diff options
Diffstat (limited to 'doc/user/clusters/agent')
| -rw-r--r-- | doc/user/clusters/agent/ci_cd_tunnel.md | 42 | ||||
| -rw-r--r-- | doc/user/clusters/agent/index.md | 53 |
2 files changed, 25 insertions, 70 deletions
diff --git a/doc/user/clusters/agent/ci_cd_tunnel.md b/doc/user/clusters/agent/ci_cd_tunnel.md index 1f794bac37f..09123fdd472 100644 --- a/doc/user/clusters/agent/ci_cd_tunnel.md +++ b/doc/user/clusters/agent/ci_cd_tunnel.md @@ -6,7 +6,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w # CI/CD Tunnel -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327409) in GitLab 14.1. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327409) in GitLab 14.1. +> - Pre-configured `KUBECONFIG` [added](https://gitlab.com/gitlab-org/gitlab/-/issues/324275) in GitLab 14.2. The CI/CD Tunnel enables users to access Kubernetes clusters from GitLab CI/CD jobs even if there is no network connectivity between GitLab Runner and a cluster. GitLab Runner does not have to be running in the same cluster. @@ -21,47 +22,22 @@ Prerequisites: - An [Agent record](index.md#create-an-agent-record-in-gitlab). - The agent is [installed in the cluster](index.md#install-the-agent-into-the-cluster). -To access your cluster from a CI/CD job through the tunnel: +If your project has one or more Agent records, a `KUBECONFIG` variable that is compatible with `kubectl` is provided to your CI/CD jobs. A separate context (`kubecontext`) is available for each configured Agent. By default, no context is selected. -1. In your `.gitlab-ci.yml` add a section that creates a `kubectl` compatible configuration file (`kubecontext`) and use it in one - or more jobs: +Contexts are named in the following format: `<agent-configuration-project-path>:<agent-name>`. - ```yaml - variables: - AGENT_ID: 4 # agent id that you got when you created the agent record - KUBE_CFG_FILE: "$CI_PROJECT_DIR/.kubeconfig.agent.yaml" +To access your cluster from a CI/CD job through the tunnel: - .kubectl_config: &kubectl_config - - | - cat << EOF > "$KUBE_CFG_FILE" - apiVersion: v1 - kind: Config - clusters: - - name: agent - cluster: - server: https://kas.gitlab.com/k8s-proxy/ - users: - - name: agent - user: - token: "ci:$AGENT_ID:$CI_JOB_TOKEN" - contexts: - - name: agent - context: - cluster: agent - user: agent - current-context: agent - EOF +1. In your `.gitlab-ci.yml` select the context for the agent you wish to use: + ```yaml deploy: image: name: bitnami/kubectl:latest entrypoint: [""] script: - - *kubectl_config - - kubectl --kubeconfig="$KUBE_CFG_FILE" get pods + - kubectl config use-context path/to/agent-configuration-project:your-agent-name + - kubectl get pods ``` 1. Execute `kubectl` commands directly against your cluster with this CI/CD job you just created. - -We are working on [creating the configuration file automatically](https://gitlab.com/gitlab-org/gitlab/-/issues/324275) -to simplify the process. diff --git a/doc/user/clusters/agent/index.md b/doc/user/clusters/agent/index.md index 83933524fd4..c59d2a1f61c 100644 --- a/doc/user/clusters/agent/index.md +++ b/doc/user/clusters/agent/index.md @@ -140,46 +140,25 @@ All the options for the [Kubernetes Agent configuration repository](repository.m ### Create an Agent record in GitLab +> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5786) in GitLab 14.1, you can create a new Agent record directly from the GitLab UI. + Next, create a GitLab Rails Agent record to associate it with the configuration repository project. Creating this record also creates a Secret needed to configure -the Agent in subsequent steps. You can create an Agent record with GraphQL: - - ```graphql - mutation createAgent { - # agent-name should be the same as specified above in the config.yaml - createClusterAgent(input: { projectPath: "path-to/your-configuration-project", name: "<agent-name>" }) { - clusterAgent { - id - name - } - errors - } - } - - mutation createToken { - clusterAgentTokenCreate( - input: { - clusterAgentId: "<cluster-agent-id-taken-from-the-previous-mutation>" - description: "<optional-description-of-token>" - name: "<required-name-given-to-token>" - } - ) { - secret # This is the value you need to use on the next step - token { - createdAt - id - } - errors - } - } - ``` +the Agent in subsequent steps. -WARNING: -GraphQL only displays the token and ids **one time** after creating it. Make sure to write down the `secret`, `clusterAgentId`, and `clusterAgentTokenId`; you'll need them later. +In GitLab: + +1. From your project's sidebar, select **Infrastructure > Kubernetes clusters**. +1. Select the **GitLab Agent managed clusters** tab. +1. Select **Integrate with the GitLab Agent**. +1. From the **Select an Agent** dropdown menu, select the Agent you want to connect and select **Next** to access the installation form. +1. The form reveals your registration token. Securely store this secret token as you cannot view it again. +1. Copy the command under **Recommended installation method**. + +In your computer: - If you are new to using the GitLab GraphQL API, refer to the - [Getting started with the GraphQL API page](../../../api/graphql/getting_started.md), - or the [GraphQL Explorer](https://gitlab.com/-/graphql-explorer). +1. Open your local terminal and connect to your cluster. +1. Run the command you copied from the installation form. ### Install the Agent into the cluster @@ -192,7 +171,7 @@ kubectl create namespace gitlab-kubernetes-agent To perform a one-liner installation, run the command below. Make sure to replace: -- `your-agent-token` with the token received from the previous step. +- `your-agent-token` with the token received from the previous step (identified as `secret` in the JSON output). - `gitlab-kubernetes-agent` with the namespace you defined in the previous step. - `wss://kas.gitlab.example.com` with the configured access of the Kubernetes Agent Server (KAS). For GitLab.com users, the KAS is available under `wss://kas.gitlab.com`. |