--- stage: Configure group: Configure info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Instance clusters API (certificate-based) (DEPRECATED) **(FREE SELF)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36001) in GitLab 13.2. > - [Deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) in GitLab 14.5. WARNING: This feature was [deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) in GitLab 14.5. With [instance-level Kubernetes clusters](../user/instance/clusters/index.md), you can connect a Kubernetes cluster to the GitLab instance and use the same cluster across all of the projects within your instance. Users need administrator access to use these endpoints. ## List instance clusters Returns a list of instance clusters. ```plaintext GET /admin/clusters ``` Example request: ```shell curl --header "Private-Token: " "https://gitlab.example.com/api/v4/admin/clusters" ``` Example response: ```json [ { "id": 9, "name": "cluster-1", "created_at": "2020-07-14T18:36:10.440Z", "managed": true, "enabled": true, "domain": null, "provider_type": "user", "platform_type": "kubernetes", "environment_scope": "*", "cluster_type": "instance_type", "user": { "id": 1, "name": "Administrator", "username": "root", "state": "active", "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon", "web_url": "https://gitlab.example.com/root" }, "platform_kubernetes": { "api_url": "https://example.com", "namespace": null, "authorization_type": "rbac", "ca_cert":"-----BEGIN CERTIFICATE-----IxMDM1MV0ZDJkZjM...-----END CERTIFICATE-----" }, "provider_gcp": null, "management_project": null }, { "id": 10, "name": "cluster-2", "created_at": "2020-07-14T18:39:05.383Z", "domain": null, "provider_type": "user", "platform_type": "kubernetes", "environment_scope": "staging", "cluster_type": "instance_type", "user": { "id": 1, "name": "Administrator", "username": "root", "state": "active", "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon", "web_url": "https://gitlab.example.com/root" }, "platform_kubernetes": { "api_url": "https://example.com", "namespace": null, "authorization_type": "rbac", "ca_cert":"-----BEGIN CERTIFICATE-----LzEtMCadtaLGxcsGAZjM...-----END CERTIFICATE-----" }, "provider_gcp": null, "management_project": null }, { "id": 11, "name": "cluster-3", ... } ] ``` ## Get a single instance cluster Returns a single instance cluster. Parameters: | Attribute | Type | Required | Description | | ------------ | ------- | -------- | --------------------- | | `cluster_id` | integer | yes | The ID of the cluster | ```plaintext GET /admin/clusters/:cluster_id ``` Example request: ```shell curl --header "Private-Token: " "https://gitlab.example.com/api/v4/admin/clusters/9" ``` Example response: ```json { "id": 9, "name": "cluster-1", "created_at": "2020-07-14T18:36:10.440Z", "managed": true, "enabled": true, "domain": null, "provider_type": "user", "platform_type": "kubernetes", "environment_scope": "*", "cluster_type": "instance_type", "user": { "id": 1, "name": "Administrator", "username": "root", "state": "active", "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon", "web_url": "https://gitlab.example.com/root" }, "platform_kubernetes": { "api_url": "https://example.com", "namespace": null, "authorization_type": "rbac", "ca_cert":"-----BEGIN CERTIFICATE-----IxMDM1MV0ZDJkZjM...-----END CERTIFICATE-----" }, "provider_gcp": null, "management_project": null } ``` ## Add existing instance cluster Adds an existing Kubernetes instance cluster. ```plaintext POST /admin/clusters/add ``` Parameters: | Attribute | Type | Required | Description | | ---------------------------------------------------- | ------- | -------- | ----------------------------------------------------------------------------------------------------- | | `name` | string | yes | The name of the cluster | | `domain` | string | no | The [base domain](../user/project/clusters/gitlab_managed_clusters.md#base-domain) of the cluster | | `environment_scope` | string | no | The associated environment to the cluster. Defaults to `*` | | `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster | | `enabled` | boolean | no | Determines if cluster is active or not, defaults to `true` | | `managed` | boolean | no | Determines if GitLab manages namespaces and service accounts for this cluster. Defaults to `true` | | `platform_kubernetes_attributes[api_url]` | string | yes | The URL to access the Kubernetes API | | `platform_kubernetes_attributes[token]` | string | yes | The token to authenticate against Kubernetes | | `platform_kubernetes_attributes[ca_cert]` | string | no | TLS certificate. Required if API is using a self-signed TLS certificate. | | `platform_kubernetes_attributes[namespace]` | string | no | The unique namespace related to the project | | `platform_kubernetes_attributes[authorization_type]` | string | no | The cluster authorization type: `rbac`, `abac` or `unknown_authorization`. Defaults to `rbac`. | Example request: ```shell curl --header "Private-Token:" "http://gitlab.example.com/api/v4/admin/clusters/add" \ -H "Accept:application/json" \ -H "Content-Type:application/json" \ -X POST --data '{"name":"cluster-3", "environment_scope":"production", "platform_kubernetes_attributes":{"api_url":"https://example.com", "token":"12345", "ca_cert":"-----BEGIN CERTIFICATE-----qpoeiXXZafCM0ZDJkZjM...-----END CERTIFICATE-----"}}' ``` Example response: ```json { "id": 11, "name": "cluster-3", "created_at": "2020-07-14T18:42:50.805Z", "managed": true, "enabled": true, "domain": null, "provider_type": "user", "platform_type": "kubernetes", "environment_scope": "production", "cluster_type": "instance_type", "user": { "id": 1, "name": "Administrator", "username": "root", "state": "active", "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon", "web_url": "http://gitlab.example.com:3000/root" }, "platform_kubernetes": { "api_url": "https://example.com", "namespace": null, "authorization_type": "rbac", "ca_cert":"-----BEGIN CERTIFICATE-----qpoeiXXZafCM0ZDJkZjM...-----END CERTIFICATE-----" }, "provider_gcp": null, "management_project": null } ``` ## Edit instance cluster Updates an existing instance cluster. ```shell PUT /admin/clusters/:cluster_id ``` Parameters: | Attribute | Type | Required | Description | | ------------------------------------------- | ------- | -------- | ------------------------------------------------------------------------------------------ | | `cluster_id` | integer | yes | The ID of the cluster | | `name` | string | no | The name of the cluster | | `domain` | string | no | The [base domain](../user/project/clusters/gitlab_managed_clusters.md#base-domain) of the cluster | | `environment_scope` | string | no | The associated environment to the cluster | | `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster | | `enabled` | boolean | no | Determines if cluster is active or not | | `managed` | boolean | no | Determines if GitLab manages namespaces and service accounts for this cluster | | `platform_kubernetes_attributes[api_url]` | string | no | The URL to access the Kubernetes API | | `platform_kubernetes_attributes[token]` | string | no | The token to authenticate against Kubernetes | | `platform_kubernetes_attributes[ca_cert]` | string | no | TLS certificate. Required if API is using a self-signed TLS certificate. | | `platform_kubernetes_attributes[namespace]` | string | no | The unique namespace related to the project | NOTE: `name`, `api_url`, `ca_cert` and `token` can only be updated if the cluster was added through the [Add existing Kubernetes cluster](../user/project/clusters/add_existing_cluster.md) option or through the [Add existing instance cluster](#add-existing-instance-cluster) endpoint. Example request: ```shell curl --header "Private-Token: " "http://gitlab.example.com/api/v4/admin/clusters/9" \ -H "Content-Type:application/json" \ -X PUT --data '{"name":"update-cluster-name", "platform_kubernetes_attributes":{"api_url":"https://new-example.com","token":"new-token"}}' ``` Example response: ```json { "id": 9, "name": "update-cluster-name", "created_at": "2020-07-14T18:36:10.440Z", "managed": true, "enabled": true, "domain": null, "provider_type": "user", "platform_type": "kubernetes", "environment_scope": "*", "cluster_type": "instance_type", "user": { "id": 1, "name": "Administrator", "username": "root", "state": "active", "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon", "web_url": "https://gitlab.example.com/root" }, "platform_kubernetes": { "api_url": "https://new-example.com", "namespace": null, "authorization_type": "rbac", "ca_cert":"-----BEGIN CERTIFICATE-----IxMDM1MV0ZDJkZjM...-----END CERTIFICATE-----" }, "provider_gcp": null, "management_project": null, "project": null } ``` ## Delete instance cluster Deletes an existing instance cluster. Does not remove existing resources within the connected Kubernetes cluster. ```plaintext DELETE /admin/clusters/:cluster_id ``` Parameters: | Attribute | Type | Required | Description | | ------------ | ------- | -------- | --------------------- | | `cluster_id` | integer | yes | The ID of the cluster | Example request: ```shell curl --request DELETE --header "Private-Token: " "https://gitlab.example.com/api/v4/admin/clusters/11" ```