From 611187405bf9f351dba2ba288c7552d96f00b60e Mon Sep 17 00:00:00 2001 From: Tanguy Herbron Date: Tue, 18 Oct 2022 00:50:25 +0200 Subject: [PATCH] feat(gitlab): Add monitoring, registry and external database Include networking management and configuration for compatibility with Prometheus, enable and make registry accessible, configure Prometheus accordingly --- gitlab/configmap.yaml | 26 ++++++++++++++-- gitlab/deployment.yaml | 28 ++++++++++++++++- gitlab/ingress.yaml | 7 +++++ gitlab/service.yaml | 36 ++++++++++++++++++++++ monitoring/prometheus/config-map.yaml | 44 +++++++++++++++++++++++++++ 5 files changed, 138 insertions(+), 3 deletions(-) diff --git a/gitlab/configmap.yaml b/gitlab/configmap.yaml index 3b48925..af272c3 100644 --- a/gitlab/configmap.yaml +++ b/gitlab/configmap.yaml @@ -20,7 +20,7 @@ data: } registry_nginx['listen_port'] = 5050 registry_nginx['listen_https'] = false - prometheus_monitoring['enable'] = false + prometheus['enable'] = false gitaly['env'] = { 'GITALY_COMMAND_SPAWN_MAX_PARALLEL' => '2' } @@ -34,5 +34,27 @@ data: 'max_per_repo' => 3 } ] - + node_exporter['listen_address'] = '0.0.0.0:9100' + gitlab_workhorse['prometheus_listen_addr'] = '0.0.0.0:9229' + gitlab_exporter['listen_address'] = '0.0.0.0' + gitlab_exporter['listen_port'] = '9168' + sidekiq['listen_address'] = '0.0.0.0' + redis_exporter['listen_address'] = '0.0.0.0:9121' + postgres_exporter['listen_address'] = '0.0.0.0:9187' + gitaly['prometheus_listen_addr'] = '0.0.0.0:9236' + gitlab_rails['monitoring_whitelist'] = ['0.0.0.0'] + gitlab_rails['prometheus_address'] = '0.0.0.0:9090' + nginx['status']['options'] = { + "server_tokens" => "off", + "access_log" => "off", + "allow" => "0.0.0.0", + "deny" => "all", + } + postgresql['enable'] = false + gitlab_rails['db_adapter'] = 'postgresql' + gitlab_rails['db_encoding'] = 'unicode' + gitlab_rails['db_host'] = 'localhost' + gitlab_rails['db_password'] = 'aberation' + gitlab_rails['manage_backup_path'] = true + gitlab_rails['backup_path'] = "/backups" diff --git a/gitlab/deployment.yaml b/gitlab/deployment.yaml index 31ac37c..0cf3da8 100644 --- a/gitlab/deployment.yaml +++ b/gitlab/deployment.yaml @@ -15,6 +15,7 @@ spec: spec: hostname: gitlab subdomain: gitlab + nodeName: slave-1 containers: - name: gitlab image: gitlab/gitlab-ce:15.4.2-ce.0 @@ -24,10 +25,35 @@ spec: - mountPath: "/etc/gitlab/gitlab.rb" name: gitlab-config-volume subPath: gitlab.rb + - mountPath: "/var/opt/gitlab" + name: gitlab-pv + - name: gitlab-db + image: postgres:14-alpine3.15 + env: + - name: POSTGRES_DB + value: "gitlabhq_production" + - name: POSTGRES_USER + value: "gitlab" + - name: POSTGRES_PASSWORD + value: "aberation" + - name: POSTGRES_INITDB_ARGS + value: "--encoding=UTF-8 --locale=C" + volumeMounts: + - mountPath: "/var/lib/postgresql/data" + name: gitlab-db-pv + - mountPath: "/backups" + name: gitlab-backup + subPath: backups volumes: + - name: gitlab-db-pv + hostPath: + path: "/mnt/gitlab/db" - name: gitlab-pv hostPath: - path: "/mnt/gitlab" + path: "/mnt/gitlab/data" - name: gitlab-config-volume configMap: name: gitlab-config + - name: gitlab-backup + persistentVolumeClaim: + claimName: gitlab-backup-pvc diff --git a/gitlab/ingress.yaml b/gitlab/ingress.yaml index c05db24..0363ba3 100644 --- a/gitlab/ingress.yaml +++ b/gitlab/ingress.yaml @@ -21,3 +21,10 @@ spec: name: gitlab-svc port: number: 80 + - path: /v2 + pathType: Prefix + backend: + service: + name: gitlab-svc + port: + number: 5050 diff --git a/gitlab/service.yaml b/gitlab/service.yaml index b3beb15..30fc60a 100644 --- a/gitlab/service.yaml +++ b/gitlab/service.yaml @@ -9,5 +9,41 @@ spec: port: 80 protocol: TCP targetPort: 80 + - name: registry + port: 5050 + protocol: TCP + targetPort: 5050 + - name: node + port: 9100 + protocol: TCP + targetPort: 9100 + - name: gitlab-workhorse + port: 9229 + protocol: TCP + targetPort: 9229 + - name: gitlab-exporter + port: 9168 + protocol: TCP + targetPort: 9168 + - name: gitlab-sidekiq + port: 8082 + protocol: TCP + targetPort: 8082 + - name: redis + port: 9121 + protocol: TCP + targetPort: 9121 + - name: postgres + port: 9187 + protocol: TCP + targetPort: 9187 + - name: gitaly + port: 9236 + protocol: TCP + targetPort: 9236 + - name: nginx + port: 8060 + protocol: TCP + targetPort: 8060 selector: app: gitlab diff --git a/monitoring/prometheus/config-map.yaml b/monitoring/prometheus/config-map.yaml index 266792f..d705fc1 100644 --- a/monitoring/prometheus/config-map.yaml +++ b/monitoring/prometheus/config-map.yaml @@ -31,6 +31,50 @@ data: - "alertmanager.monitoring.svc:9093" scrape_configs: + - job_name: 'gitlab-node_metrics' + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local:9100 + - job_name: 'gitlab-workhorse_metrics' + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local:9229 + - job_name: 'gitlab-exporter-database_metrics' + metrics_path: "/database" + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local:9168 + - job_name: 'gitab-exporter-sidekiq_metrics' + metrics_path: "/sidekiq" + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local:9168 + - job_name: 'gitlab-sidekiq_metrics' + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local:8082 + - job_name: 'gitlab-redis_metrics' + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local:9121 + - job_name: 'gitlab-postgres_metrics' + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local:9187 + - job_name: 'gitlab-gitaly_metrics' + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local:9236 + - job_name: 'gitlab-nginx_metrics' + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local:8060 + - job_name: 'gitlab-rails_metrics' + metrics_path: "/-/metrics" + scheme: https + static_configs: + - targets: + - gitlab-svc.gitlab.svc.cluster.local - job_name: 'synapse' scrape_interval: 15s metrics_path: "/_synapse/metrics"