This has been a long time coming, and I finally pulled up my shorts and wired up some SuperMicro servers I ordered last year.
Hardware Rack
This is the hardware setup.
Setting up the Gitlab host was based on a popular docker-compose repo on Github, but fine tuning its internal configs is orchestrated via Ansible. I have an extensive Ansible code-base that not only bootstraps a separate GoCD cluster, but the GoCD cluster itself, re-reuns the same Ansible playbooks to "bootstrap" itself, sort of in a recursive manner (It's kinda like how you build a 3D printer, and print and upgrade its own parts over time...). Now I just use the GoCD stack to trigger jobs in Gitlab. The main value with Gitlab is that I'm now running an internal container repository. To get this to work, I had to first generate self-signed certificates, and of course, I created a Rust repo to help me do just that. Once the certs, CA bundle (
ca_bundle.pem) , private keys etc are created, then these are distributed via Ansbile and installed on all my VM hosts.This allows docker, on all the hosts, to update the local CA bundle (in Debian), and they can connect to Gitlab without any issues.
CI job example
TBD
I plan to update this article in the future, as time permits.