- Create new cluster
- Add existing cluster
- Configure your cluster
- Disable a cluster
- Remove a cluster
- Access controls
- Troubleshooting
Add a cluster using cluster certificates (DEPRECATED)
Deprecated in GitLab 14.0.
Create new cluster
The certificate-based method for creating clusters from GitLab was deprecated in GitLab 14.0.
As of GitLab 14.0, use Infrastructure as Code to safely create your new cluster from GitLab.
The certificate-based method is deprecated and scheduled for removal in GitLab 15.0. However, you can still use it until then. Through this method, you can host your cluster in EKS, GKE, on premises, and with other providers. To host them on premises and with other providers, use either the EKS or GKE method to guide you through and enter your cluster’s settings manually:
- New cluster hosted on Google Kubernetes Engine (GKE).
- New cluster hosted on Amazon Elastic Kubernetes Service (EKS).
Add existing cluster
If you already have a cluster and want to integrate it with GitLab, see how to add an existing cluster.
Configure your cluster
As of GitLab 14.0, use the GitLab Kubernetes Agent to configure your cluster.
Disable a cluster
When you successfully create a new Kubernetes cluster or add an existing one to GitLab, the cluster connection to GitLab becomes enabled. To disable it:
- Go to your:
- Project’s Infrastructure > Kubernetes clusters page, for a project-level cluster.
- Group’s Kubernetes page, for a group-level cluster.
- Menu > Admin > Kubernetes page, for an instance-level cluster.
- Select the name of the cluster you want to disable.
- Toggle GitLab Integration off (in gray).
- Click Save changes.
Remove a cluster
Introduced in GitLab 12.6, you can remove cluster integrations and resources.
When you remove a cluster integration, you only remove the cluster relationship
to GitLab, not the cluster. To remove the cluster itself, visit your cluster’s
GKE or EKS dashboard to do it from their UI or use kubectl
.
You need at least Maintainer permissions to your project or group to remove the integration with GitLab.
When removing a cluster integration, you have two options:
- Remove integration: remove only the Kubernetes integration.
- Remove integration and resources: remove the cluster integration and all GitLab cluster-related resources such as namespaces, roles, and bindings.
To remove the Kubernetes cluster integration:
- Go to your cluster details page.
- Select the Advanced Settings tab.
- Select either Remove integration or Remove integration and resources.
Access controls
See cluster access controls (RBAC or ABAC).
Troubleshooting
There was a problem authenticating with your cluster. Please ensure your CA Certificate and Token are valid
If you encounter this error while adding a Kubernetes cluster, ensure you’re properly pasting the service token. Some shells may add a line break to the service token, making it invalid. Ensure that there are no line breaks by pasting your token into an editor and removing any additional spaces.
You may also experience this error if your certificate is not valid. To check that your certificate’s subject alternative names contain the correct domain for your cluster’s API, run this:
echo | openssl s_client -showcerts -connect kubernetes.example.com:443 2>/dev/null |
openssl x509 -inform pem -noout -text
Note that the -connect
argument expects a host:port
combination. For example, https://kubernetes.example.com
would be kubernetes.example.com:443
.