Create release-environments GKE cluster
In order to have a GKE cluster to run the release environments (or tooling for them such as the GitLab Operator or Crosplane/GKE Config Config connector) we need to build one, inside the gitlab-release
project.
This cluster should be built to our traditional standards, by using the GKE terraform module, and the terraform for it living in the config-mgmt repository. The cluster
- Should be regional (minimal downtime)
- Should have auto-upgrades enabled and in-line with our other schedules
- Should be accessible through standard tooling (bastions?
glsh kube
?) - Running in the
gitlab-release
project - Using dataplane v2 for CNI networking (terraform variable
datapath_provider = "ADVANCED_DATAPATH"
) - One general use node pool
Since the cluster will be permanent, we should also spin up a bastion host that can be used to access it. This requires creating new Chef roles needed to bootstrap and provision the bastion host. At first blush these are:
-
release-base-bastion
(e.g: https://gitlab.com/gitlab-com/gl-infra/chef-repo/-/blob/master/roles/ops-base-bastion.json) -
release-base
(e.g. https://gitlab.com/gitlab-com/gl-infra/chef-repo/-/blob/master/roles/ops-base.json)
The runbooks bastion configuration docs should also be updated with connection information on how to access the environment via the release bastion.
Edited by Matt Field