GitlabCI and Kubernetes
#build #test and #deploy your projects like a #pro

Paolo Mainardi (@paolomainardi)
● CTO @sparkfabrik
● OSS developer, devops automation engineer
● Checkout my projects here: github.com/paolomainardi

Let’s start with
questions

● You know what Kubernetes is
● You ever used gitlab ci
● You already have a CI/CD pipeline workflow
Raise your hands if

Outlines
● What are Kubernetes and Gitlab
● How to create a cluster powered CI/CD pipeline
● Tips and tricks on real world usage.

Continuous integration is a tough job...
Credits: deis.com/blog/2016/kubernetes-illustrated-guide/

Containerize Everything

Cloud native applications

Cloud-native is an approach to building and running applications
that fully exploits the advantages of the cloud computing model.
https://12factor.net - https://pivotal.io/cloud-native

● Handle of application dependencies
● Dev/prod environments parity
● Orchestrate services
● Make easy to deploy to cloud clustered environments
Continuous integration is a tough job...

Continuous delivery is a software engineering approach to ensure
that the software can be reliably released at any time.
CD Continuous delivery

Continuous deployment is a software engineering approach to ensure
that the every change is automatically deployed to production.
CD Continuous deployment

Cloud orchestrators
9%43% 7%
Source: https://sysdig.com/blog/sysdig-docker-usage-report-2017

Kubernetes
● A system for container management in a clustered environment, open sourced by
Google and inspired by the Borg project.
● Multiple container engines (Docker, rkt, OCI), mainly based on Docker.
● Provides grouping, load balancing, scaling, monitoring and scheduling features
with an unified and declarative API.
● 100% open source and written in GO - https://github.com/kubernetes/kubernetes

Kubernetes the hard way: Custom installers
Kubernetes installation is fairly complex, pick up the right solution:
https://kubernetes.io/docs/setup/pick-right-solution
https://github.com/kubernetes/kubeadm - https://github.com/kubernetes/kops

Kubernetes the easier way: Google GKE
One-click Kubernetes clusters, managed by Google:
https://cloud.google.com/container-engine

Kubernetes the easy way: Google GKE
● Fully managed HA Kubernetes cluster (free up to 5 nodes)
● Logging and monitoring included (Stackdriver)
● Private container registry - https://cloud.google.com/container-registry/
● Automatic and configurable cluster scaling

Kubernetes the easy way: Google GKE
gcloud container clusters list
NAME ZONE MASTER_VERSION MASTER_IP MACHINE_TYPE NODE_VERSION NUM_NODES STATUS
My-testing-clust europe-west1-b 1.5.6 172.199.00.000 n1-standard-1 1.5.6 2 RUNNING

Gitlab
The platform for modern developers
GitLab unifies issues, code review, CI and CD into a single UI
https://about.gitlab.com

Gitlab Runner
The fully integrated solution to build test
and deploy your code.
https://about.gitlab.com/gitlab-ci/

Gitlab Runner
● It is the daemon that run the jobs and send the results back to Gitlab
● One single binary written in GO, very easy to deploy
● Allows to run multiple jobs concurrently
● Native supports for storing cache and artifacts
● It supports multiple build executors including Kubernetes
● Programmatic pipelines definition using a .gitlab-ci.yml file

Gitlab Kubernetes executor
The Kubernetes executor, connects to the Kubernetes API in the
cluster creating a Pod for each GitLab CI Job.
https://gitlab.com/gitlab-org/gitlab-ci-multi-runner/blob/master/docs/executors/kubernetes.md

config.toml
concurrent = 4
[[runners]]
name = "Kubernetes Runner"
url = "https://gitlab.com/ci"
token = "......"
executor = "kubernetes"
[runners.kubernetes]
host = "https://45.67.34.123:4892"
cert_file = "/etc/ssl/kubernetes/api.crt"
namespace = "gitlab"
privileged = true
cpu_limit = "1"
memory_limit = "1Gi"
service_cpu_limit = "1"
service_memory_limit = "1Gi"
helper_cpu_limit = "500m"
helper_memory_limit = "100Mi"
[runners.kubernetes.node_selector]
"cloud.google.com/gke-nodepool" = "gitlab-ci"
Container limits and resources
Node selector
Kubernetes host

.gitlab-ci.yml
image: docker:latest
stages:
- build
- deploy
build:
stage: build
script:
- docker build -t containerday/my-cool-app:${GIT_COMMIT} .
- docker run containerday/my-cool-app:${GIT_COMMIT} go test -run ./
- docker push containerday/my-cool-app:${GIT_COMMIT} .

Pipelines dashboard
ArtifactsStages
History

Pipeline details
Jobs

Job details

Continuous deployment
With environments, you can control the Continuous Deployment of
your software all within GitLab.
https://about.gitlab.com/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/

image: docker:latest .gitlab-ci.yml
stages:
- build
- deploy
build:
stage: build
script:
- docker build -t containerday/my-cool-app:${GIT_COMMIT} .
- docker run containerday/my-cool-app:${GIT_COMMIT} go test -run ./
- docker push containerday/my-cool-app:${GIT_COMMIT} .
deploy:
stage: deploy
environment:
name: production
url: http://foobar.example.com
variables:
- IMAGE_DEPLOY: containerday/image:${CI_BUILD_REF_NAME}
scripts:
# auth
- kubectl config set-cluster my-cluster --server="$KUBE_URL" $KUBE_CLUSTER_OPTIONS
- kubectl config set-credentials my-cluster --token="$KUBE_TOKEN" $KUBE_CLUSTER_OPTIONS
# deploy
- envsubst < k8s/deployment.template.yml > "k8s/deployment.yml"
- kubectl apply -f k8s/deployment.yml

Gitlab continuous deployment
Web terminal

Gitlab continuous deployment
Monitoring with Prometheus
https://docs.gitlab.com/ce/user/project/integrations/prometheus.html

Continuous deployment with Kubernetes

Continuous deployment with Kubernetes

Running Gitlab on Kubernetes
Self hosting Gitlab on Kubernetes
https://gitlab.com/gitlab-org/kubernetes-gitlab-demo

Running Gitlab on Kubernetes tips&tricks
● Segment your cluster by labelling the nodes and use the nodeSelector
● Make a correct use of namespacing for deploying
● Adjust correctly the limits/requests resources of Gitlab executor to help the pod
scheduling
● Keep the k8s templates on version control together with the codebase
● Make a smart use of caches, remember than each job is a clean build env
● Gitlab is an open source project, submit issues and share the fixes

Troubleshooting and debugging
Accessing to a pod internal port
> kubectl port-forward mysql-pod [-c container] 3306:3306
> mysql -hlocalhost -uroot -

Troubleshooting and debugging
Getting a shell to a running container
> kubectl exec -it mysql-pod [-c container] bash

Troubleshooting and debugging
Show gitlab executor pod metrics
> kubectl top pod runner-329d5212-project-255-concurrent-07rxsl -ngitlab --containers
POD NAME CPU(cores) MEMORY(bytes)
runner-329d5212-project-255-concurrent-07rxsl build 1m 35Mi
runner-329d5212-project-255-concurrent-07rxsl helper 0m 13Mi
runner-329d5212-project-255-concurrent-07rxsl svc-0 604m 248Mi

Troubleshooting and debugging
Get container logs
> kubectl logs -f mysql-pod [-c container] bash

Troubleshooting and debugging
https://kubernetes.io/docs/user-guide/kubectl-cheatsheet/

That’s all folks, thanks!