Installation of MicroK8S and Gitlab integration
This collection of installation scripts and commands will setup microk8s + gitlab integration + runner on CSC virtula machine on Open Stack.
// Original script Mysticons 2021 // Recheck 2024 by Narsu & Aarne
echo -e "\nInstalling microk8s...\n"
sudo snap install microk8s --classic --channel=1.29
echo -e "\nWaiting for microk8s to be ready...\n"
sudo microk8s status --wait-ready
echo -e "\nEnabling addons...\n"
sudo microk8s enable dns ingress rbac storage community dashboard
echo -e "\nEnabling MetalLB...\n"
echo "192.168.1.240-192.168.1.250" | sudo microk8s enable metallb
echo -e "\nInstalling kubectl..."
sudo snap install kubectl --classic
echo -e "\nInstalling helm..."
sudo snap install helm --classic
echo -e "\nResolving public IP address and DNS name..."
public_ip=$(dig +short myip.opendns.com @resolver1.opendns.com)
ip=$(echo "$public_ip")
nsl=$(nslookup "$public_ip" | grep "name" | tail -c 25)
dns=$(echo "${nsl/%fi./fi}")
sleep 3
echo -e "\nConfiguring csr.conf.template file..."
sudo sed -i "/IP.2/a \IP.6 = ${ip}" /var/snap/microk8s/current/certs/csr.conf.template
sudo sed -i "/DNS.5/a \DNS.6 = ${dns}" /var/snap/microk8s/current/certs/csr.conf.template
sleep 5
echo -e "\nCreating GitLab service account..."
sudo microk8s kubectl -n kube-system create serviceaccount gitlab
sleep 5
echo -e "\nCreating ClusterRoleBinding for GitLab account..."
sudo microk8s kubectl create clusterrolebinding gitlab-admin --clusterrole=cluster-admin --serviceaccount=kube-system:gitlab
sleep 5
echo -e "\nCreating Service Account for GitLab Managed Apps..."
sudo microk8s kubectl create clusterrolebinding --user system:serviceaccount:gitlab-managed-apps:default default-gitlab-sa-admin --clusterrole cluster-admin
sleep 5
echo -e "\nCreating service account for dashboard..."
sudo microk8s kubectl create serviceaccount dashboard-admin-sa
sleep 5
echo -e "\nCreating ClusterRoleBinding for dashboard account..."
sudo microk8s kubectl create clusterrolebinding dashboard-admin-sa --clusterrole=cluster-admin --serviceaccount=default:dashboard-admin-sa
sleep 5
echo -e "\nCreating port forwarding rule for JAMK Labranet...\n"
sudo iptables -A PREROUTING -t nat -i ens3 -p tcp --dport 8443 -j REDIRECT --to-port 16443
sudo iptables-save
sleep 5
echo -e "\nCreating emergency backup account <kube> for CSC console use only... \n"
sudo adduser kube
sudo usermod -aG sudo kube
echo -e "\nUser added to sudoers..."
And let's add key
sudo microk8s kubectl apply -n kube-system -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: gitlab-token
annotations:
kubernetes.io/service-account.name: gitlab
type: kubernetes.io/service-account-token
EOF
echo -e "\nFetching service token for GitLab...\n"
sleep 20
sudo microk8s kubectl -n kube-system describe secret gitlab-token
echo -e "\nFetching token for dashboard...\n"
sleep 10
sudo microk8s kubectl describe secret -n kube-system microk8s-dashboard-token
public_ip=$(dig +short myip.opendns.com @resolver1.opendns.com)
ip=$(echo "$public_ip")
nsl=$(nslookup "$public_ip" | grep "name" | tail -c 25)
dns=$(echo "${nsl/%fi./fi}")
echo -e "\nGitLab API URL... \n"
echo -e "https://"$dns":8443\n"
Now you have microk8s single node cluster up and running...
- Now you can create group and project 'Micro Group' and project 'microk8s-u2'
- Open lef side bar 'Operate/Kubernetes Cluster'
- Select connect/create cluster
- In agent selection give neme of new cluster
-
You will see proposed command to add gitlab agent inside your kubernetes
-
Execute command at your commandline with added 'sudo microk8s'
sudo microk8s helm repo update
sudo microk8s helm upgrade --install microk8s-u2 gitlab/gitlab-agent \
--namespace gitlab-agent-microk8s-u2 \
--create-namespace \
--set image.tag=v16.9.0-rc1 \
--set config.token=glagent-FAvTXx4ipCP9encAhhhmy8Vsm2Rz267t_CPwvPw29By3ZeT7sg \
--set config.kasAddress=wss://gitlab.labranet.jamk.fi/-/kubernetes-agent/
NAME: microk8s-u2
LAST DEPLOYED: Thu Mar 14 09:55:50 2024
NAMESPACE: gitlab-agent-microk8s-u2
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Thank you for installing gitlab-agent.
Your release is named microk8s-u2.
## Changelog
### 1.17.0
- The default replica count has been increased from `1` to `2` to allow a zero-downtime upgrade experience.
You may use `--set replicas=1` to restore the old default behavior.
Now we have to create gitlab runner at Kubernetes
You have to copy runner key value from gitlab ci/cd setting
Project runners/ These runners are assigned to this project.
- Copy runner key value in format GR13asdfa1j-asdftnGrLasdfP_4kJq8X
- You need to copy this value to file below..
This is done creating a file values.yaml in user folder eg. /user/ubuntu/
gitlabUrl: https://gitlab.labranet.jamk.fi/
runnerRegistrationToken: "GR13asdfa1j-asdftnGrLasdfP_4kJq8X"
concurrent: 10
checkInterval: 30
rbac:
create: true
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["list", "get", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get"]
- apiGroups: [""]
resources: ["pods/attach"]
verbs: ["list", "get", "create", "delete", "update"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["list", "get", "create", "delete", "update"]
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["list", "get", "create", "delete", "update"]
runners:
privileged: true
config: |
[[runners]]
[runners.kubernetes]
namespace = "gitlab"
tls_verify = false
image = "docker:19"
privileged = true
- Nest step is to install runner
You should get message:
ubuntu@microk8s-u2:~$ sudo microk8s helm install --namespace gitlab gitlab-runner -f value.yaml gitlab/gitlab-runner
NAME: gitlab-runner
LAST DEPLOYED: Thu Mar 14 10:10:16 2024
NAMESPACE: gitlab
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Your GitLab Runner should now be registered against the GitLab instance reachable at: "https://gitlab.labranet.jamk.fi/"
Runner namespace "gitlab" was found in runners.config template.