What is GitLab and the GitLab Operator?
Founded in 2011 and now with over 30 million users, GitLab is an open-source DevSecOps platform presented as a single application built to change how Development, Security, and Ops teams collaborate and build software. GitLab's core objective revolves around providing a space for every individual to contribute, firmly believing that such inclusivity fuels the pace of innovation. They emphasize remote work, open-source principles, DevSecOps methodologies, and iterative processes.
The GitLab Operator is crucial in overseeing the complete lifecycle management of GitLab instances within Kubernetes or OpenShift container platforms. Its primary objective is to simplify installing and configuring GitLab instances, ensuring a seamless transition between different versions. This development initiative aims to enhance the user experience by streamlining the installation and upgrade processes for GitLab instances.
What is an Operator?
An Operator refers to a Kubernetes native application that expands upon the controller concepts of Kubernetes resources. It incorporates specific knowledge related to an application and can be customized to oversee the complete lifecycle management of applications, including tasks such as installation and autoscaling of pods. The Operator comprises three key components: a custom resource, custom controller, and application-specific knowledge. Essentially, an Operator functions as a controller that monitors the custom resource and alters the state of the Kubernetes cluster based on the application-specific knowledge integrated into the custom resource definition. Operators are highly capable Kubernetes tools that can automate an application's comprehensive management, simplifying the operational tasks involved.
Install the GitLab Operator on OpenShift
Step 1: Prerequisites
Deploy a Custom SCC:
allowHostDirVolumePlugin: false
allowHostIPC: false
allowHostNetwork: false
allowHostPID: false
allowHostPorts: false
allowPrivilegeEscalation: true
allowPrivilegedContainer: false
allowedCapabilities: null
apiVersion: security.openshift.io/v1
defaultAddCapabilities:
- NET_BIND_SERVICE
fsGroup:
type: MustRunAs
groups: []
kind: SecurityContextConstraints
metadata:
name: gitlab-nginx-ingress-scc
priority: null
readOnlyRootFilesystem: false
requiredDropCapabilities:
- ALL
runAsUser:
type: MustRunAs
uid: 101
seLinuxContext:
type: MustRunAs
Deploy the IngressClass:
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
name: gitlab-nginx
spec:
controller: "k8s.io/ingress-nginx"
Deploy cert-manager via OLM into your OpenShift cluster.
Step 2: Install GitLab Operator
Install the GitLab Operator: 
Create a GitLab instance and check that the instance is running:
$ oc -n gitlab-system get gitlab
NAME STATUS VERSION
gitlab Running 6.10.3
Check that the GitLab pods are all running and healthy:
$ oc -n gitlab-system get po
NAME READY STATUS RESTARTS AGE
gitlab-controller-manager-77dd5cfb98-99787 2/2 Running 0 19m
gitlab-gitaly-0 1/1 Running 0 17m
gitlab-gitlab-exporter-594bdf655b-l6f62 1/1 Running 0 16m
gitlab-gitlab-shell-9fdbdcf87-2t655 1/1 Running 0 10m
gitlab-gitlab-shell-9fdbdcf87-p5x8g 1/1 Running 0 16m
gitlab-kas-798947c9df-7pg7h 1/1 Running 0 10m
gitlab-kas-798947c9df-p6pxg 1/1 Running 0 16m
gitlab-migrations-1-40b-1-sc87g 0/1 Completed 0 16m
gitlab-minio-68796dfbf7-vc7sf 1/1 Running 0 17m
gitlab-minio-create-buckets-1-8j2wg 0/1 Completed 0 17m
gitlab-nginx-ingress-controller-57c7fdcf99-pqnfn 1/1 Running 0 18m
gitlab-nginx-ingress-controller-57c7fdcf99-zgrh5 1/1 Running 0 18m
gitlab-postgresql-0 2/2 Running 0 17m
gitlab-redis-master-0 2/2 Running 0 17m
gitlab-registry-556c46c55c-k4stp 1/1 Running 0 10m
gitlab-registry-556c46c55c-xp9rh 1/1 Running 0 16m
gitlab-shared-secrets-1-5p3-hm8p8 0/1 Completed 0 18m
gitlab-shared-secrets-1-9ah-selfsign-cv7dg 0/1 Completed 0 17m
gitlab-sidekiq-all-in-1-v2-774fb74b69-cvvtg 1/1 Running 0 11m
gitlab-toolbox-57d6b56fdc-nsnzt 1/1 Running 0 16m
gitlab-webservice-default-588bbd84f5-h7mgp 2/2 Running 0 11m
gitlab-webservice-default-588bbd84f5-mtsfj 2/2 Running 0 10m
Step 3: Configure your GitLab instance
Check that the ingress was created:
$ oc -n gitlab-system get ing
NAME CLASS HOSTS ADDRESS PORTS AGE
gitlab-kas gitlab-nginx kas.opdev.io ...us-east-1.elb.amazonaws.com 80, 443 55s
gitlab-minio gitlab-nginx minio.opdev.io ...us-east-1.elb.amazonaws.com 80, 443 86s
gitlab-registry gitlab-nginx registry.opdev.io ...us-east-1.elb.amazonaws.com 80, 443 55s
gitlab-webservice-default gitlab-nginx gitlab.opdev.io ...us-east-1.elb.amazonaws.com 80, 443 54s
Update DNS to match the hostnames used in the ingress.
Browse to the domain in the ingress:
Obtain the initial root credentials to the GitLab instance:
oc -n gitlab-system get secrets gitlab-gitlab-initial-root-password -o yaml | yq e '.data.password' - | base64 -d
These instructions have been verified to work on the current GitLab-supported OpenShift cluster versions, specifically v4.9 through v4.11 at the time of writing.
Wrap up
Now that you're officially a pro at installing the GitLab Operator and configuring a GitLab instance on OpenShift, you can experiment with what this Operator offers!
GitLab is a powerful, open-source platform with an extensive community contributing code daily, transforming collaboration and software development in Development, Security, and Ops teams. The GitLab Operator is a great tool to quickly spin up and manage the lifecycle of a GitLab instance, simplifying the installation, use, and upgrading of your instances. For more information, explore their website and documentation.
Categories
