Install Gitlab CE using Podman Pod

# Install Gitlab CE using Podman Pod on Ubuntu 24.04 ## 1. 先決條件 1. 已安裝好 `podman` ## 2. 開始部署 Gitlab 1. 為 gitlab 建立設定檔、data 和 log 的永存目錄區 ``` sudo mkdir -p /etc/gitlab sudo chown $(id -u):$(id -g) /etc/gitlab/ sudo mkdir -p /var/lib/gitlab sudo chown $(id -u):$(id -g) /var/lib/gitlab/ sudo mkdir -p /var/log/gitlab sudo chown $(id -u):$(id -g) /var/log/gitlab/ mkdir -p ${HOME}/wulin/gitlab cd ${HOME}/wulin/gitlab ``` 2. 編輯 gitlab podman pod yaml ``` nano gitlab-pod.yaml ``` 檔案內容： ``` apiVersion: v1 kind: Pod metadata: labels: app: gitlab name: gitlab spec: containers: - name: gitlab image: docker.io/gitlab/gitlab-ce:latest securityContext: runAsUser: 0 runAsGroup: 0 ports: - containerPort: 80 hostPort: 8080 - containerPort: 443 hostPort: 8443 - containerPort: 22 hostPort: 2222 volumeMounts: - mountPath: /etc/gitlab:Z name: gitlab_config - mountPath: /var/log/gitlab:Z name: gitlab_logs - mountPath: /var/opt/gitlab:Z name: gitlab_data volumes: - name: gitlab_config hostPath: path: /etc/gitlab type: Directory - name: gitlab_logs hostPath: path: /var/log/gitlab type: Directory - name: gitlab_data hostPath: path: /var/lib/gitlab type: Directory ``` 3. 部署 gitlab ``` podman kube play gitlab-pod.yaml ``` 4. 檢視 pod 是否運作正常 ``` podman pod ps ``` 執行結果： ``` POD ID NAME STATUS CREATED INFRA ID # OF CONTAINERS f260ec400479 gitlab Running 6 minutes ago 64e7a631a704 2 ``` 5. 打開瀏覽器連線至 `http://<host_ip>:8080` ![image](https://hackmd.io/_uploads/rJLI7dNx-g.png) 6. 移除 gitlab ``` podman kube down gitlab-pod.yaml ``` 執行結果： ``` Pods stopped: f260ec4004799005a7088072f7e1193a9674f31365f1da21dde2a1b132dc99ba Pods removed: f260ec4004799005a7088072f7e1193a9674f31365f1da21dde2a1b132dc99ba Secrets removed: Volumes removed: ``` 7. 設定開機自動啟動 ``` # 1. 建立一個目錄 (在 user home 中)，用來存放 Podman Quadlet 要使用的 Kubernetes YAML # 注意路徑： ~/.config/containers/kube mkdir -p ~/.config/containers/kube # 2. 將 YAML 檔複製到上述 user 目錄中 (不需 sudo) cp gitlab-pod.yaml ~/.config/containers/kube/gitlab-pod.yaml # 3. 建立 user 的 Quadlet 目錄 (如果還不存在) # 注意路徑： ~/.config/containers/systemd mkdir -p ~/.config/containers/systemd # 4. 建立 user systemd 的 Quadlet unit 檔案 (不需 sudo) # 注意：檔案儲存在 ~/.config/containers/systemd/gitlab-pod.kube tee ~/.config/containers/systemd/gitlab-pod.kube >/dev/null <<'EOF' [Unit] Description=Podman Quadlet: Gitlab Pod (gitlab-pod) # User services 也可以依賴於網路 Wants=network-online.target After=network-online.target [Kube] # 關鍵：使用 %h 來代表 user 的 home 目錄 Yaml=%h/.config/containers/kube/gitlab-pod.yaml # StopTimeout=120 [Service] # 這些設定與 system service 相同 Restart=always RestartSec=5s TimeoutStopSec=120s [Install] # 關鍵：User services 應該使用 'default.target' # 這表示當您登入時，服務會啟動 WantedBy=default.target EOF # 5. 重新載入 user systemd daemon (使用 --user 旗標) systemctl --user daemon-reload # 6. 啟動 gitlab-pod 服務 systemctl --user start gitlab-pod.service # 7. 檢查 gitlab-pod 服務目前的運行狀態 (使用 --user 旗標) systemctl --user status gitlab-pod.service # 8. 啟用 lingering，讓您的 user service 在登出後繼續運行 loginctl enable-linger $(whoami) ``` 執行結果： ``` ● gitlab-pod.service - Podman Quadlet: Gitlab Pod (gitlab-pod) Loaded: loaded (/home/bigred/.config/containers/systemd/gitlab-pod.kube; generated) Active: active (running) since Fri 2025-11-14 17:24:14 CST; 3min 19s ago Main PID: 8412 (conmon) Tasks: 14 (limit: 9434) Memory: 7.6M (peak: 22.3M) CPU: 268ms CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/gitlab-pod.service ├─8412 /usr/bin/conmon --api-version 1 -c 403dce5090111114ccd9c39b1fa05a49ac57dc91b3bea32c95b77c9083a2a7… ├─8492 rootlessport ├─8497 rootlessport-child ├─8504 /usr/bin/conmon --api-version 1 -c 6ddd4be557c3b945612f3a96122014dee42ed19d659e536c7c31ce0c3e5d7a… └─8509 /usr/bin/conmon --api-version 1 -c 190c6322b1cc5c5edfc0651e74cd5d385acf28957c31918eeb0fa171e99123… Nov 14 17:27:22 gitlab.kubeantony.com gitlab-gitlab[8509]: 2025-11-14_09:27:22.05060 - -> /sidekiq Nov 14 17:27:23 gitlab.kubeantony.com gitlab-gitlab[8509]: Nov 14 17:27:23 gitlab.kubeantony.com gitlab-gitlab[8509]: ==> /var/log/gitlab/gitlab-rails/production_json.log <== Nov 14 17:27:23 gitlab.kubeantony.com gitlab-gitlab[8509]: {"method":"GET","path":"/-/metrics","format":"html","contr… Nov 14 17:27:29 gitlab.kubeantony.com gitlab-gitlab[8509]: Nov 14 17:27:29 gitlab.kubeantony.com gitlab-gitlab[8509]: ==> /var/log/gitlab/gitlab-exporter/current <== Nov 14 17:27:29 gitlab.kubeantony.com gitlab-gitlab[8509]: 2025-11-14_09:27:29.18027 127.0.0.1 - - [14/Nov/2025…0 1778 Nov 14 17:27:29 gitlab.kubeantony.com gitlab-gitlab[8509]: 2025-11-14_09:27:29.18030 - -> /database Nov 14 17:27:29 gitlab.kubeantony.com gitlab-gitlab[8509]: 2025-11-14_09:27:29.51964 127.0.0.1 - - [14/Nov/2025…0 1089 Nov 14 17:27:29 gitlab.kubeantony.com gitlab-gitlab[8509]: 2025-11-14_09:27:29.51966 - -> /ruby Hint: Some lines were ellipsized, use -l to show in full. ``` 8. 確認 gitlab Container 狀態為 `Up X minutes (healthy)` ``` podman ps -a ``` 執行結果： ``` CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 403dce509011 localhost/podman-pause:4.9.3-0 5 minutes ago Up 5 minutes ab2b6bed5526-service 6ddd4be557c3 localhost/podman-pause:4.9.3-0 5 minutes ago Up 5 minutes 0.0.0.0:2222->22/tcp, 0.0.0.0:8080->80/tcp, 0.0.0.0:8443->443/tcp 7ab0d212f129-infra 190c6322b1cc docker.io/gitlab/gitlab-ce:latest /assets/init-cont... 4 minutes ago Up 5 minutes (healthy) 0.0.0.0:2222->22/tcp, 0.0.0.0:8080->80/tcp, 0.0.0.0:8443->443/tcp gitlab-gitlab ``` 9. 獲取 gitlab root 使用者密碼 ``` podman exec gitlab-gitlab cat /etc/gitlab/initial_root_password ``` 執行結果： ``` # WARNING: This password is only valid if ALL of the following are true: # • You set it manually via the GITLAB_ROOT_PASSWORD environment variable # OR the gitlab_rails['initial_root_password'] setting in /etc/gitlab/gitlab.rb # • You set it BEFORE the initial database setup (typically during first installation) # • You have NOT changed the password since then (via web UI or command line) # # If this password doesn't work, reset the admin password using: # https://docs.gitlab.com/security/reset_user_password/#reset-the-root-password Password: nmPd3GbmDgzm/0eP85FA46v/GOL+erXn6/V7b0vnWgk= # NOTE: This file is automatically deleted after 24 hours on the next reconfigure run. ``` 10. 成功登入 gitlab 網站 ![image](https://hackmd.io/_uploads/HJhjDuVx-l.png) ## 3. 設定 Gitlab 1. 修改 `root` user 密碼點選 **Overview** -> **Users** -> **Edit** ![image](https://hackmd.io/_uploads/r1pXetEx-x.png) 在 Password 和 Password confirmation 欄位輸入密碼，然後按 **Save changes** ![image](https://hackmd.io/_uploads/H1QxWKEgZe.png) 2. 使用新的密碼重新登入 ![image](https://hackmd.io/_uploads/HyhNbtNxWl.png) ## 4. 參考連結 - [Gitlab CE Deployment with Podman](https://medium.com/@johanesmistrialdo/gitlab-ce-deployment-with-podman-d19272dc16dd)