Product Discovery for Group-Level K8S Cluster Configuration
Background:
Currently K8S clusters can only be configured at the project level. If the same cluster is being used for multiple projects, it must be manually added multiple times.
We want provide users the ability to do Group-level K8S cluster config so a single cluster can be shared across projects.
What questions are you trying to answer?
What is the smallest sequence of mergeable steps that can be done for this?
See https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/21831#possible-mrs (
Are you looking to verify an existing hypothesis or uncover new issues you should be exploring?
No existing hypothesis
What is the backstory of this project and how does it impact the approach?
GitLab has provided the ability to connect a K8S cluster since 10.1, however, it has always taken place at the project level. This does not allow organization that use clusters at a group or org level to define a cluster once and use it across the entire org. We want the user to be able to easily define at which level they want to configure this cluster.
What do you already know about the areas you are exploring?
What does success look like at the end of the project?
Technical discovery for this issue should inform the MVC for the implementation issue.
Decisions
- We will only install group-level cluster applications in group clusters - https://gitlab.com/gitlab-org/gitlab-ce/issues/48418#note_103788885 (projects install cluster apps into group clusters should be a new issue)
- We will ship without Prometheus in the first release - https://gitlab.com/gitlab-org/gitlab-ee/issues/7412#note_103921412
- We will ship with nginx-ingress configured to watch cluster-wide. (no change from project-level nginx-ingress) - https://gitlab.com/gitlab-org/gitlab-ce/issues/48418#note_103773744
- We will ship without Jupytyerhub and Runner in the first release
- Group-level cluster will follow the same licensing approach as project-level clusters: CE will allow for 1 cluster at the group level (or sub-group level) and EE will allow for multiple cluster configuration (first iteration is likely to include single cluster capability). For example, on CE, Group 1 and sub-group A can each have 1 cluster only, on EE multiple cluster are supported.
- For CE, having a cluster configured at the group level shall not affect the ability for related project to have project-level clusters setup, that is, if Group 1 has a cluster setup, project 1A can have a separate cluster setup (project 1A belonging to Group 1).
- Group cluster would be available to projects under their namespace. - https://gitlab.com/gitlab-org/gitlab-ee/issues/7412#note_104034851
User stories and mockups
Sidebar and empty state
EE/CE |
---|
As an owner or maintainer, I should see a Kubernetes tab in my group sidebar. |
As an owner or maintainer, I should see an empty state with a call to action when I have no group clusters. |
Environment scope
Applications and domain
EE/CE |
---|
As an owner or maintainer, I am able to install Helm Tiller and Ingress on my group level cluster. Note: The only difference between EE/CE mockups would be the ability to set an environment. |
As an owner or maintainer, I am able to set a domain for both my group and project level clusters. |
Group | Project |
---|---|
Helm and Ingress not installed, domain disabled | Helm and Ingress not installed, domain disabled |
Helm and Ingress installed, domain enabled | Helm and Ingress installed, domain enabled |
Improvements: Alternative issues will be made for installing GitLab Runner, Prometheus, and Jupyterhub &114 (closed)
Group clusters
EE/CE |
---|
Group level clusters will be automatically added to projects within that group. |
Cluster Overrides
CE |
---|
As a user who created a new group cluster, I will be warned if my cluster won't be active for any given project. |
Improvement: Allow users to specify which projects they would like override. Create new issue
Possible improvement: Explore always keeping the create button enabled. In CE, this would mean owners and maintainers can add as many integrations as they want, but they must select one: either a group or a project level cluster. This removes confusion over why the user cannot create another integration. Create new issue
Editing group clusters
Improvement: Allow users to exclude a group level cluster from a specific project. Create new issue
Auto DevOps project settings
EE/CE |
---|
As an owner or maintainer, I am no longer able to set a domain within my project Auto DevOps settings |
Improvement: Resolve any UX Debt around deployment strategy, especially after moving the domain to cluster settings. Create new issue
Links / references:
Implementation issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/34758