Step 3: GitLab CI installation overview

To achieve a fully features GitLab installation we need to roughly do 5 things:

Install Docker (1.) on our machine and
Fetch proper Let´s Encrypt certificates (2.) for our not publicly accessible Vagrant Box.
Then everything needed for the GitLab Omnibus installation (3.) is done in the next task, followed by the
Configuration of the GitLab Container Registry (4.). The fifth step finally is to
Register a set of GitLab Runners (5.) that will be able to interact with the server´s Docker engine.

Infrastructure-as-Code with Ansible

Remember we wanted to do everything in an Infrastructure-as-Code manner? So nothing should be done without code, right?! So let´s pick one of the many available tools out there:

As Ansible is one of the cool kids in town - and brings in massive advantages compared to the others - we´ll pick this one for the workshop. One of the cool things about Ansible is it´s flat learning curve, which is also reflected in the usage of simple YAML files - called playbooks.

Our first Ansible playbook

Now let´s create our first playbook called prepare-gitlab.yml:

- hosts: all
  become: true

  tasks:
  - name: Update apt
    apt:
      update_cache: yes
    tags: update

As we want to provision our Vagrant Box (or potentially lot´s of servers) with our playbook, we need to configure the specific host. Therefore Ansible uses the concept of inventories. For now simply create a file calles hosts:

[gitlab-ci-stack]
172.16.2.15

You may recognize that this is our configure IP inside of our Vagrantfile - and to be consistent, we also name the Ansible host group gitlab-ci-stack.

Although Ansible also allows us to configure variables inside inventories, this is no best practice. So let´s start with defining our variables in a better way. Simply create a directory group_vars and a new file gitlab-ci-stack.yml inside of it:

ansible_user: vagrant
ansible_ssh_private_key_file: .vagrant/machines/gitlab-ci-stack/virtualbox/private_key
ansible_python_interpreter: /usr/bin/python3

The first parameter ansible_user tell Ansible to user our Vagrant user. The second ansible_ssh_private_key_file is needed since Vagrant automatically creates and inserts a new keypair after the first vagrant up. To give Ansible the chance to use this key, we need to configure it here. The last parameter ansible_python_interpreter tells Ansible to use the pre-installed Python 3 interpreter. The default version 2 isn´t present on Ubuntu boxes > 14.04. anymore.

Run the playbook

Now everything should be prepared to run our first playbook! Running playbooks is easy - just type ansible-playbook -i hosts prepare-gitlab.yml and it should run an apt-get update inside our Vagrant Box:

$ ansible-playbook -i hosts prepare-gitlab.yml 

PLAY [all] **************************************************************************************************

TASK [Gathering Facts] **************************************************************************************
ok: [172.16.2.15]

TASK [Update apt] *******************************************************************************************
changed: [172.16.2.15]

PLAY RECAP **************************************************************************************************
172.16.2.15                : ok=2    changed=1    unreachable=0    failed=0

PreviousStep 2: Infrastructure-as-Code with Vagrant

Last updated 7 years ago