# Adding and removing Kubernetes clusters
> 原文:[https://docs.gitlab.com/ee/user/project/clusters/add_remove_clusters.html](https://docs.gitlab.com/ee/user/project/clusters/add_remove_clusters.html)
* [Before you begin](#before-you-begin)
* [Access controls](#access-controls)
* [Important notes](#important-notes)
* [RBAC cluster resources](#rbac-cluster-resources)
* [ABAC cluster resources](#abac-cluster-resources)
* [Security of GitLab Runners](#security-of-gitlab-runners)
* [Create new cluster](#create-new-cluster)
* [Add existing cluster](#add-existing-cluster)
* [Existing Kubernetes cluster](#existing-kubernetes-cluster)
* [Disable Role-Based Access Control (RBAC) (optional)](#disable-role-based-access-control-rbac-optional)
* [Enabling or disabling integration](#enabling-or-disabling-integration)
* [Removing integration](#removing-integration)
* [Learn more](#learn-more)
# Adding and removing Kubernetes clusters[](#adding-and-removing-kubernetes-clusters "Permalink")
GitLab 為以下 Kubernetes 提供者提供了集成的集群創建功能:
* Google Kubernetes 引擎(GKE).
* Amazon Elastic Kubernetes 服務(EKS).
GitLab 還可以與本地或托管的任何標準 Kubernetes 提供程序集成.
**注意:**觀看[使用 GitLab 和 Google Cloud Platform 進行](https://about.gitlab.com/webcast/scalable-app-deploy/)的網絡廣播[可擴展應用程序部署,](https://about.gitlab.com/webcast/scalable-app-deploy/)并了解如何通過單擊幾下加速由 Google Cloud Platform(GCP)管理的 Kubernetes 集群.**提示:**每個新的 Google Cloud Platform(GCP)帳戶[在注冊后](https://console.cloud.google.com/freetrial)都會獲得[$ 300 的信用額](https://console.cloud.google.com/freetrial) ,并且與 Google 合作,GitLab 能夠為新的 GCP 帳戶提供額外的$ 200,以開始使用 GitLab 的 Google Kubernetes Engine Integration. 您所要做的就是[點擊此鏈接](https://cloud.google.com/partners/partnercredit/?pcn_code=0014M00001h35gDQAQ#contact-form)并申請信貸.
## Before you begin[](#before-you-begin "Permalink")
在使用 GitLab [添加 Kubernetes 集群](#create-new-cluster)之前,您需要:
* GitLab 本身. 要么:
* 一個[GitLab.com 帳戶](https://about.gitlab.com/pricing/#gitlab-com) .
* 使用 GitLab 12.5 或更高版本的[自我管理安裝](https://about.gitlab.com/pricing/#self-managed) . 這將確保 GitLab UI 可用于創建集群.
* 以下 GitLab 訪問:
* [維護者](../../permissions.html#project-members-permissions)對項目級集群的項目[訪問](../../permissions.html#project-members-permissions) .
* [維護者](../../permissions.html#group-members-permissions)對組級別集群的[訪問權限](../../permissions.html#group-members-permissions) .
* 自我管理的實例級別群集的管理[區域訪問](../../admin_area/index.html) .
## Access controls[](#access-controls "Permalink")
在 GitLab 中創建集群時,系統會詢問您是否要創建以下任一集群:
* A [Role-based access control (RBAC)](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) cluster.
* An [Attribute-based access control (ABAC)](https://kubernetes.io/docs/reference/access-authn-authz/abac/) cluster.
**注意:**建議使用[RBAC](#rbac-cluster-resources) ,GitLab 為默認值.
GitLab 創建必要的服務帳戶和特權,以安裝和運行[GitLab 托管的應用程序](index.html#installing-applications) . 當 GitLab 創建集群時,將在`default`名稱空間中創建具有`cluster-admin`特權的`gitlab`服務帳戶,以管理新創建的集群.
**注意:**用于部署的受限服務帳戶是在 GitLab 11.5 中[引入的](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/51716) .
The first time you install an application into your cluster, the `tiller` service account is created with `cluster-admin` privileges in the `gitlab-managed-apps` namespace. This service account will be used by Helm to install and run [GitLab managed applications](index.html#installing-applications).
Helm 還將為每個已安裝的應用程序創建其他服務帳戶和其他資源. 有關每個應用程序,請查閱 Helm 圖表的文檔.
如果要[添加現有的 Kubernetes 集群](add_remove_clusters.html#add-existing-cluster) ,請確保該帳戶的令牌具有該集群的管理員特權.
GitLab 創建的資源取決于集群的類型.
### Important notes[](#important-notes "Permalink")
請注意以下有關訪問控制的內容:
* 僅當集群[由 GitLab 管理時,](index.html#gitlab-managed-clusters)才會創建特定于環境的資源.
* 如果您的集群是在 GitLab 12.2 之前創建的,它將為所有項目環境使用單個名稱空間.
### RBAC cluster resources[](#rbac-cluster-resources "Permalink")
GitLab 為 RBAC 集群創建以下資源.
| Name | Type | Details | 創建時間 |
| --- | --- | --- | --- |
| `gitlab` | `ServiceAccount` | `default` namespace | 創建一個新集群 |
| `gitlab-admin` | `ClusterRoleBinding` | [`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) roleRef | 創建一個新集群 |
| `gitlab-token` | `Secret` | `gitlab` ServiceAccount 的令牌 | 創建一個新集群 |
| `tiller` | `ServiceAccount` | `gitlab-managed-apps` namespace | 安裝舵圖 |
| `tiller-admin` | `ClusterRoleBinding` | `cluster-admin` roleRef | 安裝舵圖 |
| 環境名稱空間 | `Namespace` | 包含所有特定于環境的資源 | 部署到集群 |
| 環境名稱空間 | `ServiceAccount` | 使用環境的名稱空間 | 部署到集群 |
| 環境名稱空間 | `Secret` | 環境 ServiceAccount 的令牌 | 部署到集群 |
| 環境名稱空間 | `RoleBinding` | [`edit`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) roleRef | 部署到集群 |
### ABAC cluster resources[](#abac-cluster-resources "Permalink")
GitLab 為 ABAC 群集創建以下資源.
| Name | Type | Details | 創建時間 |
| --- | --- | --- | --- |
| `gitlab` | `ServiceAccount` | `default` namespace | 創建一個新集群 |
| `gitlab-token` | `Secret` | `gitlab` ServiceAccount 的令牌 | 創建一個新集群 |
| `tiller` | `ServiceAccount` | `gitlab-managed-apps` namespace | 安裝舵圖 |
| `tiller-admin` | `ClusterRoleBinding` | `cluster-admin` roleRef | 安裝舵圖 |
| 環境名稱空間 | `Namespace` | 包含所有特定于環境的資源 | 部署到集群 |
| 環境名稱空間 | `ServiceAccount` | 使用環境的名稱空間 | 部署到集群 |
| 環境名稱空間 | `Secret` | 環境 ServiceAccount 的令牌 | 部署到集群 |
### Security of GitLab Runners[](#security-of-gitlab-runners "Permalink")
GitLab Runners 默認情況[下](https://docs.gitlab.com/runner/executors/docker.html)啟用了[特權模式](https://docs.gitlab.com/runner/executors/docker.html) ,這使他們可以執行特殊命令并在 Docker 中運行 Docker. 運行某些[Auto DevOps](../../../topics/autodevops/index.html)作業需要此功能. 這意味著容器正在特權模式下運行,因此,您應該注意一些重要的細節.
特權標志為正在運行的容器提供了所有功能,而容器又可以執行主機可以執行的幾乎所有操作. 請注意與對任意映像執行`docker run`操作相關的固有安全風險,因為它們有效地具有 root 用戶訪問權限.
如果您不想在特權模式下使用 GitLab Runner,請執行以下任一操作:
* 在 GitLab.com 上使用共享的跑步者. 他們沒有這個安全問題.
* 使用[Shared Runners 中](../../gitlab_com/index.html#shared-runners)描述的配置來設置自己的[Runners](../../gitlab_com/index.html#shared-runners) . 這涉及:
1. 確保您沒有通過[應用程序](index.html#installing-applications)安裝它.
2. [使用`docker+machine`](https://docs.gitlab.com/runner/executors/docker_machine.html)安裝 Runner.
## Create new cluster[](#create-new-cluster "Permalink")
可以使用 Google Kubernetes Engine(GKE)上的 GitLab 或 Amazon Elastic Kubernetes Service(EKS)在項目,組或實例級別上創建新集群:
1. 導航到您的:
* 項目的 **操作> Kubernetes**頁面,用于項目級集群.
* 組的 **Kubernetes**頁面,用于組級別集群.
* **管理區>** **Kubernetes**頁面,用于實例級集群.
2. Click **添加 Kubernetes 集群**.
3. 單擊**創建新集群**選項卡.
4. 單擊**Amazon EKS**或**Google GKE** ,然后按照說明提供所需的服務:
* [亞馬遜 EKS](add_eks_clusters.html#new-eks-cluster) .
* [Google GKE](add_gke_clusters.html#creating-the-cluster-on-gke) .
## Add existing cluster[](#add-existing-cluster "Permalink")
如果您已有 Kubernetes 集群,則可以將其添加到項目,組或實例中.
**注意:** arm64 集群不支持 Kubernetes 集成. 有關詳細信息,請參閱問題[Helm Tiller 無法在 arm64 群集上安裝](https://gitlab.com/gitlab-org/gitlab/-/issues/29838) .
### Existing Kubernetes cluster[](#existing-kubernetes-cluster "Permalink")
要將 Kubernetes 集群添加到您的項目,組或實例:
1. 導航到您的:
1. 項目的 **操作> Kubernetes**頁面,用于項目級集群.
2. 組的 **Kubernetes**頁面,用于組級別集群.
3. **管理區>** **Kubernetes**頁面,用于實例級集群.
2. Click **添加 Kubernetes 集群**.
3. 單擊**添加現有集群**選項卡,然后填寫詳細信息:
1. **Kubernetes 集群名稱** (必填)-您希望為**集群指定**的名稱.
2. **環境范圍** (必需)- [與](index.html#setting-the-environment-scope-premium)此集群[相關的環境](index.html#setting-the-environment-scope-premium) .
3. **API URL** (必填)-這是 GitLab 用于訪問 Kubernetes API 的 URL. Kubernetes 公開了幾個 API,我們想要所有這些 API 通用的"基本" URL. 例如, `https://kubernetes.example.com`而不是`https://kubernetes.example.com/api/v1` .
通過運行以下命令獲取 API URL:
```
kubectl cluster-info | grep 'Kubernetes master' | awk '/http/ {print $NF}'
```
4. **CA 證書** (必需)-需要有效的 Kubernetes 證書才能對集群進行身份驗證. 我們將使用默認創建的證書.
1. 列出帶有`kubectl get secrets` ,并且應將其命名類似于`default-token-xxxxx` . 復制該令牌名稱以在下面使用.
2. 通過運行以下命令獲取證書:
```
kubectl get secret <secret name> -o jsonpath = "{['data']['ca \. crt']}" | base64 --decode
```
**注意:**如果命令返回整個證書鏈,則需要在證書鏈的底部復制*根 ca*證書.
5. **令牌** -GitLab 使用服務令牌對 Kubernetes 進行身份驗證,服務令牌的作用域是特定的`namespace` . **使用的令牌應屬于具有[`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles)特權的服務帳戶.** 要創建此服務帳戶:
1. 創建一個名為`gitlab-admin-service-account.yaml` ,其內容為:
```
apiVersion : v1 kind : ServiceAccount metadata : name : gitlab-admin namespace : kube-system --- apiVersion : rbac.authorization.k8s.io/v1beta1 kind : ClusterRoleBinding metadata : name : gitlab-admin roleRef : apiGroup : rbac.authorization.k8s.io kind : ClusterRole name : cluster-admin subjects : - kind : ServiceAccount name : gitlab-admin namespace : kube-system
```
2. 將服務帳戶和群集角色綁定應用于您的群集:
```
kubectl apply -f gitlab-admin-service-account.yaml
```
您將需要`container.clusterRoleBindings.create`權限來創建集群級角色. 如果您沒有此權限,則可以選擇啟用基本身份驗證,然后以管理員身份運行`kubectl apply`命令:
```
kubectl apply -f gitlab-admin-service-account.yaml --username = admin --password = <password>
```
**注意:**可以打開基本身份驗證,并可以使用 Google Cloud Console 獲取密碼憑據.
輸出:
```
serviceaccount "gitlab-admin" created clusterrolebinding "gitlab-admin" created
```
3. 檢索`gitlab-admin`服務帳戶的令牌:
```
kubectl -n kube-system describe secret $( kubectl -n kube-system get secret | grep gitlab-admin | awk '{print $1}' )
```
從輸出中復制`<authentication_token>`值:
```
Name : gitlab-admin-token-b5zv4 Namespace : kube-system Labels : <none> Annotations : kubernetes.io/service-account.name=gitlab-admin kubernetes.io/service-account.uid=bcfe66ac-39be-11e8-97e8-026dce96b6e8 Type : kubernetes.io/service-account-token Data ==== ca.crt : 1025 bytes namespace : 11 bytes token : <authentication_token>
```
**注意:**對于 GKE 群集,您將需要`container.clusterRoleBindings.create`權限來創建群集角色綁定. 您可以按照[Google Cloud 文檔](https://cloud.google.com/iam/docs/granting-changing-revoking-access)授予訪問權限.
6. **由 GitLab 管理的群集** -如果要讓 GitLab 管理該群集的名稱空間和服務帳戶,請選中此復選框. 有關更多信息,請參見[托管集群部分](index.html#gitlab-managed-clusters) .
7. **項目名稱空間** (可選)-您不必填寫它; 將其保留為空白,GitLab 將為您創建一個. 也:
* 每個項目應具有唯一的名稱空間.
* 如果您正在使用具有更廣泛權限的機密(例如`default`的機密),則項目名稱空間不一定是機密的名稱空間.
* 你**不**應該使用`default`為項目命名空間.
* 如果您或某人為項目專門創建了一個秘密(通常具有有限的權限),則該秘密的名稱空間和項目名稱空間可能是相同的.
4. 最后,單擊**創建 Kubernetes 集群**按鈕.
幾分鐘后,您的集群將準備就緒. 現在,您可以繼續安裝一些[預定義的應用程序](index.html#installing-applications) .
#### Disable Role-Based Access Control (RBAC) (optional)[](#disable-role-based-access-control-rbac-optional "Permalink")
通過 GitLab 集成連接集群時,您可以指定集群是否支持 RBAC. 這將影響 GitLab 如何與集群進行某些操作的交互. 如果您在創建時*未*選中**啟用 RBAC 的群集**復選框,則 GitLab 將假定與群集進行交互時禁用了 RBAC. 如果是這樣,則必須在群集上禁用 RBAC 才能使集成正常工作.
[](img/rbac_v13_1.png)
**注意:**禁用 RBAC 意味著群集中運行的任何應用程序或可以向群集進行身份驗證的用戶都具有完全的 API 訪問權限. 這是一個[安全問題](index.html#security-implications) ,可能不是所希望的.
為了有效地禁用 RBAC,可以應用全局權限來授予完全訪問權限:
```
kubectl create clusterrolebinding permissive-binding \
--clusterrole=cluster-admin \
--user=admin \
--user=kubelet \
--group=system:serviceaccounts
```
## Enabling or disabling integration[](#enabling-or-disabling-integration "Permalink")
成功創建新集群或添加現有集群后,即可啟用 Kubernetes 集群集成. 要禁用 Kubernetes 集群集成:
1. 導航到您的:
* 項目的 **操作> Kubernetes**頁面,用于項目級集群.
* 組的 **Kubernetes**頁面,用于組級別集群.
* **管理區>** **Kubernetes**頁面,用于實例級集群.
2. 單擊群集的名稱.
3. 單擊**GitLab 集成**切換.
4. Click **保存更改**.
## Removing integration[](#removing-integration "Permalink")
要從您的項目中刪除 Kubernetes 集群集成,請首先導航到集群詳細信息頁面的**Advanced Settings**選項卡,然后執行以下任一操作:
* 選擇**刪除集成** ,僅刪除 Kubernetes 集成.
* [從 GitLab 12.6 中](https://gitlab.com/gitlab-org/gitlab/-/issues/26815) ,選擇**刪除集成和資源** ,以在**刪除集成時**也刪除所有相關的 GitLab 集群資源(例如,名稱空間,角色和綁定).
刪除集群集成時,請注意:
* 您需要具有維護人員及以上[權限](../../permissions.html)才能刪除 Kubernetes 集群集成.
* 刪除集群時,只刪除其與 GitLab 的關系,而不刪除集群本身. 要刪除集群,可以通過訪問 GKE 或 EKS 儀表板或使用`kubectl`來`kubectl` .
## Learn more[](#learn-more "Permalink")
要了解有關自動部署應用程序的更多信息,請閱讀有關[Auto DevOps](../../../topics/autodevops/index.html) .
- GitLab Docs
- Installation
- Requirements
- GitLab cloud native Helm Chart
- Install GitLab with Docker
- Installation from source
- Install GitLab on Microsoft Azure
- Installing GitLab on Google Cloud Platform
- Installing GitLab on Amazon Web Services (AWS)
- Analytics
- Code Review Analytics
- Productivity Analytics
- Value Stream Analytics
- Kubernetes clusters
- Adding and removing Kubernetes clusters
- Adding EKS clusters
- Adding GKE clusters
- Group-level Kubernetes clusters
- Instance-level Kubernetes clusters
- Canary Deployments
- Cluster Environments
- Deploy Boards
- GitLab Managed Apps
- Crossplane configuration
- Cluster management project (alpha)
- Kubernetes Logs
- Runbooks
- Serverless
- Deploying AWS Lambda function using GitLab CI/CD
- Securing your deployed applications
- Groups
- Contribution Analytics
- Custom group-level project templates
- Epics
- Manage epics
- Group Import/Export
- Insights
- Issues Analytics
- Iterations
- Public access
- SAML SSO for GitLab.com groups
- SCIM provisioning using SAML SSO for GitLab.com groups
- Subgroups
- Roadmap
- Projects
- GitLab Secure
- Security Configuration
- Container Scanning
- Dependency Scanning
- Dependency List
- Static Application Security Testing (SAST)
- Secret Detection
- Dynamic Application Security Testing (DAST)
- GitLab Security Dashboard
- Offline environments
- Standalone Vulnerability pages
- Security scanner integration
- Badges
- Bulk editing issues and merge requests at the project level
- Code Owners
- Compliance
- License Compliance
- Compliance Dashboard
- Create a project
- Description templates
- Deploy Keys
- Deploy Tokens
- File finder
- Project integrations
- Integrations
- Atlassian Bamboo CI Service
- Bugzilla Service
- Custom Issue Tracker service
- Discord Notifications service
- Enabling emails on push
- GitHub project integration
- Hangouts Chat service
- Atlassian HipChat
- Irker IRC Gateway
- GitLab Jira integration
- Mattermost Notifications Service
- Mattermost slash commands
- Microsoft Teams service
- Mock CI Service
- Prometheus integration
- Redmine Service
- Slack Notifications Service
- Slack slash commands
- GitLab Slack application
- Webhooks
- YouTrack Service
- Insights
- Issues
- Crosslinking Issues
- Design Management
- Confidential issues
- Due dates
- Issue Boards
- Issue Data and Actions
- Labels
- Managing issues
- Milestones
- Multiple Assignees for Issues
- Related issues
- Service Desk
- Sorting and ordering issue lists
- Issue weight
- Associate a Zoom meeting with an issue
- Merge requests
- Allow collaboration on merge requests across forks
- Merge Request Approvals
- Browser Performance Testing
- How to create a merge request
- Cherry-pick changes
- Code Quality
- Load Performance Testing
- Merge Request dependencies
- Fast-forward merge requests
- Merge when pipeline succeeds
- Merge request conflict resolution
- Reverting changes
- Reviewing and managing merge requests
- Squash and merge
- Merge requests versions
- Draft merge requests
- Members of a project
- Migrating projects to a GitLab instance
- Import your project from Bitbucket Cloud to GitLab
- Import your project from Bitbucket Server to GitLab
- Migrating from ClearCase
- Migrating from CVS
- Import your project from FogBugz to GitLab
- Gemnasium
- Import your project from GitHub to GitLab
- Project importing from GitLab.com to your private GitLab instance
- Import your project from Gitea to GitLab
- Import your Jira project issues to GitLab
- Migrating from Perforce Helix
- Import Phabricator tasks into a GitLab project
- Import multiple repositories by uploading a manifest file
- Import project from repo by URL
- Migrating from SVN to GitLab
- Migrating from TFVC to Git
- Push Options
- Releases
- Repository
- Branches
- Git Attributes
- File Locking
- Git file blame
- Git file history
- Repository mirroring
- Protected branches
- Protected tags
- Push Rules
- Reduce repository size
- Signing commits with GPG
- Syntax Highlighting
- GitLab Web Editor
- Web IDE
- Requirements Management
- Project settings
- Project import/export
- Project access tokens (Alpha)
- Share Projects with other Groups
- Snippets
- Static Site Editor
- Wiki
- Project operations
- Monitor metrics for your CI/CD environment
- Set up alerts for Prometheus metrics
- Embedding metric charts within GitLab-flavored Markdown
- Embedding Grafana charts
- Using the Metrics Dashboard
- Dashboard YAML properties
- Metrics dashboard settings
- Panel types for dashboards
- Using Variables
- Templating variables for metrics dashboards
- Prometheus Metrics library
- Monitoring AWS Resources
- Monitoring HAProxy
- Monitoring Kubernetes
- Monitoring NGINX
- Monitoring NGINX Ingress Controller
- Monitoring NGINX Ingress Controller with VTS metrics
- Alert Management
- Error Tracking
- Tracing
- Incident Management
- GitLab Status Page
- Feature Flags
- GitLab CI/CD
- GitLab CI/CD pipeline configuration reference
- GitLab CI/CD include examples
- Introduction to CI/CD with GitLab
- Getting started with GitLab CI/CD
- How to enable or disable GitLab CI/CD
- Using SSH keys with GitLab CI/CD
- Migrating from CircleCI
- Migrating from Jenkins
- Auto DevOps
- Getting started with Auto DevOps
- Requirements for Auto DevOps
- Customizing Auto DevOps
- Stages of Auto DevOps
- Upgrading PostgreSQL for Auto DevOps
- Cache dependencies in GitLab CI/CD
- GitLab ChatOps
- Cloud deployment
- Docker integration
- Building Docker images with GitLab CI/CD
- Using Docker images
- Building images with kaniko and GitLab CI/CD
- GitLab CI/CD environment variables
- Predefined environment variables reference
- Where variables can be used
- Deprecated GitLab CI/CD variables
- Environments and deployments
- Protected Environments
- GitLab CI/CD Examples
- Test a Clojure application with GitLab CI/CD
- Using Dpl as deployment tool
- Testing a Phoenix application with GitLab CI/CD
- End-to-end testing with GitLab CI/CD and WebdriverIO
- DevOps and Game Dev with GitLab CI/CD
- Deploy a Spring Boot application to Cloud Foundry with GitLab CI/CD
- How to deploy Maven projects to Artifactory with GitLab CI/CD
- Testing PHP projects
- Running Composer and NPM scripts with deployment via SCP in GitLab CI/CD
- Test and deploy Laravel applications with GitLab CI/CD and Envoy
- Test and deploy a Python application with GitLab CI/CD
- Test and deploy a Ruby application with GitLab CI/CD
- Test and deploy a Scala application to Heroku
- GitLab CI/CD for external repositories
- Using GitLab CI/CD with a Bitbucket Cloud repository
- Using GitLab CI/CD with a GitHub repository
- GitLab Pages
- GitLab Pages
- GitLab Pages domain names, URLs, and baseurls
- Create a GitLab Pages website from scratch
- Custom domains and SSL/TLS Certificates
- GitLab Pages integration with Let's Encrypt
- GitLab Pages Access Control
- Exploring GitLab Pages
- Incremental Rollouts with GitLab CI/CD
- Interactive Web Terminals
- Optimizing GitLab for large repositories
- Metrics Reports
- CI/CD pipelines
- Pipeline Architecture
- Directed Acyclic Graph
- Multi-project pipelines
- Parent-child pipelines
- Pipelines for Merge Requests
- Pipelines for Merged Results
- Merge Trains
- Job artifacts
- Pipeline schedules
- Pipeline settings
- Triggering pipelines through the API
- Review Apps
- Configuring GitLab Runners
- GitLab CI services examples
- Using MySQL
- Using PostgreSQL
- Using Redis
- Troubleshooting CI/CD
- GitLab Package Registry
- GitLab Container Registry
- Dependency Proxy
- GitLab Composer Repository
- GitLab Conan Repository
- GitLab Maven Repository
- GitLab NPM Registry
- GitLab NuGet Repository
- GitLab PyPi Repository
- API Docs
- API resources
- .gitignore API
- GitLab CI YMLs API
- Group and project access requests API
- Appearance API
- Applications API
- Audit Events API
- Avatar API
- Award Emoji API
- Project badges API
- Group badges API
- Branches API
- Broadcast Messages API
- Project clusters API
- Group clusters API
- Instance clusters API
- Commits API
- Container Registry API
- Custom Attributes API
- Dashboard annotations API
- Dependencies API
- Deploy Keys API
- Deployments API
- Discussions API
- Dockerfiles API
- Environments API
- Epics API
- Events
- Feature Flags API
- Feature flag user lists API
- Freeze Periods API
- Geo Nodes API
- Group Activity Analytics API
- Groups API
- Import API
- Issue Boards API
- Group Issue Boards API
- Issues API
- Epic Issues API
- Issues Statistics API
- Jobs API
- Keys API
- Labels API
- Group Labels API
- License
- Licenses API
- Issue links API
- Epic Links API
- Managed Licenses API
- Markdown API
- Group and project members API
- Merge request approvals API
- Merge requests API
- Project milestones API
- Group milestones API
- Namespaces API
- Notes API
- Notification settings API
- Packages API
- Pages domains API
- Pipeline schedules API
- Pipeline triggers API
- Pipelines API
- Project Aliases API
- Project import/export API
- Project repository storage moves API
- Project statistics API
- Project templates API
- Projects API
- Protected branches API
- Protected tags API
- Releases API
- Release links API
- Repositories API
- Repository files API
- Repository submodules API
- Resource label events API
- Resource milestone events API
- Resource weight events API
- Runners API
- SCIM API
- Search API
- Services API
- Application settings API
- Sidekiq Metrics API
- Snippets API
- Project snippets
- Application statistics API
- Suggest Changes API
- System hooks API
- Tags API
- Todos API
- Users API
- Project-level Variables API
- Group-level Variables API
- Version API
- Vulnerabilities API
- Vulnerability Findings API
- Wikis API
- GraphQL API
- Getting started with GitLab GraphQL API
- GraphQL API Resources
- API V3 to API V4
- Validate the .gitlab-ci.yml (API)
- User Docs
- Abuse reports
- User account
- Active sessions
- Deleting a User account
- Permissions
- Personal access tokens
- Profile preferences
- Threads
- GitLab and SSH keys
- GitLab integrations
- Git
- GitLab.com settings
- Infrastructure as code with Terraform and GitLab
- GitLab keyboard shortcuts
- GitLab Markdown
- AsciiDoc
- GitLab Notification Emails
- GitLab Quick Actions
- Autocomplete characters
- Reserved project and group names
- Search through GitLab
- Advanced Global Search
- Advanced Syntax Search
- Time Tracking
- GitLab To-Do List
- Administrator Docs
- Reference architectures
- Reference architecture: up to 1,000 users
- Reference architecture: up to 2,000 users
- Reference architecture: up to 3,000 users
- Reference architecture: up to 5,000 users
- Reference architecture: up to 10,000 users
- Reference architecture: up to 25,000 users
- Reference architecture: up to 50,000 users
- Troubleshooting a reference architecture set up
- Working with the bundled Consul service
- Configuring PostgreSQL for scaling
- Configuring GitLab application (Rails)
- Load Balancer for multi-node GitLab
- Configuring a Monitoring node for Scaling and High Availability
- NFS
- Working with the bundled PgBouncer service
- Configuring Redis for scaling
- Configuring Sidekiq
- Admin Area settings
- Continuous Integration and Deployment Admin settings
- Custom instance-level project templates
- Diff limits administration
- Enable and disable GitLab features deployed behind feature flags
- Geo nodes Admin Area
- GitLab Pages administration
- Health Check
- Job logs
- Labels administration
- Log system
- PlantUML & GitLab
- Repository checks
- Repository storage paths
- Repository storage types
- Account and limit settings
- Service templates
- System hooks
- Changing your time zone
- Uploads administration
- Abuse reports
- Activating and deactivating users
- Audit Events
- Blocking and unblocking users
- Broadcast Messages
- Elasticsearch integration
- Gitaly
- Gitaly Cluster
- Gitaly reference
- Monitoring GitLab
- Monitoring GitLab with Prometheus
- Performance Bar
- Usage statistics
- Object Storage
- Performing Operations in GitLab
- Cleaning up stale Redis sessions
- Fast lookup of authorized SSH keys in the database
- Filesystem Performance Benchmarking
- Moving repositories managed by GitLab
- Run multiple Sidekiq processes
- Sidekiq MemoryKiller
- Switching to Puma
- Understanding Unicorn and unicorn-worker-killer
- User lookup via OpenSSH's AuthorizedPrincipalsCommand
- GitLab Package Registry administration
- GitLab Container Registry administration
- Replication (Geo)
- Geo database replication
- Geo with external PostgreSQL instances
- Geo configuration
- Using a Geo Server
- Updating the Geo nodes
- Geo with Object storage
- Docker Registry for a secondary node
- Geo for multiple nodes
- Geo security review (Q&A)
- Location-aware Git remote URL with AWS Route53
- Tuning Geo
- Removing secondary Geo nodes
- Geo data types support
- Geo Frequently Asked Questions
- Geo Troubleshooting
- Geo validation tests
- Disaster Recovery (Geo)
- Disaster recovery for planned failover
- Bring a demoted primary node back online
- Automatic background verification
- Rake tasks
- Back up and restore GitLab
- Clean up
- Namespaces
- Maintenance Rake tasks
- Geo Rake Tasks
- GitHub import
- Import bare repositories
- Integrity check Rake task
- LDAP Rake tasks
- Listing repository directories
- Praefect Rake tasks
- Project import/export administration
- Repository storage Rake tasks
- Generate sample Prometheus data
- Uploads migrate Rake tasks
- Uploads sanitize Rake tasks
- User management
- Webhooks administration
- X.509 signatures
- Server hooks
- Static objects external storage
- Updating GitLab
- GitLab release and maintenance policy
- Security
- Password Storage
- Custom password length limits
- Restrict allowed SSH key technologies and minimum length
- Rate limits
- Webhooks and insecure internal web services
- Information exclusivity
- How to reset your root password
- How to unlock a locked user from the command line
- User File Uploads
- How we manage the TLS protocol CRIME vulnerability
- User email confirmation at sign-up
- Security of running jobs
- Proxying assets
- CI/CD Environment Variables
- Contributor and Development Docs
- Contribute to GitLab
- Community members & roles
- Implement design & UI elements
- Issues workflow
- Merge requests workflow
- Code Review Guidelines
- Style guides
- GitLab Architecture Overview
- CI/CD development documentation
- Database guides
- Database Review Guidelines
- Database Review Guidelines
- Migration Style Guide
- What requires downtime?
- Understanding EXPLAIN plans
- Rake tasks for developers
- Mass inserting Rails models
- GitLab Documentation guidelines
- Documentation Style Guide
- Documentation structure and template
- Documentation process
- Documentation site architecture
- Global navigation
- GitLab Docs monthly release process
- Telemetry Guide
- Usage Ping Guide
- Snowplow Guide
- Experiment Guide
- Feature flags in development of GitLab
- Feature flags process
- Developing with feature flags
- Feature flag controls
- Document features deployed behind feature flags
- Frontend Development Guidelines
- Accessibility & Readability
- Ajax
- Architecture
- Axios
- Design Patterns
- Frontend Development Process
- DropLab
- Emojis
- Filter
- Frontend FAQ
- GraphQL
- Icons and SVG Illustrations
- InputSetter
- Performance
- Principles
- Security
- Tooling
- Vuex
- Vue
- Geo (development)
- Geo self-service framework (alpha)
- Gitaly developers guide
- GitLab development style guides
- API style guide
- Go standards and style guidelines
- GraphQL API style guide
- Guidelines for shell commands in the GitLab codebase
- HTML style guide
- JavaScript style guide
- Migration Style Guide
- Newlines style guide
- Python Development Guidelines
- SCSS style guide
- Shell scripting standards and style guidelines
- Sidekiq debugging
- Sidekiq Style Guide
- SQL Query Guidelines
- Vue.js style guide
- Instrumenting Ruby code
- Testing standards and style guidelines
- Flaky tests
- Frontend testing standards and style guidelines
- GitLab tests in the Continuous Integration (CI) context
- Review Apps
- Smoke Tests
- Testing best practices
- Testing levels
- Testing Rails migrations at GitLab
- Testing Rake tasks
- End-to-end Testing
- Beginner's guide to writing end-to-end tests
- End-to-end testing Best Practices
- Dynamic Element Validation
- Flows in GitLab QA
- Page objects in GitLab QA
- Resource class in GitLab QA
- Style guide for writing end-to-end tests
- Testing with feature flags
- Translate GitLab to your language
- Internationalization for GitLab
- Translating GitLab
- Proofread Translations
- Merging translations from CrowdIn
- Value Stream Analytics development guide
- GitLab subscription
- Activate GitLab EE with a license