This is an old revision of the document!
Table of Contents
Gitlab and Kubernetes in CIS*3760 F23
This is a guide to assist students in CIS*3760 with the process of deploying an application developed on the SoCS Gitlab Server to our Kubernetes cluster. Each project group will be provided with their own server running RKE2 Kubernetes, on which to deploy. The server will be located at cis3760-XX where XX is your group number.
How To Interact With Kubernetes
You can interact with Kubernetes in the following ways:
Shell into the Server
You can ssh directly to your server and run kubectl commands as the root user or using sudo. This is the simplest method of connecting to the server.
Install Kubectl on Your Machine
If you prefer to interact with Kubernetes directly from your own machine, the kubectl command can be installed directly on your local machine.
Follow the instructions for your Operating system from the official Kubernetes documentation.
From the web interface , open the hamburger menu at the top left, and select your cluster listed under Explore Cluster. Select Download KubeConfig from the top right menu on this page. The icon looks like a sheet of paper. You can then copy it to your .kube folder which was created in the installation process.
Unfortunately, due to the current lack of VPN access, this method will only work from off campus, or if you proxy your connection through portkey. Directions to do this are beyond the scope of this guide.
Building your Application Container in Gitlab
Guide to use kaniko here.
1. You will need to host your Docker container. If the container can be publicly accessible, this can be hosted in Docker Hub. If it must be private, the SoCS Gitlab installation has it's own Docker Container Registry. To access the SoCS Registry, use docker login registry.uoguelph.ca and enter your central login/Gitlab credentials. Directions to tag and push can be found in your Gitlab project under Packages & Registries > Container Registry.
Integrating Gitlab and Kubernetes with Gitlab Agent
Integrate your Gitlab project with the Kubernetes cluster to automatically deploy and update your application as part of the ci/cd pipeline. This section assumes you already follow the previous step and have a project located on the SoCS Gitlab server, and that you have built the project into a Docker container.
1. Create a file in your Gitlab project at .gitlab/agents/infovis/config.yaml (extension must be yaml, not yml) with the following contents.
gitops:
manifest_projects:
- id: "<Your Project ID>"
paths:
- glob: '/manifests/*.{yaml,yml,json}'
Replace “<Your Project ID>” with the ID number of your project. This is listed under the project name in the main project screen.
3. In Gitlab, from the Infrastructure > Kubernetes Clusters Menu, choose Add Agent and select the agent named in the previous step. Make sure you save the token that is created for use in step 5.
4. In Kubernetes, create two namespaces - one for your project, and the other for the gitlab agent using the following commands.
kubectl create namespace infovis
kubectl create namespace gitlab-agent
5.
Use Helm, a tool for automating kubernetes deployments to install the gitlab agent on your server.
First, copy the contents of the next code block to a file on your kubernetes server named values.yml.
image: repository: "registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk" pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. tag: "v14.8.1" config: kasAddress: 'wss://gitlab.socs.uoguelph.ca:443/-/kubernetes-agent/'
Next, run the following command on your kubernetes server to install the gitlab agent in kubernetes and automatically connect it to your gitlab project.
helm upgrade --install gitlab-agent gitlab/gitlab-agent --set config.token='TOKEN_FROM_STEP_THREE' --namespace=gitlab-agent -f values.yml
8. In your Gitlab Project go to Settings > Registry > Deploy Tokens. Enter a name to label the token, a username, and check read_registry
9. Run the following command, substitution the username you entered in the previous step for DOCKER_USER, the token generated for DOCKER_PASSWORD, and an email address of one of the project members for DOCKER_EMAIL.
kubectl create secret docker-registry <name> --docker-server=registry.socs.uoguelph.ca --docker-username=DOCKER_USER --docker-password=DOCKER_PASSWORD --docker-email=DOCKER_EMAIL
The gitlab agent is now set up and can pull your container from the SoCS container registry.
Deploying your Application
Look at official documentation TODO add instructions on how to do this. TODO maybe add a sample repository.
The yaml file should be placed in your project git repository.