Merge branch '35366-k8s-namespace-docs' into 'master'
Clarify k8s project namespace Closes #35366 See merge request gitlab-org/gitlab-ce!14139
This commit is contained in:
commit
aaf435d164
Binary file not shown.
Before Width: | Height: | Size: 111 KiB After Width: | Height: | Size: 14 KiB |
|
@ -13,32 +13,39 @@ template, see the [Services Templates](services_templates.md) document.
|
||||||
## Configuration
|
## Configuration
|
||||||
|
|
||||||
Navigate to the [Integrations page](project_services.md#accessing-the-project-services)
|
Navigate to the [Integrations page](project_services.md#accessing-the-project-services)
|
||||||
of your project and select the **Kubernetes** service to configure it.
|
of your project and select the **Kubernetes** service to configure it. Fill in
|
||||||
|
all the needed parameters, check the "Active" checkbox and hit **Save changes**
|
||||||
|
for the changes to take effect.
|
||||||
|
|
||||||
![Kubernetes configuration settings](img/kubernetes_configuration.png)
|
![Kubernetes configuration settings](img/kubernetes_configuration.png)
|
||||||
|
|
||||||
The Kubernetes service takes the following arguments:
|
The Kubernetes service takes the following parameters:
|
||||||
|
|
||||||
1. API URL
|
- **API URL** -
|
||||||
1. Custom CA bundle
|
It's the URL that GitLab uses to access the Kubernetes API. Kubernetes
|
||||||
1. Kubernetes namespace
|
exposes several APIs, we want the "base" URL that is common to all of them,
|
||||||
1. Service token
|
e.g., `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`.
|
||||||
|
- **CA certificate** (optional) -
|
||||||
The API URL is the URL that GitLab uses to access the Kubernetes API. Kubernetes
|
If the API is using a self-signed TLS certificate, you'll also need to include
|
||||||
exposes several APIs - we want the "base" URL that is common to all of them,
|
the `ca.crt` contents here.
|
||||||
e.g., `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`.
|
- **Project namespace** (optional) - The following apply:
|
||||||
|
- By default you don't have to fill it in; by leaving it blank, GitLab will
|
||||||
GitLab authenticates against Kubernetes using service tokens, which are
|
create one for you.
|
||||||
scoped to a particular `namespace`. If you don't have a service token yet,
|
- Each project should have a unique namespace.
|
||||||
you can follow the
|
- The project namespace is not necessarily the namespace of the secret, if
|
||||||
[Kubernetes documentation](http://kubernetes.io/docs/user-guide/service-accounts/)
|
you're using a secret with broader permissions, like the secret from `default`.
|
||||||
to create one. You can also view or create service tokens in the
|
- You should **not** use `default` as the project namespace.
|
||||||
[Kubernetes dashboard](http://kubernetes.io/docs/user-guide/ui/) - visit
|
- If you or someone created a secret specifically for the project, usually
|
||||||
`Config -> Secrets`.
|
with limited permissions, the secret's namespace and project namespace may
|
||||||
|
be the same.
|
||||||
Fill in the service token and namespace according to the values you just got.
|
- **Token** -
|
||||||
If the API is using a self-signed TLS certificate, you'll also need to include
|
GitLab authenticates against Kubernetes using service tokens, which are
|
||||||
the `ca.crt` contents as the `Custom CA bundle`.
|
scoped to a particular `namespace`. If you don't have a service token yet,
|
||||||
|
you can follow the
|
||||||
|
[Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/)
|
||||||
|
to create one. You can also view or create service tokens in the
|
||||||
|
[Kubernetes dashboard](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/#config)
|
||||||
|
(under **Config > Secrets**).
|
||||||
|
|
||||||
## Deployment variables
|
## Deployment variables
|
||||||
|
|
||||||
|
@ -59,7 +66,7 @@ GitLab CI build environment:
|
||||||
|
|
||||||
## Web terminals
|
## Web terminals
|
||||||
|
|
||||||
>**NOTE:**
|
NOTE: **Note:**
|
||||||
Added in GitLab 8.15. You must be the project owner or have `master` permissions
|
Added in GitLab 8.15. You must be the project owner or have `master` permissions
|
||||||
to use terminals. Support is currently limited to the first container in the
|
to use terminals. Support is currently limited to the first container in the
|
||||||
first pod of your environment.
|
first pod of your environment.
|
||||||
|
|
Loading…
Reference in New Issue