Refresh GKE Marketplace Images/Chart
Currently our GKE Marketplace offering is based off a fork of the Helm chart. I believe we have incorporated all of the changes, outside of a few values.yaml settings. (For example, to reduce the replica counts to 1)
We should refresh the GKE marketplace chart with the current version, as well as update the charts to be the now current version.
Decisions
Track / Version ID
We discussed how the track/version id will be used in https://gitlab.com/charts/gitlab/issues/913. The end decision is that releases will be tagged Major.Minor
.
Thus, in the current iteration; Track 11 is the latest of 11.0, Track 11.9 is the latest of any 11.9.x release.
Challenge Summary [ ADDED: 2019-02-26 ]
Use a Wrapper Chart or Fork Main Cloud Native GitLab Chart
We opted to use a wrapper chart and that decision is documented in charts/gitlab#914.
TL;DR - a wrapper chart allows us to set configuration values in a Marketplace specific values.yaml without having to port extra changes into the upstream Cloud Native GitLab chart.
Upstream NGINX Issue
A check for semantic version in the upstream nginx chart broke the deployment to marketplace. We fixed in charts/gitlab#910.
Marketplace Changed Base Deployer Image, No Documentation
There is now a deployer image with tiller; it wasn't in the documentation. This was discovered/documented along with a new field required APPLICATION_UID in charts/gitlab#1042.
charts/gitlab#1042
Schema Automation
The schema.yaml
required to deploy on the Marketplace also has to track all container tags/versions deployed by the Cloud Native GitLab chart. Issue #912 (closed) covers our automation of that process.
Role Based Access Control
The Google Marketplace deployer changed how it handles access control. We cannot create ServiceAccounts from the charts; they must be pre-populated into the schema.yaml
before chart deployment.
Issue #1040 (closed) tracks the automation work exporting ServiceAccount resources from our existing charts into the schema.yaml
required by the Google Marketplace.
Tooling
Repetitive work slowed down testing, so #1041 (closed) tracks the work to create the basic tooling allowing fast creation of new deployer images and testing/teardown of GKE clusters.
Many comments on its related merge request charts/deploy-image-helm-base!48 relate to discoveries made while using the tooling to test the releases.
Deployer Validation Doesn't Understand Resources Aren't Used
The validation tool that gates deployment to the public Google Marketplace doesn't know that ClusterRole resources are not being used even if the Application Cluster Resource Definition says they are allowable. #1176 (closed) documents work to eliminate that problem.
Application Custom Resource Definition Outdated
The validation gateway script from Google attempts to install the application and then tear it down. It continually failed in teardown because we were using the original version of the Application Custom Resource Definition which links components using the apiVersion
. Updated to the modern version resolving this issue in https://gitlab.com/charts/gitlab/merge_requests/740
Additional Feature Request: External LoadBalancer
Asked to support adding an optional flag to add an external loadbalancer.