的配置文件

apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "4"
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"gitlab-agent","namespace":"gitlab-kubernetes-agent"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"gitlab-agent"}},"strategy":{"rollingUpdate":{"maxSurge":0,"maxUnavailable":1},"type":"RollingUpdate"},"template":{"metadata":{"annotations":{"prometheus.io/path":"/metrics","prometheus.io/port":"8080","prometheus.io/scrape":"true"},"labels":{"app":"gitlab-agent"}},"spec":{"containers":[{"args":["--token-file=/config/token","--kas-address","ws://gitlab.ilomumu.xyz/-/kubernetes-agent"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}}],"image":"registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:stable","livenessProbe":{"httpGet":{"path":"/liveness","port":8080},"initialDelaySeconds":15,"periodSeconds":20},"name":"agent","readinessProbe":{"httpGet":{"path":"/readiness","port":8080},"initialDelaySeconds":5,"periodSeconds":10},"volumeMounts":[{"mountPath":"/config","name":"token-volume"}]}],"serviceAccountName":"gitlab-agent","volumes":[{"name":"token-volume","secret":{"secretName":"gitlab-agent-token-69t456m2dg"}}]}}}}
  creationTimestamp: "2021-12-30T03:52:12Z"
  generation: 4
  name: gitlab-agent
  namespace: gitlab-kubernetes-agent
  resourceVersion: "7967661"
  uid: dbd46470-0b4d-4dae-aa29-2587eec13bfb
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: gitlab-agent
  strategy:
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      annotations:
        kubectl.kubernetes.io/restartedAt: "2021-12-30T06:14:23Z"
        prometheus.io/path: /metrics
        prometheus.io/port: "8080"
        prometheus.io/scrape: "true"
      creationTimestamp: null
      labels:
        app: gitlab-agent
    spec:
      containers:
      - args:
        - --token-file=/config/token
        - --kas-address
        - ws://gitlab.ilomumu.xyz/-/kubernetes-agent
        env:
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
        - name: POD_NAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.name
        image: registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:stable
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /liveness
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 15
          periodSeconds: 20
          successThreshold: 1
          timeoutSeconds: 1
        name: agent
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /readiness
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 5
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /config
          name: token-volume
      dnsPolicy: ClusterFirst
      # 添加这部分内容
      hostAliases:
      - hostnames:
        - gitlab.ilomumu.xyz
        ip: 172.16.0.12
      # 到这里结束
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      serviceAccount: gitlab-agent
      serviceAccountName: gitlab-agent
      terminationGracePeriodSeconds: 30
      volumes:
      - name: token-volume
        secret:
          defaultMode: 420
          secretName: gitlab-agent-token-69t456m2dg


返回列表

上一篇:.gitlab-ci.yml 语法

下一篇:Ansible部署和使用(sshpass)

相关文章

Hive优化之Spark执行引擎的参数优化(二)

Hive优化之Spark执行引擎的参数优化(二)

        Hive是大数据领域常用的组件之一,主要是大数据离线数仓的运算,关于Hive的性能调优在日常工作和面试中...

CDN下载文件报错

CDN下载文件报错

一、问题现象通过域名下载文件,下载到100M左右的时候,会提示下载错误,无法继续下载。二、解决思路业务链路:域名解析到cdn---slb--后端服务器。首先需要判断问题出在哪一层,再看这一层是否有什么...

HDP-Yarn开启CPU调度和隔离

HDP-Yarn开启CPU调度和隔离

进入到ambari主界面 点击yarn 点击config CPU Scheduling and Isolation 设置为enable修改高级配置点击ADVANCED搜索需要修改的配yarn.node...

flume开启jmx加入grafana

部署flume_exporter需要go环境编译配置go环境首先下载go安装包Linux:https://golang.google.cn/dl/解压、添加环境变量tar -zxvf go*.tar....

clickhouse集群对接hive(三)

clickhouse集群对接hive(三)

前提:集群中已经部署了hive组件和clickhouse集群,clickhouse集群进行对接hive1、设置hdfs文件系统本地缓存<local_cache_for_remote_fs>...

Trino对接ldap

Tls 证书生成生成的证书分发到每个节点 #ip和主机名为**coordinator**的ip和主机名及对应的vipkeytool -genkeypair -validity 36500 -ext S...

发表评论    

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

©Copyrights 2016-2022 YUNCHE 浙ICP备2021017017号