Kubernetes - - k8s - v1.12.3 Helm持久化部署 Redmine 集成 Ope

1，基本概念

• redmine集成openLDAP 实现统一认证

2，使用Helm安装redmine

2.1 下载代码

git clone https://github.com/xiaoqshuo/k8s-cluster.git

2.2 更改values.yaml相关配置，也可以通过--set设置

redmineUsername：可选，默认为user
redminePassword：可选
redmineEmail：用于项目通知
smtpHost: smtp.xxx.com
smtpPort: 465
smtpUser: [email?protected]
smtpPassword: password
smtpTls: True
serviceType: ClusterIP


# 修改mariadb的storageClass: "gluster-heketi"，使用gfs动态存储

2.3 创建pv

• 注意：redmine的持久化使用的nfs

2.3.1 NFS(k8s-node01)

[[email?protected] redmine-helm]# pwd
/nfs/redmine-helm

[[email?protected] redmine-helm]# more /etc/exports
/nfs/es/ 192.168.2.0/24(rw,sync,no_subtree_check,no_root_squash)
/nfs/rmp-cluster/ 192.168.2.0/24(rw,no_root_squash)
/nfs/redis-cluster/ 192.168.2.0/24(rw,no_root_squash)
/nfs/redis-sentinel/ 192.168.2.0/24(rw,no_root_squash)
/nfs/redmine-helm/ 192.168.2.0/24(rw,no_root_squash)

[[email?protected] redmine-helm]# exportfs -rv
exporting 192.168.2.0/24:/nfs/redmine-helm
exporting 192.168.2.0/24:/nfs/redis-sentinel
exporting 192.168.2.0/24:/nfs/redis-cluster
exporting 192.168.2.0/24:/nfs/rmp-cluster
exporting 192.168.2.0/24:/nfs/es

2.3.2 修改 redmine.pv

[[email?protected] redmine-helm]# more redmine.pv
apiVersion: v1
kind: PersistentVolume
metadata:
  name: redmine-data
spec:
  capacity:
    storage: 4Gi
  accessModes:
    - ReadWriteOnce
  volumeMode: Filesystem
  persistentVolumeReclaimPolicy: Recycle
  storageClassName: "redmine-data"
  nfs:
    # real share directory
    path: /nfs/redmine-helm
    # nfs real ip
    server: 192.168.2.101

[[email?protected] redmine-helm]# kubectl create -f redmine.pv
persistentvolume/redmine-data created

2.3.3 查看pv

[[email?protected] redmine-helm]# kubectl get pv | grep redmine-data
redmine-data                               4Gi        RWO            Recycle          Available                                                                               redmine-data                       2m22s

2.4 安装redmine

helm install --name redmine .  --debug --namespace public-service

[[email?protected] redmine-helm]# helm install --name redmine .  --debug --namespace public-service
[debug] Created tunnel using local port: ‘34106‘

[debug] SERVER: "127.0.0.1:34106"

[debug] Original chart version: ""
[debug] CHART PATH: /opt/redmine-helm

NAME:   redmine
E1218 17:24:31.273068   15819 portforward.go:303] error copying from remote stream to local connection: readfrom tcp4 127.0.0.1:34106->127.0.0.1:38734: write tcp4 127.0.0.1:34106->127.0.0.1:38734: write: broken pipe
REVISION: 1
RELEASED: Tue Dec 18 17:24:21 2018
CHART: redmine-7.0.0
USER-SUPPLIED VALUES:

....
配置文档
....

LAST DEPLOYED: Tue Dec 18 17:24:21 2018
NAMESPACE: public-service
STATUS: DEPLOYED

RESOURCES:
==> v1/Secret
NAME             AGE
redmine-mariadb  2s
redmine-redmine  2s

==> v1/ConfigMap
redmine-mariadb        2s
redmine-mariadb-tests  2s

==> v1/PersistentVolumeClaim
redmine-redmine  2s

==> v1/Service
redmine-mariadb  2s
redmine-redmine  1s

==> v1beta1/Deployment
redmine-redmine  1s

==> v1beta1/StatefulSet
redmine-mariadb  1s


NOTES:
1. Get the Redmine URL:

  echo "Redmine URL: http://127.0.0.1:3000/"
  kubectl port-forward --namespace public-service svc/redmine-redmine 3000:3000

2. Login with the following credentials

  echo Username: user
  echo Password: $(kubectl get secret --namespace public-service redmine-redmine -o jsonpath="{.data.redmine-password}" | base64 --decode)

2.4.1 查看pods pv pvc

• pod

[[email?protected] redmine-helm]# kubectl get pod -n public-service | grep redmine
redmine-mariadb-0                  1/1     Running   0          16m
redmine-redmine-579bdb6749-4qjcg   1/1     Running   0          16m

• pv

[[email?protected] redmine-helm]# kubectl get pv -n public-service | grep redmine
pvc-b984ec62-02a6-11e9-87ec-000c2925b928   3Gi        RWO            Delete           Bound         public-service/data-redmine-mariadb-0                                     gluster-heketi                       2m59s
redmine-data                               4Gi        RWO            Recycle          Bound         public-service/redmine-redmine                                            redmine-data                       23m

• pvc

[[email?protected] redmine-helm]# kubectl get pvc -n public-service | grep redmine
data-redmine-mariadb-0                                     Bound    pvc-b984ec62-02a6-11e9-87ec-000c2925b928   3Gi        RWO            gluster-heketi                 3m50s
redmine-redmine                                            Bound    redmine-data                               4Gi        RWO            redmine-data                   3m52s

2.5 创建ingress，也可以直接在values.yaml指定

[[email?protected] redmine-helm]# kubectl create -f traefik-redmine.yaml
ingress.extensions/redmine created

[[email?protected] redmine-helm]# more traefik-redmine.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: redmine
  namespace: public-service
  annotations:
    kubernetes.io/ingress.class: traefik
spec:
  rules:
  - host: redmine.k8s.net
    http:
      paths:
      - backend:
          serviceName: redmine-redmine
          servicePort: 3000

[[email?protected] redmine-helm]# kubectl get ingress -n public-service  | grep redmine
redmine   redmine.k8s.net             80      3m

2.6 查看密码

[[email?protected] redmine-helm]# kubectl get secret --namespace public-service redmine-redmine -o jsonpath={.data.redmine-password} | base64 --decode
cdPAXfSp5L

3， 登录 配置 redmine

3.1 打开redmine网址：redmine.k8s.net

3.2 登录 redmine

3.3 语言配置

3.4 密码修改

3.5 LDAP配置

• 主机名及端口

3.6 用户配置

• 上述虽然勾选了即时生成用户，但是并未生成，所以需要创建与之对应的用户。注意：我采用的email认证，为了防止重名，如果使用用户名的话登录名属性填写uid。

3.6.1 创建一个项目：DevItem

3.6.2 创建dev组

3.6.3 创建对应用户

• 注意上述使用的mail认证方式，所以登录名为邮箱，如果采用uid则写cn的名字

3.6.4 登录测试