Skip to content
Snippets Groups Projects

Improve Kubernetes support

Merged Kamil Trzciński requested to merge kubernetes-support into master
All threads resolved!

This is made on top of https://gitlab.com/gitlab-org/gitlab-ci-multi-runner/merge_requests/30.

It improves support for:

  • reading credentials from .kube/config or KUBECONFIG env variable,
  • supporting missing docker image,
  • removing helper containers to run clone/artifacts/caching support,
  • adding integration tests for most common scenarios: abort, cancel, missing image, build failure,
  • adds a notice to license executors/kubernetes/exec.go that this file was modified

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
338 308 err := e.Prepare(test.GlobalConfig, test.RunnerConfig, test.Build)
339 309
340 310 if err != nil {
311 if test.Error {
312 assert.Error(t, err)
313 } else {
314 assert.NoError(t, err)
315 }
341 316 if !test.Error {
342 317 t.Errorf("Got error. Expected: %v", test.Expected)
343 318 }
  • Although we're using the ~/.kube/config file, we don't really need to depend upon kubectl being installed and available on the PATH. Perhaps we're better to check for the existence of ~/.kube/config, or further, attempt to create a config structure from it to ensure it's valid?

  • Author Maintainer

    @munnerz

    I don't have strong opinion on dependency on kubectl, but by executing kubectl cluster-info we are also ensuring that the credentials are valid and allow to access currently running cluster.

    Edited by Kamil Trzciński
  • The tests pass locally \o/

    ok      gitlab.com/gitlab-org/gitlab-ci-multi-runner/executors/kubernetes       156.440s        coverage: 49.7% of statements

    Coverage seems low compared to docker (62%), docker-machine (71%), shell (73.8%) and virtualbox (67.5%), but I think it's fibbing - profile attached.

    cover.out

    About half of my comments from !30 (merged) appear to be addressed, it's a bit difficult to swap from one to the other :violin:

  • Author Maintainer

    @nick.thomas

    I agree it's not perfect.

  • Author Maintainer

    @nick.thomas

    You have to configure access to Kubernetes cluster, then you will see this:

    coverage: 80.8% of statements
    ok  	gitlab.com/gitlab-org/gitlab-ci-multi-runner/executors/kubernetes	27.302s
  • Kamil Trzciński Added 1 commit:

    Added 1 commit:

    • 45e8436e - Update Kubernetes documentation
  • Kamil Trzciński Added 1 commit:

    Added 1 commit:

    • fcaf28c3 - Close kubeClient on Cleanup
  • Kamil Trzciński Resolved all discussions

    Resolved all discussions

  • Kamil Trzciński Enabled an automatic merge when the build for fcaf28c3 succeeds

    Enabled an automatic merge when the build for fcaf28c3 succeeds

  • Ahhhhh, much better, awesome :)

  • Kamil Trzciński Added 11 commits:

    Added 11 commits:

    • fcaf28c3...aebd7006 - 10 commits from branch master
    • bef548ff - Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ci-multi-runner into kubernetes-support
  • Kamil Trzciński Status changed to merged

    Status changed to merged

  • mentioned in commit 18ae6b13

  • Is there any docker image to test this?

  • Author Maintainer

    @andypost This is part of Bleeding Edge release.

  • Reza Mohammadi
    Reza Mohammadi @remohammadi started a thread on commit 5feb888e
  • 31 1. **Build**: User build. This is run on the user-provided docker image.
    32 1. **Post-build**: Create cache, upload artifacts to GitLab. This is run on
    33 a special Docker Image.
    34
    35 The special Docker Image is based on [Alpine Linux] and contains all the tools
    36 required to run the prepare step of the build: the Git binary and the Runner
    37 binary for supporting caching and artifacts. You can find the definition of
    38 this special image [in the official Runner repository][special-build].
    39
    40 ## Connecting to the Kubernetes API
    41
    42 The following options are provided, which allow you to connect to the Kubernetes API:
    43
    44 - `host`: Optional Kubernetes master host URL (auto-discovery attempted if not specified)
    45 - `cert_file`: Optional Kubernetes master auth certificate
    46 - `key_file`: Optional Kubernetes master auth private key
    • master is misleading here. Is it referring to a user which has full access to the api server? Because the api.key which is mentioned below as the example value seems like the name of the key which the kubernetes api-server itself uses for providing the service through https.

    • No you're correct in thinking it's a user that has full access to the apiserver and not the TLS keypair that the apiserver uses. I'll update the docs to make this a bit clearer.

    • Please register or sign in to reply
  • Please register or sign in to reply
    Loading