Solved

Karbon integration with GitLab

  • 17 June 2020
  • 6 replies
  • 3727 views

Userlevel 1
Badge +2

Hi, someone have experience integrating GitLab with Karbon? Basically I’m looking for automatic deployment from gitlab to karbon.

icon

Best answer by JoseNutanix 17 June 2020, 19:11

View original

This topic has been closed for comments

6 replies

Userlevel 4
Badge +5

Hi Anibal,

I guess you are looking the GitLab CI/CD integration with Kubernetes. If that’s the case, you just need to follow the GitLab Admin Guide that explains how to setup an existing Kubernetes cluster in your GitLab instance.

Userlevel 1
Badge +2

Hi Jose,

Great to know, I want to do it today or at last tomorrow, let me cross the fingers and see ;-)

 

Userlevel 4
Badge +5

No problem.

You should be able following this link (changing for your GL URL) https://<your_gitlab_url>/help/user/project/clusters/add_remove_clusters.md#existing-kubernetes-cluster

  • If you are running GitLab inside of your K8s cluster to configure, make sure you use the IP address of the Kubernetes service in the default namespace and not the FQDN kubernetes.default.svc.
  • If you are running GitLab out of the K8s cluster to configure, make sure in GitLab you allow the internal IP communication. Also, then you will need to use the IP address of the master.
Userlevel 1
Badge +2

Hi, now I have time to put the hands over the keyboard at start to implement the gitlab CI/CD integration with Karbon.

Following the gitlab kubernets integration document I stopped at token/gitlab-admin account.

I included the kubeconfig at my linux running inside my win10, I can reach the karbon showing the cluster info without any problem and also connected directly to the karbon with .sh scripts, but for both I can’t add the user and get:

 

kubectl apply -f gitlab-admin-service-account.yaml
serviceaccount/gitlab-admin unchanged
clusterrolebinding.rbac.authorization.k8s.io/gitlab-admin unchanged

 

I supposed that this kind of access are like admin, but it’s not.

Exist any tip that I need to do to be abble to create this user?

 

Anibal

 

Userlevel 1
Badge +2

Hi.. I hope that I used wrong, with the token access gitlab can reach the karbon cluster.. but I facing a problem to install Helm from gitlab.. I have a proxy between the server and the internet.. running kubectl from a linux machine I can deploy the kubernets dashboard without any problem, they download the images and deploy.. but the helm I see few problem to deploy.

At the PC and PE I changed the proxy settings to use one proxy over a linux machine to by pass my proxy authentication, normally works fine.. but on this case not:

 

m48s       Normal    Pulling     pod/install-helm   Pulling image "registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/2.16.3-kube-1.13.12"
3m48s       Warning   Failed      pod/install-helm   Failed to pull image "registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/2.16.3-kube-1.13.12": rpc error: code = Unknown desc = Error response from daemon: Get https://registry.gitlab.com/v2/: Proxy Authentication Required ( Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied.  )
3m48s       Warning   Failed      pod/install-helm   Error: ErrImagePull

 

my doubt, after I changed the proxy at PC and PE I need to do any proxy refresh at Kabon? Exist a way to check the proxy that Karbon are using to get internet access?

 

Userlevel 1
Badge +2

with few proxy adjustment it’s solved. helm pod are installed, but stoped on this topic:

 

2020-06-22T16:05:06.707958812Z + helm init --tiller-tls --tiller-tls-verify --tls-ca-cert /data/helm/helm/config/ca.pem --tiller-tls-cert /data/helm/helm/config/cert.pem --tiller-tls-key /data/helm/helm/config/key.pem --service-account tiller

2020-06-22T16:05:06.790705506Z Creating /root/.helm

2020-06-22T16:05:06.790762263Z Creating /root/.helm/repository

2020-06-22T16:05:06.790850492Z Creating /root/.helm/repository/cache

2020-06-22T16:05:06.790889064Z Creating /root/.helm/repository/local

2020-06-22T16:05:06.790924529Z Creating /root/.helm/plugins

2020-06-22T16:05:06.79097286Z Creating /root/.helm/starters

2020-06-22T16:05:06.790981726Z Creating /root/.helm/cache/archive

2020-06-22T16:05:06.791085951Z Creating /root/.helm/repository/repositories.yaml

2020-06-22T16:05:06.791096249Z Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com

2020-06-22T16:07:14.331970335Z Error: error initializing: Looks like "https://kubernetes-charts.storage.googleapis.com" is not a valid chart repository or cannot be reached: Get https://kubernetes-charts.storage.googleapis.com/index.yaml: dial tcp 172.217.3.112:443: connect: connection timed out

 

For my undestading the kubernetes-charts are tried to be installed without trought the proxy, true we didn’t see any proxy access to reach this site.

Exist a way to validate the internet access for the pods under the karbon?

 

Anibal