- Use the CI/CD Tunnel to run Kubernetes commands from GitLab CI/CD
- Share the CI/CD Tunnel provided by an Agent with other projects and group
- Example for a
kubectlcommand using the CI/CD Tunnel
The CI/CD Tunnel enables users to access Kubernetes clusters from GitLab CI/CD jobs even if there is no network connectivity between GitLab Runner and a cluster. GitLab Runner does not have to be running in the same cluster.
Only CI/CD jobs set in the configuration project can access one of the configured agents.
- A running
- A configuration repository with an Agent config file
- An Agent record.
- The Agent installed in the cluster.
If your project has access to one or more Agent records available, its CI/CD
jobs provide a
KUBECONFIG variable compatible with
Also, each Agent has a separate context (
kubecontext). By default,
there isn’t any context selected.
Contexts are named in the following format:
To get the list of available contexts, run
kubectl config get-contexts.
The Agent can be configured to enable access to the CI/CD Tunnel to other projects or all the projects under a given group. This way you can have a single agent serving all the requests for several projects saving on resources and maintenance.
You can read more on how to authorize access to groups in the Agent configuration reference.
The following example shows a CI/CD job that runs a
kubectl command using the CI/CD Tunnel.
You can run any Kubernetes-specific commands similarly, such as
kpt, and so on. To do so:
- Set your Agent’s context in the first command with the format
- Run Kubernetes commands.
deploy: image: name: bitnami/kubectl:latest entrypoint: [""] script: - kubectl config use-context path/to/agent-configuration-project:your-agent-name - kubectl get pods