Skip to content
GitLab Next
  • Menu
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • GitLab FOSS GitLab FOSS
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 0
    • Issues 0
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 1
    • Merge requests 1
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Package Registry
    • Container Registry
    • Infrastructure Registry
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.org
  • GitLab FOSSGitLab FOSS
  • Issues
  • #56557
Closed
Open
Created Jan 18, 2019 by Dylan Griffith@DylanGriffithMaintainer0 of 3 tasks completed0/3 tasks

Configurable Kubernetes namespace/svc account creation

Allow people to use old Kubernetes Integration behaviour (where they control their own service accounts)

Problem to solve

A lot of users don't want us to create service accounts and manage namespaces for them when using the Kubernetes integration. It is causing problems for lots of people. See:

  • https://gitlab.com/gitlab-org/gitlab-ce/issues/55933#note_130936015
  • https://gitlab.com/gitlab-org/gitlab-ee/issues/8897#note_132867481

Target audience

Developers, Operators

Further details

Proposal

Allow users to change a setting so that we just pass through the same cluster credentials without creating a namespace or service account.

At cluster creation time offer two options:

  1. Allow GitLab to manage namespace and service accounts for this cluster

    • A dedicated namespace and service account will be created for each project. These will be isolated from each other.
  2. I will manage cluster credentials, namespaces, and service accounts manually

    • Cluster credentials provided at create time will be used cluster-wide, no namespaces or service accounts will be created.

NOTES

  • This should not be supported when editing a cluster. Only on creation.
  • Docs will need two separate sections

Creation

  • On creation, a user can choose whether their cluster is managed by GitLab or not.

Screen_Shot_2019-03-07_at_2.32.36_PM

Proposed copy:

[x] GitLab-managed cluster

Allow GitLab to manage namespace and service accounts for this cluster. More information

Cluster settings

  • A user can see whether GitLab is managing their cluster within the cluster settings but this setting is disabled and not editable by the user.

Screen_Shot_2019-03-07_at_2.53.19_PM

Documentation

  • Add documentation related to this setting. This should include what it means for GitLab to manage namespace and service accounts. It should also include copy regarding Auto DevOps and the fact that we will create a namespace when using ADO if one does not already exist. We should also document that a namespace is still created for installed applications, gitlab-managed-apps

What does success look like, and how can we measure that?

Links / references

Edited May 15, 2019 by Daniel Gruesso
Assignee
Assign to
Time tracking