GitLab Documentation

Connecting GitLab with a Kubernetes cluster

Introduced in GitLab 10.1.

Connect your project to Google Kubernetes Engine (GKE) or an existing Kubernetes cluster in a few steps.

With a cluster associated to your project, you can use Review Apps, deploy your applications, run your pipelines, and much more, in an easy way.

There are two options when adding a new cluster to your project; either associate your account with Google Kubernetes Engine (GKE) so that you can create new clusters from within GitLab, or provide the credentials to an existing Kubernetes cluster.

Prerequisites

In order to be able to manage your Kubernetes cluster through GitLab, the following prerequisites must be met.

For a cluster hosted on GKE:

For an existing Kubernetes cluster:


If all of the above requirements are met, you can proceed to add a new Kubernetes cluster.

Adding and creating a new GKE cluster via GitLab

Note: You need Master permissions and above to access the Clusters page.

Before proceeding, make sure all prerequisites are met. To add a new cluster hosted on GKE to your project:

  1. Navigate to your project's CI/CD > Clusters page.
  2. Click on Add cluster.
  3. Click on Create with GKE.
  4. Connect your Google account if you haven't done already by clicking the Sign in with Google button.
  5. Fill in the requested values:
    • Cluster name (required) - The name you wish to give the cluster.
    • GCP project ID (required) - The ID of the project you created in your GCP console that will host the Kubernetes cluster. This must not be confused with the project name. Learn more about Google Cloud Platform projects.
    • Zone - The zone under which the cluster will be created.
    • Number of nodes - The number of nodes you wish the cluster to have.
    • Machine type - The machine type of the Virtual Machine instance that the cluster will be based on.
    • Environment scope - The associated environment to this cluster.
  6. Finally, click the Create cluster button.

After a few moments, your cluster should be created. If something goes wrong, you will be notified.

You can now proceed to install some pre-defined applications and then enable the Cluster integration.

Adding an existing Kubernetes cluster

Note: You need Master permissions and above to access the Clusters page.

To add an existing Kubernetes cluster to your project:

  1. Navigate to your project's CI/CD > Clusters page.
  2. Click on Add cluster.
  3. Click on Add an existing cluster and fill in the details:
    • Cluster name (required) - The name you wish to give the cluster.
    • Environment scope (required)- The associated environment to this cluster.
    • API URL (required) - It's the URL that GitLab uses to access the Kubernetes API. Kubernetes exposes several APIs, we want the "base" URL that is common to all of them, e.g., https://kubernetes.example.com rather than https://kubernetes.example.com/api/v1.
    • CA certificate (optional) - If the API is using a self-signed TLS certificate, you'll also need to include the ca.crt contents here.
    • Token - GitLab authenticates against Kubernetes using service tokens, which are scoped to a particular namespace. If you don't have a service token yet, you can follow the Kubernetes documentation to create one. You can also view or create service tokens in the Kubernetes dashboard (under Config > Secrets).
    • Project namespace (optional) - The following apply:
      • By default you don't have to fill it in; by leaving it blank, GitLab will create one for you.
      • Each project should have a unique namespace.
      • The project namespace is not necessarily the namespace of the secret, if you're using a secret with broader permissions, like the secret from default.
      • You should not use default as the project namespace.
      • If you or someone created a secret specifically for the project, usually with limited permissions, the secret's namespace and project namespace may be the same.
  4. Finally, click the Create cluster button.

The Kubernetes service takes the following parameters:

After a few moments, your cluster should be created. If something goes wrong, you will be notified.

You can now proceed to install some pre-defined applications and then enable the Cluster integration.

Installing applications

GitLab provides a one-click install for various applications which will be added directly to your configured cluster. Those applications are needed for Review Apps and deployments.

Application GitLab version Description
Helm Tiller 10.2+ Helm is a package manager for Kubernetes and is required to install all the other applications. It will be automatically installed as a dependency when you try to install a different app. It is installed in its own pod inside the cluster which can run the helm CLI in a safe environment.
Ingress 10.2+ Ingress can provide load balancing, SSL termination, and name-based virtual hosting. It acts as a web proxy for your applications and is useful if you want to use Auto DevOps or deploy your own web apps.
Prometheus 10.4+ Prometheus is an open-source monitoring and alerting system useful to supervise your deployed applications

Setting the environment scope

When adding more than one clusters, you need to differentiate them with an environment scope. The environment scope associates clusters and environments in an 1:1 relationship similar to how the environment-specific variables work.

The default environment scope is *, which means all jobs, regardless of their environment, will use that cluster. Each scope can only be used by a single cluster in a project, and a validation error will occur if otherwise.


For example, let's say the following clusters exist in a project:

Cluster Environment scope
Development *
Staging staging/*
Production production/*

And the following environments are set in .gitlab-ci.yml:

stages:
- test
- deploy

test:
  stage: test
  script: sh test

deploy to staging:
  stage: deploy
  script: make deploy
  environment:
    name: staging/$CI_COMMIT_REF_NAME
    url: https://staging.example.com/

deploy to production:
  stage: deploy
  script: make deploy
  environment:
    name: production/$CI_COMMIT_REF_NAME
    url: https://example.com/

The result will then be:

Multiple Kubernetes clusters

Introduced in GitLab Enterprise Edition Premium 10.3.

With GitLab EEP, you can associate more than one Kubernetes clusters to your project. That way you can have different clusters for different environments, like dev, staging, production, etc.

To add another cluster, follow the same steps as described in adding a Kubernetes cluster and make sure to set an environment scope that will differentiate the new cluster with the rest.

Deployment variables

The Kubernetes cluster integration exposes the following deployment variables in the GitLab CI/CD build environment:

Enabling or disabling the Cluster integration

After you have successfully added your cluster information, you can enable the Cluster integration:

  1. Click the "Enabled/Disabled" switch
  2. Hit Save for the changes to take effect

You can now start using your Kubernetes cluster for your deployments.

To disable the Cluster integration, follow the same procedure.

Removing the Cluster integration

Note: You need Master permissions and above to remove a cluster integration.
Note: When you remove a cluster, you only remove its relation to GitLab, not the cluster itself. To remove the cluster, you can do so by visiting the GKE dashboard or using kubectl.

To remove the Cluster integration from your project, simply click on the Remove integration button. You will then be able to follow the procedure and add a cluster again.

What you can get with the Kubernetes integration

Here's what you can do with GitLab if you enable the Kubernetes integration.

Deploy Boards (EEP)

Available in GitLab Enterprise Edition Premium.

GitLab's Deploy Boards offer a consolidated view of the current health and status of each CI environment running on Kubernetes, displaying the status of the pods in the deployment. Developers and other teammates can view the progress and status of a rollout, pod by pod, in the workflow they already use without any need to access Kubernetes.

> Read more about Deploy Boards

Canary Deployments (EEP)

Available in GitLab Enterprise Edition Premium.

Leverage Kubernetes' Canary deployments and visualize your canary deployments right inside the Deploy Board, without the need to leave GitLab.

> Read more about Canary Deployments

Kubernetes monitoring

Automatically detect and monitor Kubernetes metrics. Automatic monitoring of NGINX ingress is also supported.

> Read more about Kubernetes monitoring

Auto DevOps

Auto DevOps automatically detects, builds, tests, deploys, and monitors your applications.

To make full use of Auto DevOps(Auto Deploy, Auto Review Apps, and Auto Monitoring) you will need the Kubernetes project integration enabled.

> Read more about Auto DevOps

Web terminals

Note: Introduced in GitLab 8.15. You must be the project owner or have master permissions to use terminals. Support is limited to the first container in the first pod of your environment.

When enabled, the Kubernetes service adds web terminal support to your environments. This is based on the exec functionality found in Docker and Kubernetes, so you get a new shell session within your existing containers. To use this integration, you should deploy to Kubernetes using the deployment variables above, ensuring any pods you create are labelled with app=$CI_ENVIRONMENT_SLUG. GitLab will do the rest!


Leave a comment below if you have any feedback on the documentation. For support and other enquiries, see getting help.