Skip to content

G
gitlab-ce
Commit 4a30d68a authored by Dennis Tang's avatar Dennis Tang
Browse files
Options

update documentation

parent 1a30e153
Hide whitespace changes
Inline Side-by-side
Showing with 64 additions and 62 deletions
doc/user/project/clusters/index.md
View file @ 4a30d68a
...@@ -23,39 +23,41 @@ You need Master [permissions] and above to access the Kubernetes page. ...@@ -23,39 +23,41 @@ You need Master [permissions] and above to access the Kubernetes page.
Before proceeding, make sure the following requirements are met: Before proceeding, make sure the following requirements are met:
- The [Google authentication integration](../../../integration/google.md) must * The [Google authentication integration](../../../integration/google.md) must
be enabled in GitLab at the instance level. If that's not the case, ask your be enabled in GitLab at the instance level. If that's not the case, ask your
GitLab administrator to enable it. GitLab administrator to enable it.
- Your associated Google account must have the right privileges to manage * Your associated Google account must have the right privileges to manage
clusters on GKE. That would mean that a [billing clusters on GKE. That would mean that a [billing
account](https://cloud.google.com/billing/docs/how-to/manage-billing-account) account](https://cloud.google.com/billing/docs/how-to/manage-billing-account)
must be set up and that you have to have permissions to access it. must be set up and that you have to have permissions to access it.
- You must have Master [permissions] in order to be able to access the * You must have Master [permissions] in order to be able to access the
**Kubernetes** page. **Kubernetes** page.
- You must have [Cloud Billing API](https://cloud.google.com/billing/) enabled * You must have [Cloud Billing API](https://cloud.google.com/billing/) enabled
- You must have [Resource Manager * You must have [Resource Manager
API](https://cloud.google.com/resource-manager/) API](https://cloud.google.com/resource-manager/)
If all of the above requirements are met, you can proceed to create and add a If all of the above requirements are met, you can proceed to create and add a
new Kubernetes cluster that will be hosted on GKE to your project: new Kubernetes cluster that will be hosted on GKE to your project:
1. Navigate to your project's **CI/CD > Kubernetes** page. 1. Navigate to your project's **CI/CD > Kubernetes** page.
1. Click on **Add Kubernetes cluster**. 1. Click on **Add Kubernetes cluster**.
1. Click on **Create with GKE**. 1. Ensure the **Create new cluster on GKE** tab is active, otherwise, select it.
1. Connect your Google account if you haven't done already by clicking the 1. Connect your Google account if you haven't done already by clicking the
**Sign in with Google** button. **Sign in with Google** button.
1. Fill in the requested values: 1. Fill in the requested values:
- **Cluster name** (required) - The name you wish to give the cluster.
- **GCP project ID** (required) - The ID of the project you created in your GCP * **Cluster name** (required) - The name you wish to give the cluster.
console that will host the Kubernetes cluster. This must **not** be confused * **GCP project ID** (required) - The ID of the project you created in your GCP
with the project name. Learn more about [Google Cloud Platform projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects). console that will host the Kubernetes cluster. This must **not** be confused
- **Zone** - The [zone](https://cloud.google.com/compute/docs/regions-zones/) with the project name. Learn more about [Google Cloud Platform projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects).
under which the cluster will be created. * **Zone** - The [zone](https://cloud.google.com/compute/docs/regions-zones/)
- **Number of nodes** - The number of nodes you wish the cluster to have. under which the cluster will be created.
- **Machine type** - The [machine type](https://cloud.google.com/compute/docs/machine-types) * **Number of nodes** - The number of nodes you wish the cluster to have.
of the Virtual Machine instance that the cluster will be based on. * **Machine type** - The [machine type](https://cloud.google.com/compute/docs/machine-types)
- **Environment scope** - The [associated environment](#setting-the-environment-scope) to this cluster. of the Virtual Machine instance that the cluster will be based on.
1. Finally, click the **Create Kubernetes cluster** button. * **Environment scope** - The [associated environment](#setting-the-environment-scope) to this cluster.
1. Finally, click the **Create Kubernetes cluster** button.
After a few moments, your cluster should be created. If something goes wrong, After a few moments, your cluster should be created. If something goes wrong,
you will be notified. you will be notified.
...@@ -70,20 +72,20 @@ You need Master [permissions] and above to access the Kubernetes page. ...@@ -70,20 +72,20 @@ You need Master [permissions] and above to access the Kubernetes page.
To add an existing Kubernetes cluster to your project: To add an existing Kubernetes cluster to your project:
1. Navigate to your project's **CI/CD > Kubernetes** page. 1. Navigate to your project's **CI/CD > Kubernetes** page.
1. Click on **Add Kubernetes cluster**. 1. Click on **Add Kubernetes cluster**.
1. Click on **Add an existing Kubernetes cluster** and fill in the details: 1. Click on the **Add existing cluster** tab and fill in the following details:
- **Kubernetes cluster name** (required) - The name you wish to give the cluster. * **Kubernetes cluster name** (required) - The name you wish to give the cluster.
- **Environment scope** (required)- The * **Environment scope** (required)- The
[associated environment](#setting-the-environment-scope) to this cluster. [associated environment](#setting-the-environment-scope) to this cluster.
- **API URL** (required) - * **API URL** (required) -
It's the URL that GitLab uses to access the Kubernetes API. Kubernetes It's the URL that GitLab uses to access the Kubernetes API. Kubernetes
exposes several APIs, we want the "base" URL that is common to all of them, exposes several APIs, we want the "base" URL that is common to all of them,
e.g., `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`. e.g., `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`.
- **CA certificate** (optional) - * **CA certificate** (optional) -
If the API is using a self-signed TLS certificate, you'll also need to include If the API is using a self-signed TLS certificate, you'll also need to include
the `ca.crt` contents here. the `ca.crt` contents here.
- **Token** - * **Token** -
GitLab authenticates against Kubernetes using service tokens, which are GitLab authenticates against Kubernetes using service tokens, which are
scoped to a particular `namespace`. If you don't have a service token yet, scoped to a particular `namespace`. If you don't have a service token yet,
you can follow the you can follow the
...@@ -91,17 +93,17 @@ To add an existing Kubernetes cluster to your project: ...@@ -91,17 +93,17 @@ To add an existing Kubernetes cluster to your project:
to create one. You can also view or create service tokens in the to create one. You can also view or create service tokens in the
[Kubernetes dashboard](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/#config) [Kubernetes dashboard](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/#config)
(under **Config > Secrets**). (under **Config > Secrets**).
- **Project namespace** (optional) - The following apply: * **Project namespace** (optional) - The following apply:
- By default you don't have to fill it in; by leaving it blank, GitLab will * By default you don't have to fill it in; by leaving it blank, GitLab will
create one for you. create one for you.
- Each project should have a unique namespace. * Each project should have a unique namespace.
- The project namespace is not necessarily the namespace of the secret, if * The project namespace is not necessarily the namespace of the secret, if
you're using a secret with broader permissions, like the secret from `default`. you're using a secret with broader permissions, like the secret from `default`.
- You should **not** use `default` as the project namespace. * You should **not** use `default` as the project namespace.
- If you or someone created a secret specifically for the project, usually * If you or someone created a secret specifically for the project, usually
with limited permissions, the secret's namespace and project namespace may with limited permissions, the secret's namespace and project namespace may
be the same. be the same.
1. Finally, click the **Create Kubernetes cluster** button. 1. Finally, click the **Add Kubernetes cluster** button.
After a few moments, your cluster should be created. If something goes wrong, After a few moments, your cluster should be created. If something goes wrong,
you will be notified. you will be notified.
...@@ -150,12 +152,12 @@ GitLab provides a one-click install for various applications which will be ...@@ -150,12 +152,12 @@ GitLab provides a one-click install for various applications which will be
added directly to your configured cluster. Those applications are needed for added directly to your configured cluster. Those applications are needed for
[Review Apps](../../../ci/review_apps/index.md) and [deployments](../../../ci/environments.md). [Review Apps](../../../ci/review_apps/index.md) and [deployments](../../../ci/environments.md).
| Application | GitLab version | Description | | Application | GitLab version | Description |
| ----------- | :------------: | ----------- | | --------------------------------------------------------------------------- | :------------: | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [Helm Tiller](https://docs.helm.sh/) | 10.2+ | Helm is a package manager for Kubernetes and is required to install all the other applications. It will be automatically installed as a dependency when you try to install a different app. It is installed in its own pod inside the cluster which can run the `helm` CLI in a safe environment. | | [Helm Tiller](https://docs.helm.sh/) | 10.2+ | Helm is a package manager for Kubernetes and is required to install all the other applications. It will be automatically installed as a dependency when you try to install a different app. It is installed in its own pod inside the cluster which can run the `helm` CLI in a safe environment. |
| [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) | 10.2+ | Ingress can provide load balancing, SSL termination, and name-based virtual hosting. It acts as a web proxy for your applications and is useful if you want to use [Auto DevOps] or deploy your own web apps. | | [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) | 10.2+ | Ingress can provide load balancing, SSL termination, and name-based virtual hosting. It acts as a web proxy for your applications and is useful if you want to use [Auto DevOps] or deploy your own web apps. |
| [Prometheus](https://prometheus.io/docs/introduction/overview/) | 10.4+ | Prometheus is an open-source monitoring and alerting system useful to supervise your deployed applications | | [Prometheus](https://prometheus.io/docs/introduction/overview/) | 10.4+ | Prometheus is an open-source monitoring and alerting system useful to supervise your deployed applications |
| [GitLab Runner](https://docs.gitlab.com/runner/) | 10.6+ | GitLab Runner is the open source project that is used to run your jobs and send the results back to GitLab. It is used in conjunction with [GitLab CI/CD](https://about.gitlab.com/features/gitlab-ci-cd/), the open-source continuous integration service included with GitLab that coordinates the jobs. When installing the GitLab Runner via the applications, it will run in **privileged mode** by default. Make sure you read the [security implications](#security-implications) before doing so. | | [GitLab Runner](https://docs.gitlab.com/runner/) | 10.6+ | GitLab Runner is the open source project that is used to run your jobs and send the results back to GitLab. It is used in conjunction with [GitLab CI/CD](https://about.gitlab.com/features/gitlab-ci-cd/), the open-source continuous integration service included with GitLab that coordinates the jobs. When installing the GitLab Runner via the applications, it will run in **privileged mode** by default. Make sure you read the [security implications](#security-implications) before doing so. |
## Getting the external IP address ## Getting the external IP address
...@@ -244,11 +246,11 @@ Also, jobs that don't have an environment keyword set will not be able to access ...@@ -244,11 +246,11 @@ Also, jobs that don't have an environment keyword set will not be able to access
For example, let's say the following Kubernetes clusters exist in a project: For example, let's say the following Kubernetes clusters exist in a project:
| Cluster | Environment scope | | Cluster | Environment scope |
| ---------- | ------------------- | | ----------- | ----------------- |
| Development| `*` | | Development | `*` |
| Staging | `staging/*` | | Staging | `staging/*` |
| Production | `production/*` | | Production | `production/*` |
And the following environments are set in [`.gitlab-ci.yml`](../../../ci/yaml/README.md): And the following environments are set in [`.gitlab-ci.yml`](../../../ci/yaml/README.md):
...@@ -278,9 +280,9 @@ deploy to production: ...@@ -278,9 +280,9 @@ deploy to production:
The result will then be: The result will then be:
- The development cluster will be used for the "test" job. * The development cluster will be used for the "test" job.
- The staging cluster will be used for the "deploy to staging" job. * The staging cluster will be used for the "deploy to staging" job.
- The production cluster will be used for the "deploy to production" job. * The production cluster will be used for the "deploy to production" job.
## Multiple Kubernetes clusters ## Multiple Kubernetes clusters
...@@ -300,22 +302,22 @@ The Kubernetes cluster integration exposes the following ...@@ -300,22 +302,22 @@ The Kubernetes cluster integration exposes the following
[deployment variables](../../../ci/variables/README.md#deployment-variables) in the [deployment variables](../../../ci/variables/README.md#deployment-variables) in the
GitLab CI/CD build environment. GitLab CI/CD build environment.
| Variable | Description | | Variable | Description |
| -------- | ----------- | | ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `KUBE_URL` | Equal to the API URL. | | `KUBE_URL` | Equal to the API URL. |
| `KUBE_TOKEN` | The Kubernetes token. | | `KUBE_TOKEN` | The Kubernetes token. |
| `KUBE_NAMESPACE` | The Kubernetes namespace is auto-generated if not specified. The default value is `<project_name>-<project_id>`. You can overwrite it to use different one if needed, otherwise the `KUBE_NAMESPACE` variable will receive the default value. | | `KUBE_NAMESPACE` | The Kubernetes namespace is auto-generated if not specified. The default value is `<project_name>-<project_id>`. You can overwrite it to use different one if needed, otherwise the `KUBE_NAMESPACE` variable will receive the default value. |
| `KUBE_CA_PEM_FILE` | Only present if a custom CA bundle was specified. Path to a file containing PEM data. | | `KUBE_CA_PEM_FILE` | Only present if a custom CA bundle was specified. Path to a file containing PEM data. |
| `KUBE_CA_PEM` | (**deprecated**) Only if a custom CA bundle was specified. Raw PEM data. | | `KUBE_CA_PEM` | (**deprecated**) Only if a custom CA bundle was specified. Raw PEM data. |
| `KUBECONFIG` | Path to a file containing `kubeconfig` for this deployment. CA bundle would be embedded if specified. | | `KUBECONFIG` | Path to a file containing `kubeconfig` for this deployment. CA bundle would be embedded if specified. |
## Enabling or disabling the Kubernetes cluster integration ## Enabling or disabling the Kubernetes cluster integration
After you have successfully added your cluster information, you can enable the After you have successfully added your cluster information, you can enable the
Kubernetes cluster integration: Kubernetes cluster integration:
1. Click the "Enabled/Disabled" switch 1. Click the "Enabled/Disabled" switch
1. Hit **Save** for the changes to take effect 1. Hit **Save** for the changes to take effect
You can now start using your Kubernetes cluster for your deployments. You can now start using your Kubernetes cluster for your deployments.
...@@ -394,4 +396,4 @@ the deployment variables above, ensuring any pods you create are labelled with ...@@ -394,4 +396,4 @@ the deployment variables above, ensuring any pods you create are labelled with
[permissions]: ../../permissions.md [permissions]: ../../permissions.md
[ee]: https://about.gitlab.com/products/ [ee]: https://about.gitlab.com/products/
[Auto DevOps]: ../../../topics/autodevops/index.md [auto devops]: ../../../topics/autodevops/index.md
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7