Continuous learning
  • My continuous learning
  • Algorithms
    • Big O notation
    • Binary Search
    • Bloom filters
    • Heap vs Stack
    • HyperLogLog
    • MapReduce
  • Architecture
    • Distributed architectures
    • Event-Driven architectures
    • Kubernetes architectures
    • Micro-service architectures
    • Multi-cluster architectures
    • OpenStack architectures
    • SDN architectures
    • Storage architectures
    • Video streaming architectures
  • Book Reviews
    • 97 things every SRE should know
    • Antifragility: Things That Gain from Disorder
    • Atomic Habits
    • The Black Swan: The Impact of the Highly Improbable
    • The Culture Map
    • The First 90 Days
    • Fooled by Randomness
    • The Phoenix Project
    • The Unicorn Project
    • The Three-Body Problem
  • Engineering
    • Problem Solving
  • Mind Maps
  • Miscellaneous
    • Building a modern development environment
    • Complexity
    • Conway’s law
    • Feynman technique
    • Food as a reflection of a culture
    • Leadership
    • Leading a team
    • Memory Chunking
    • Rules for life
    • Software architecture
    • Moral of understanding what you are doing
    • UX
  • Projects
    • Blue-Green Deployments with Argo Rollouts
    • Canary Deployments with Argo Rollouts and Istio
  • Reading material sources
  • Tech Stacks
    • Chaos
    • Kubernetes
      • kubectl
      • Kubernetes deep dive
      • Managing Kubernetes Clusters
      • Multi Cluster deployments
      • Topology awareness
      • Cert manager with let's encrypt
      • Harbor
      • Inspektor Gadget
      • Komodor
      • Kubershark
      • kubevirt
      • Kyverno
      • Let's encrypt
      • Mailhog
      • MetalLB
      • OpenShift
      • Robusta
      • ingress
        • Nginx Ingress
    • Home Lab
    • SRE
    • FaaS
      • Knative
    • FaaS
      • OpenFaaS
    • automation
      • CD
      • Argo Events
      • Workflows
      • Dagger
      • Gitea
      • GitHub
      • GitLab
        • GitLab image mapping
        • Deploying GitLab in multiple clusters
      • Pipeline definitions
        • Test multiple python versions for a release
      • Pulumi
      • stack
        • Full platform stack
      • Terraform
    • cloud-providers
      • AWS
      • Fly.io
    • databases
      • Atlas
      • Postgres
        • Postgres for Sysadmins
      • Redis
      • Vault
    • development
      • GraphQL
      • Development experience for the next century
      • UX
        • devcontainer
      • Using code server as a service
      • Go
      • nim
      • Python
        • Making Python Fast
        • Poetry
        • Python Zero Copy
      • Rust
      • UX
        • Skaffold
      • UX
        • Telepresence
      • UX
        • tilt
          • Tilt
    • linux
      • LXC
    • management
      • Backstage
      • Crossplane
    • monitoring
      • Grafana
      • Loki
      • OpenTelemetry
      • Prometheus
      • Spawn a full monitoring stack
      • Tempo
      • Victoriametrics
    • network
      • Calico
      • external Nginx for kubernetes ingress
    • os
      • mac
        • Configure MacOS
    • scm
      • Git
        • hooks
          • Pre-commit hook
    • security
      • CodeQL
    • service-mesh
      • Cilium service mesh
      • Consul
      • istio
        • Istio from the ground up
        • Istio Monitoring
        • Ambient mesh
        • Istio Sidecar Mode
      • Jaeger
      • LinkerD
    • storage
      • Ceph
      • MinIO
    • testing
      • k6
Powered by GitBook
On this page
  • Deploying GitLab with Istio service mesh
  • Deploying Gateway "ingress"
  • Configure istio sidecars
  • Prometheus
  • Grafana
  1. Tech Stacks
  2. automation
  3. GitLab

Deploying GitLab in multiple clusters

Deploying GitLab with Istio service mesh

  1. helm install

helm -n gitlab template gitlab gitlab/gitlab -f values.yml --version 6.4.1 > gitlab-6.4.1.yml

helm install gitlab gitlab/gitlab -f values.yml --version 6.4.1 -n gitlab
helm upgrade --install gitlab gitlab/gitlab -f values.yml --version 6.4.1 -n gitlab

Make sure you can login into GitLab

  1. Credentials

user: root
password: kubectl get secret -n gitlab gitlab-gitlab-initial-root-password -ojsonpath='{.data.password}' | base64 --decode ; echo

  1. Get self-signed CA

kubectl -n gitlab get secret gitlab-wildcard-tls-ca -ojsonpath='{.data.cfssl_ca}'

Deploying Gateway "ingress"

  1. Configure the gateway

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: gitlab-gateway
spec:
  selector:
    istio: ingressgateway # use Istio default gateway implementation
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - "gitlab.elitebook.tokyo.lab"
kubectl apply -f gitlab-gateway.yml -n gitlab

  1. Configure the gateway routes

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: gitlab
spec:
  hosts:
  - "gitlab.elitebook.tokyo.lab"
  gateways:
  - gitlab-gateway
  http:
  - match:
    - uri:
        prefix: /
    route:
    - destination:
        port:
          number: 8181
        host: gitlab-webservice-default
kubectl apply -f gitlab-gateway-routes.yml -n gitlab

Configure istio sidecars

  1. helm templates

helm -n gitlab template gitlab gitlab/gitlab -f values.yml --version 6.4.1 > gitlab-6.4.1.yml

  1. get mesh-config values

kubectl -n istio-system get configmap istio-sidecar-injector -o=jsonpath='{.data.config}' > inject-config.yaml
kubectl -n istio-system get configmap istio-sidecar-injector -o=jsonpath='{.data.values}' > inject-values.yaml
kubectl -n istio-system get configmap istio -o=jsonpath='{.data.mesh}' > mesh-config.yaml

  1. inject istio side cars

istioctl kube-inject \
    --injectConfigFile inject-config.yaml \
    --meshConfigFile mesh-config.yaml \
    --valuesFile inject-values.yaml \
    --filename gitlab-6.4.1.yml \
    | kubectl -n gitlab apply -f -

Prometheus

Grafana

  • https://gitlab.com/gitlab-org/grafana-dashboards/tree/master/omnibus

PreviousGitLab image mappingNextPipeline definitions

Last updated 2 years ago