delta/gitlab/gitlab-ce.git/spec/services/clusters, branch scripts-differences gitlab.com: gitlab-org/gitlab-ce.git Use separate Kubernetes namespaces per environment 2019-08-07T04:40:29+00:00 Tiger Watson twatson@gitlab.com 2019-08-07T04:40:29+00:00 36a01a88ce4c35f3d2b455c7943eeb9649b51163 Kubernetes deployments on new clusters will now have a separate namespace per project environment, instead of sharing a single namespace for the project. Behaviour of existing clusters is unchanged. All new functionality is controlled by the :kubernetes_namespace_per_environment feature flag, which is safe to enable/disable at any time. 
Kubernetes deployments on new clusters will now have
a separate namespace per project environment, instead
of sharing a single namespace for the project.

Behaviour of existing clusters is unchanged.

All new functionality is controlled by the
:kubernetes_namespace_per_environment feature flag,
which is safe to enable/disable at any time.
Remove unused Clusters::RefreshService 2019-07-29T02:04:18+00:00 Tiger twatson@gitlab.com 2019-07-29T02:04:18+00:00 ce0d74c26b6499062e5dd28f2000c18dfefabf92 Also removes all logic from ClusterConfigureWorker and ClusterProjectConfigureWorker, which are also no longer used. 
Also removes all logic from ClusterConfigureWorker
and ClusterProjectConfigureWorker, which are also
no longer used.
Enable GitLabb runner to be uninstalled from cluster 2019-07-16T16:11:10+00:00 João Cunha j.a.cunha@gmail.com 2019-07-16T16:11:10+00:00 bd31c4be0d7cfcb0c2cc887a66c313c592ce8e88 - Set as uninstallable app - Update docs - Adjust specs 
- Set as uninstallable app
- Update docs
- Adjust specs
Give Knative serving permissions to service account 2019-07-11T11:26:15+00:00 Hordur Freyr Yngvason hfyngvason@gitlab.com 2019-07-11T11:26:15+00:00 6971fd261dd63ac7698da9d4e5337af6f053dddd GitLab uses a kubernetes service account to perform deployments. For serverless deployments to work as expected with externally created clusters with their own knative installations (e.g. via Cloud Run), this account requires additional permissions in the serving.knative.dev API group. 
GitLab uses a kubernetes service account to perform deployments. For
serverless deployments to work as expected with externally created
clusters with their own knative installations (e.g. via Cloud Run), this
account requires additional permissions in the serving.knative.dev API
group.
Merge branch '60617-enable-project-cluster-jit' into 'master' 2019-06-24T05:16:31+00:00 Thong Kuah tkuah@gitlab.com 2019-06-24T05:16:31+00:00 d9f4a919458721bd9ffae4d4e69bf17d18bd3be8 Enable JIT Kubernetes resource creation for project level clusters See merge request gitlab-org/gitlab-ce!29515 
Enable JIT Kubernetes resource creation for project level clusters

See merge request gitlab-org/gitlab-ce!29515
 Retry fetching Kubernetes Secret token 2019-06-21T06:36:34+00:00 Dylan Griffith dyl.griffith@gmail.com 2019-06-21T05:13:54+00:00 4855667dad5d1ff61725bebf0683f0491bffc87c Since Kubernetes is creating the Secret and token asynchronously it is necessary that we implement some delay or retrying logic to avoid a race condition where we fetch a Secret before the token is even set. There does not appear to be any way for us to force it to be set with any synchronous API call so retrying seems to be the only option. 
Since Kubernetes is creating the Secret and token asynchronously it is
necessary that we implement some delay or retrying logic to avoid a race
condition where we fetch a Secret before the token is even set. There
does not appear to be any way for us to force it to be set with any
synchronous API call so retrying seems to be the only option.
Enable project-level JIT resource creation 2019-06-18T02:43:52+00:00 Tiger twatson@gitlab.com 2019-06-11T23:44:18+00:00 74702f0e0e05bc346338fbd11b596fcbedfbaea6 Previously this behaviour was only available to group and instance-level clusters, as some project clusters relied on Kubernetes credentials being passed through to the runner instead of having their resources managed by GitLab (which is not available when using JIT). These clusters have been migrated to unmanaged, so resources can be created on demand for the remaining managed clusters. 
Previously this behaviour was only available to group
and instance-level clusters, as some project clusters
relied on Kubernetes credentials being passed through
to the runner instead of having their resources managed
by GitLab (which is not available when using JIT). These
clusters have been migrated to unmanaged, so resources
can be created on demand for the remaining managed clusters.
Remove legacy Kubernetes #actual_namespace 2019-05-21T16:38:11+00:00 Tiger twatson@gitlab.com 2019-05-16T22:49:12+00:00 101c4480b32044682e453753c6bb18c2a296b044 When Kubernetes clusters were originally built they could only exist at the project level, and so there was logic included that assumed there would only ever be a single Kubernetes namespace per cluster. We now support clusters at the group and instance level, which allows multiple namespaces. This change consolidates various project-specific fallbacks to generate namespaces, and hands all responsibility to the Clusters::KubernetesNamespace model. There is now no concept of a single namespace for a Clusters::Platforms::Kubernetes; to retrieve a namespace a project must now be supplied in all cases. This simplifies upcoming work to use a separate Kubernetes namespace per project environment (instead of a namespace per project). 
When Kubernetes clusters were originally built they could only
exist at the project level, and so there was logic included
that assumed there would only ever be a single Kubernetes
namespace per cluster. We now support clusters at the group
and instance level, which allows multiple namespaces.

This change consolidates various project-specific fallbacks to
generate namespaces, and hands all responsibility to the
Clusters::KubernetesNamespace model. There is now no concept of
a single namespace for a Clusters::Platforms::Kubernetes; to
retrieve a namespace a project must now be supplied in all cases.

This simplifies upcoming work to use a separate Kubernetes
namespace per project environment (instead of a namespace
per project).
Stop configuring group clusters on creation 2019-05-17T01:18:42+00:00 Tiger twatson@gitlab.com 2019-04-11T03:26:10+00:00 fa5a6ae172584c5c33665a6efa4a6aa4efaea9ad Immediate configuration is not ideal for group and instance level clusters as projects that may never be deployed would still have Kubernetes namespaces and service accounts created for them. As of https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/25586 we now create only the resources that are required for the project being deployed, at the time of deployment. 
Immediate configuration is not ideal for group and instance
level clusters as projects that may never be deployed would
still have Kubernetes namespaces and service accounts created
for them.

As of https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/25586
we now create only the resources that are required for the
project being deployed, at the time of deployment.
Instance level kubernetes clusters admin 2019-05-06T20:37:03+00:00 James Fargher proglottis@gmail.com 2019-04-10T02:13:43+00:00 733da6d6a015e8c951dcc02250cfe1fab87789c0 Instance level clusters were already mostly supported, this change adds admin area controllers for cluster CRUD 
Instance level clusters were already mostly supported, this change adds
admin area controllers for cluster CRUD