Feedback issue: running multiple agents in a single cluster
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Goal
This issue is to collect feedback from users running multiple agentk instances within a single cluster.
At GitLab, we recommend running a single agent per cluster, and use the various impersonation features offered by the agent for multi-tenant setups. At the same time, we acknowledge that there might be valid use cases that we currently do not support, and as a result require multiple agents to run in parallel within a cluster. We would like to learn more about these use cases, so we can provide a solution with a single agent.
Note: the impersonation features require a Premium license.
Enablers of a single agent
The agent for Kubernetes offering has several features that aim to support multi-tenant usage:
- sharing an agent connection in GitLab pipelines across projects and groups
- sharing an agent connection in the GitLab UI across projects and groups
- impersonating a CI job with rich group bindings for targeted RBAC configuration
- impersonating a GitLab user with rich group bindings for targeted RBAC configuration
Why a single agent
Why GitLab recommends a single agent (a non-exhaustive list):
- easier to maintain and upgrade
- easier to keep track of tokens and rotate them regularly
- overall lower resource requirements
What to do
If you ended up running multiple agent installations in a single cluster, please, provide your use case or upvote the linked issues, so we can better prioritise related work.