You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This guide serves as a reference for setting up GitLab CE in a local Kubernetes development environment. In this guide, we'll be using minikube as it is the accepted standard.
Local Development Environment Requirements
To deploy the k8s manifest files from this repository in the local development environment, it is necessary to install the following applications:
The proposed development environment was configured and tested on Ubuntu 22.04.2 LTS (Jammy Jellyfish).
Create Cluster
For the implementation of this cluster, a CPU with 4 cores and 10 GB of RAM will be configured, according to the recommended resources for running GitLab.
After installing the Docker, Minikube and Kubectl applications, from a terminal with administrator access (but not logged in as root), run to create a cluster locally:
minikube start --cpus 4 --memory 10240
Enable ingress addon to manage external access to cluster services:
note: The password file will be automatically deleted in the first reconfigure run after 24 hours.
Locally-trusted Development Certificates
Warning: The certificate configuration must be done before executing the SSH settings to avoid errors in the activation and deactivation steps of the ingress addon. When disabling and enabling the ingress addon after configuring SSH, the following error occurs:
minikube addons disable ingress Exiting due to IF_SSH_AUTH: run callbacks: running callbacks: [NewSession: new client: new client: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain] Suggestion: Your host is failing to route packets to the minikube VM. If you have VPN software, try turning it off or configuring it so that it does not re-route traffic to the VM IP. If not, check your VM environment routing options. Documentation: https://minikube.sigs.k8s.io/docs/handbook/vpn_and_proxy/ Related issue: https://github.com/kubernetes/minikube/issues/3930
To automatically create and install a local CA at the system root and generate locally trusted certificates, mkcert will be used.
The certificate will be saved in the path /home/user/.local/share/mkcert. The path can also be seen by running the command:
mkcert -CAROOT
Warning: the rootCA-key.pem file that mkcert automatically generates gives complete power to intercept secure requests from your machine. Do not share it.
Generate local development trust certificates:
mkcert gitlab.local "*.gitlab.local"
Create TLS secret which contains custom certificate and private key:
Go to https://gitlab.local and the browser should recognize the local domain as secure.
Cloned Repository via SSH
The 3 steps that need to be followed in order to be able to clone GitLab repositories:
Configure the Ingress Controller to access GitLab via SSH;
Configure an SSH key pair on the clone destination;
Configure SSH key in GitLab user preferences.
Configuring Ingress Controller for External GitLab Shell Access via SSH
The GitLab Shell component requires TCP traffic to pass through on port 22 (by default; this can be changed). Ingress does not directly support TCP services, so some additional configuration is necessary.
Add the GitLab Shell service listening on port 22 to the nginx configMap:
Before you create a key pair, see if a key pair already exists.
ls /home/user/.ssh
If not, you need to generate a key. Run ssh-keygen -t followed by the key type and an optional comment. This comment is included in the created .pub file.
For 2048-bit RSA:
ssh-keygen -t rsa -b 2048 -C ""
A public key and a private key will be created. See the GitLab documentation for more SSH key configuration options .
Configure SSH key in GitLab User Preferences
Get the SSH public key value by running the command:
cat /home/user/.ssh/id_rsa.pub
Copy SSH key to clipboard.
Log into GitLab and click on your account preferences.
Click the SSH Keys link and paste the copied value into the text field.
Set an expiration date, and then click the blue button to persistently add the GitLab SSH key.
For this example, the app-hello-world project located inside the examples directory will be used.
Before starting, a group and a project have already been created in this group. For this example, the group group-hello-world and the project project-hello-world were created.
Generate a docker image from the app-hello-world project's Dockerfile:
