# Adding and removing Kubernetes clusters
> 原文:[https://docs.gitlab.com/ee/user/project/clusters/add_remove_clusters.html](https://docs.gitlab.com/ee/user/project/clusters/add_remove_clusters.html)
* [Before you begin](#before-you-begin)
* [Access controls](#access-controls)
* [Important notes](#important-notes)
* [RBAC cluster resources](#rbac-cluster-resources)
* [ABAC cluster resources](#abac-cluster-resources)
* [Security of GitLab Runners](#security-of-gitlab-runners)
* [Create new cluster](#create-new-cluster)
* [Add existing cluster](#add-existing-cluster)
* [Existing Kubernetes cluster](#existing-kubernetes-cluster)
* [Disable Role-Based Access Control (RBAC) (optional)](#disable-role-based-access-control-rbac-optional)
* [Enabling or disabling integration](#enabling-or-disabling-integration)
* [Removing integration](#removing-integration)
* [Learn more](#learn-more)
# Adding and removing Kubernetes clusters[](#adding-and-removing-kubernetes-clusters "Permalink")
GitLab 为以下 Kubernetes 提供者提供了集成的集群创建功能:
* Google Kubernetes 引擎(GKE).
* Amazon Elastic Kubernetes 服务(EKS).
GitLab 还可以与本地或托管的任何标准 Kubernetes 提供程序集成.
**注意:**观看[使用 GitLab 和 Google Cloud Platform 进行](https://about.gitlab.com/webcast/scalable-app-deploy/)的网络广播[可扩展应用程序部署,](https://about.gitlab.com/webcast/scalable-app-deploy/)并了解如何通过单击几下加速由 Google Cloud Platform(GCP)管理的 Kubernetes 集群.**提示:**每个新的 Google Cloud Platform(GCP)帐户[在注册后](https://console.cloud.google.com/freetrial)都会获得[$ 300 的信用额](https://console.cloud.google.com/freetrial) ,并且与 Google 合作,GitLab 能够为新的 GCP 帐户提供额外的$ 200,以开始使用 GitLab 的 Google Kubernetes Engine Integration. 您所要做的就是[点击此链接](https://cloud.google.com/partners/partnercredit/?pcn_code=0014M00001h35gDQAQ#contact-form)并申请信贷.
## Before you begin[](#before-you-begin "Permalink")
在使用 GitLab [添加 Kubernetes 集群](#create-new-cluster)之前,您需要:
* GitLab 本身. 要么:
* 一个[GitLab.com 帐户](https://about.gitlab.com/pricing/#gitlab-com) .
* 使用 GitLab 12.5 或更高版本的[自我管理安装](https://about.gitlab.com/pricing/#self-managed) . 这将确保 GitLab UI 可用于创建集群.
* 以下 GitLab 访问:
* [维护者](../../permissions.html#project-members-permissions)对项目级集群的项目[访问](../../permissions.html#project-members-permissions) .
* [维护者](../../permissions.html#group-members-permissions)对组级别集群的[访问权限](../../permissions.html#group-members-permissions) .
* 自我管理的实例级别群集的管理[区域访问](../../admin_area/index.html) .
## Access controls[](#access-controls "Permalink")
在 GitLab 中创建集群时,系统会询问您是否要创建以下任一集群:
* A [Role-based access control (RBAC)](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) cluster.
* An [Attribute-based access control (ABAC)](https://kubernetes.io/docs/reference/access-authn-authz/abac/) cluster.
**注意:**建议使用[RBAC](#rbac-cluster-resources) ,GitLab 为默认值.
GitLab 创建必要的服务帐户和特权,以安装和运行[GitLab 托管的应用程序](index.html#installing-applications) . 当 GitLab 创建集群时,将在`default`名称空间中创建具有`cluster-admin`特权的`gitlab`服务帐户,以管理新创建的集群.
**注意:**用于部署的受限服务帐户是在 GitLab 11.5 中[引入的](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/51716) .
The first time you install an application into your cluster, the `tiller` service account is created with `cluster-admin` privileges in the `gitlab-managed-apps` namespace. This service account will be used by Helm to install and run [GitLab managed applications](index.html#installing-applications).
Helm 还将为每个已安装的应用程序创建其他服务帐户和其他资源. 有关每个应用程序,请查阅 Helm 图表的文档.
如果要[添加现有的 Kubernetes 集群](add_remove_clusters.html#add-existing-cluster) ,请确保该帐户的令牌具有该集群的管理员特权.
GitLab 创建的资源取决于集群的类型.
### Important notes[](#important-notes "Permalink")
请注意以下有关访问控制的内容:
* 仅当集群[由 GitLab 管理时,](index.html#gitlab-managed-clusters)才会创建特定于环境的资源.
* 如果您的集群是在 GitLab 12.2 之前创建的,它将为所有项目环境使用单个名称空间.
### RBAC cluster resources[](#rbac-cluster-resources "Permalink")
GitLab 为 RBAC 集群创建以下资源.
| Name | Type | Details | 创建时间 |
| --- | --- | --- | --- |
| `gitlab` | `ServiceAccount` | `default` namespace | 创建一个新集群 |
| `gitlab-admin` | `ClusterRoleBinding` | [`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) roleRef | 创建一个新集群 |
| `gitlab-token` | `Secret` | `gitlab` ServiceAccount 的令牌 | 创建一个新集群 |
| `tiller` | `ServiceAccount` | `gitlab-managed-apps` namespace | 安装舵图 |
| `tiller-admin` | `ClusterRoleBinding` | `cluster-admin` roleRef | 安装舵图 |
| 环境名称空间 | `Namespace` | 包含所有特定于环境的资源 | 部署到集群 |
| 环境名称空间 | `ServiceAccount` | 使用环境的名称空间 | 部署到集群 |
| 环境名称空间 | `Secret` | 环境 ServiceAccount 的令牌 | 部署到集群 |
| 环境名称空间 | `RoleBinding` | [`edit`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) roleRef | 部署到集群 |
### ABAC cluster resources[](#abac-cluster-resources "Permalink")
GitLab 为 ABAC 群集创建以下资源.
| Name | Type | Details | 创建时间 |
| --- | --- | --- | --- |
| `gitlab` | `ServiceAccount` | `default` namespace | 创建一个新集群 |
| `gitlab-token` | `Secret` | `gitlab` ServiceAccount 的令牌 | 创建一个新集群 |
| `tiller` | `ServiceAccount` | `gitlab-managed-apps` namespace | 安装舵图 |
| `tiller-admin` | `ClusterRoleBinding` | `cluster-admin` roleRef | 安装舵图 |
| 环境名称空间 | `Namespace` | 包含所有特定于环境的资源 | 部署到集群 |
| 环境名称空间 | `ServiceAccount` | 使用环境的名称空间 | 部署到集群 |
| 环境名称空间 | `Secret` | 环境 ServiceAccount 的令牌 | 部署到集群 |
### Security of GitLab Runners[](#security-of-gitlab-runners "Permalink")
GitLab Runners 默认情况[下](https://docs.gitlab.com/runner/executors/docker.html)启用了[特权模式](https://docs.gitlab.com/runner/executors/docker.html) ,这使他们可以执行特殊命令并在 Docker 中运行 Docker. 运行某些[Auto DevOps](../../../topics/autodevops/index.html)作业需要此功能. 这意味着容器正在特权模式下运行,因此,您应该注意一些重要的细节.
特权标志为正在运行的容器提供了所有功能,而容器又可以执行主机可以执行的几乎所有操作. 请注意与对任意映像执行`docker run`操作相关的固有安全风险,因为它们有效地具有 root 用户访问权限.
如果您不想在特权模式下使用 GitLab Runner,请执行以下任一操作:
* 在 GitLab.com 上使用共享的跑步者. 他们没有这个安全问题.
* 使用[Shared Runners 中](../../gitlab_com/index.html#shared-runners)描述的配置来设置自己的[Runners](../../gitlab_com/index.html#shared-runners) . 这涉及:
1. 确保您没有通过[应用程序](index.html#installing-applications)安装它.
2. [使用`docker+machine`](https://docs.gitlab.com/runner/executors/docker_machine.html)安装 Runner.
## Create new cluster[](#create-new-cluster "Permalink")
可以使用 Google Kubernetes Engine(GKE)上的 GitLab 或 Amazon Elastic Kubernetes Service(EKS)在项目,组或实例级别上创建新集群:
1. 导航到您的:
* 项目的 **操作> Kubernetes**页面,用于项目级集群.
* 组的 **Kubernetes**页面,用于组级别集群.
* **管理区>** **Kubernetes**页面,用于实例级集群.
2. Click **添加 Kubernetes 集群**.
3. 单击**创建新集群**选项卡.
4. 单击**Amazon EKS**或**Google GKE** ,然后按照说明提供所需的服务:
* [亚马逊 EKS](add_eks_clusters.html#new-eks-cluster) .
* [Google GKE](add_gke_clusters.html#creating-the-cluster-on-gke) .
## Add existing cluster[](#add-existing-cluster "Permalink")
如果您已有 Kubernetes 集群,则可以将其添加到项目,组或实例中.
**注意:** arm64 集群不支持 Kubernetes 集成. 有关详细信息,请参阅问题[Helm Tiller 无法在 arm64 群集上安装](https://gitlab.com/gitlab-org/gitlab/-/issues/29838) .
### Existing Kubernetes cluster[](#existing-kubernetes-cluster "Permalink")
要将 Kubernetes 集群添加到您的项目,组或实例:
1. 导航到您的:
1. 项目的 **操作> Kubernetes**页面,用于项目级集群.
2. 组的 **Kubernetes**页面,用于组级别集群.
3. **管理区>** **Kubernetes**页面,用于实例级集群.
2. Click **添加 Kubernetes 集群**.
3. 单击**添加现有集群**选项卡,然后填写详细信息:
1. **Kubernetes 集群名称** (必填)-您希望为**集群指定**的名称.
2. **环境范围** (必需)- [与](index.html#setting-the-environment-scope-premium)此集群[相关的环境](index.html#setting-the-environment-scope-premium) .
3. **API URL** (必填)-这是 GitLab 用于访问 Kubernetes API 的 URL. Kubernetes 公开了几个 API,我们想要所有这些 API 通用的"基本" URL. 例如, `https://kubernetes.example.com`而不是`https://kubernetes.example.com/api/v1` .
通过运行以下命令获取 API URL:
```
kubectl cluster-info | grep 'Kubernetes master' | awk '/http/ {print $NF}'
```
4. **CA 证书** (必需)-需要有效的 Kubernetes 证书才能对集群进行身份验证. 我们将使用默认创建的证书.
1. 列出带有`kubectl get secrets` ,并且应将其命名类似于`default-token-xxxxx` . 复制该令牌名称以在下面使用.
2. 通过运行以下命令获取证书:
```
kubectl get secret <secret name> -o jsonpath = "{['data']['ca \. crt']}" | base64 --decode
```
**注意:**如果命令返回整个证书链,则需要在证书链的底部复制*根 ca*证书.
5. **令牌** -GitLab 使用服务令牌对 Kubernetes 进行身份验证,服务令牌的作用域是特定的`namespace` . **使用的令牌应属于具有[`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles)特权的服务帐户.** 要创建此服务帐户:
1. 创建一个名为`gitlab-admin-service-account.yaml` ,其内容为:
```
apiVersion : v1 kind : ServiceAccount metadata : name : gitlab-admin namespace : kube-system --- apiVersion : rbac.authorization.k8s.io/v1beta1 kind : ClusterRoleBinding metadata : name : gitlab-admin roleRef : apiGroup : rbac.authorization.k8s.io kind : ClusterRole name : cluster-admin subjects : - kind : ServiceAccount name : gitlab-admin namespace : kube-system
```
2. 将服务帐户和群集角色绑定应用于您的群集:
```
kubectl apply -f gitlab-admin-service-account.yaml
```
您将需要`container.clusterRoleBindings.create`权限来创建集群级角色. 如果您没有此权限,则可以选择启用基本身份验证,然后以管理员身份运行`kubectl apply`命令:
```
kubectl apply -f gitlab-admin-service-account.yaml --username = admin --password = <password>
```
**注意:**可以打开基本身份验证,并可以使用 Google Cloud Console 获取密码凭据.
输出:
```
serviceaccount "gitlab-admin" created clusterrolebinding "gitlab-admin" created
```
3. 检索`gitlab-admin`服务帐户的令牌:
```
kubectl -n kube-system describe secret $( kubectl -n kube-system get secret | grep gitlab-admin | awk '{print $1}' )
```
从输出中复制`<authentication_token>`值:
```
Name : gitlab-admin-token-b5zv4 Namespace : kube-system Labels : <none> Annotations : kubernetes.io/service-account.name=gitlab-admin kubernetes.io/service-account.uid=bcfe66ac-39be-11e8-97e8-026dce96b6e8 Type : kubernetes.io/service-account-token Data ==== ca.crt : 1025 bytes namespace : 11 bytes token : <authentication_token>
```
**注意:**对于 GKE 群集,您将需要`container.clusterRoleBindings.create`权限来创建群集角色绑定. 您可以按照[Google Cloud 文档](https://cloud.google.com/iam/docs/granting-changing-revoking-access)授予访问权限.
6. **由 GitLab 管理的群集** -如果要让 GitLab 管理该群集的名称空间和服务帐户,请选中此复选框. 有关更多信息,请参见[托管集群部分](index.html#gitlab-managed-clusters) .
7. **项目名称空间** (可选)-您不必填写它; 将其保留为空白,GitLab 将为您创建一个. 也:
* 每个项目应具有唯一的名称空间.
* 如果您正在使用具有更广泛权限的机密(例如`default`的机密),则项目名称空间不一定是机密的名称空间.
* 你**不**应该使用`default`为项目命名空间.
* 如果您或某人为项目专门创建了一个秘密(通常具有有限的权限),则该秘密的名称空间和项目名称空间可能是相同的.
4. 最后,单击**创建 Kubernetes 集群**按钮.
几分钟后,您的集群将准备就绪. 现在,您可以继续安装一些[预定义的应用程序](index.html#installing-applications) .
#### Disable Role-Based Access Control (RBAC) (optional)[](#disable-role-based-access-control-rbac-optional "Permalink")
通过 GitLab 集成连接集群时,您可以指定集群是否支持 RBAC. 这将影响 GitLab 如何与集群进行某些操作的交互. 如果您在创建时*未*选中**启用 RBAC 的群集**复选框,则 GitLab 将假定与群集进行交互时禁用了 RBAC. 如果是这样,则必须在群集上禁用 RBAC 才能使集成正常工作.
[](img/rbac_v13_1.png)
**注意:**禁用 RBAC 意味着群集中运行的任何应用程序或可以向群集进行身份验证的用户都具有完全的 API 访问权限. 这是一个[安全问题](index.html#security-implications) ,可能不是所希望的.
为了有效地禁用 RBAC,可以应用全局权限来授予完全访问权限:
```
kubectl create clusterrolebinding permissive-binding \
--clusterrole=cluster-admin \
--user=admin \
--user=kubelet \
--group=system:serviceaccounts
```
## Enabling or disabling integration[](#enabling-or-disabling-integration "Permalink")
成功创建新集群或添加现有集群后,即可启用 Kubernetes 集群集成. 要禁用 Kubernetes 集群集成:
1. 导航到您的:
* 项目的 **操作> Kubernetes**页面,用于项目级集群.
* 组的 **Kubernetes**页面,用于组级别集群.
* **管理区>** **Kubernetes**页面,用于实例级集群.
2. 单击群集的名称.
3. 单击**GitLab 集成**切换.
4. Click **保存更改**.
## Removing integration[](#removing-integration "Permalink")
要从您的项目中删除 Kubernetes 集群集成,请首先导航到集群详细信息页面的**Advanced Settings**选项卡,然后执行以下任一操作:
* 选择**删除集成** ,仅删除 Kubernetes 集成.
* [从 GitLab 12.6 中](https://gitlab.com/gitlab-org/gitlab/-/issues/26815) ,选择**删除集成和资源** ,以在**删除集成时**也删除所有相关的 GitLab 集群资源(例如,名称空间,角色和绑定).
删除集群集成时,请注意:
* 您需要具有维护人员及以上[权限](../../permissions.html)才能删除 Kubernetes 集群集成.
* 删除集群时,只删除其与 GitLab 的关系,而不删除集群本身. 要删除集群,可以通过访问 GKE 或 EKS 仪表板或使用`kubectl`来`kubectl` .
## Learn more[](#learn-more "Permalink")
要了解有关自动部署应用程序的更多信息,请阅读有关[Auto DevOps](../../../topics/autodevops/index.html) .
- GitLab Docs
- Installation
- Requirements
- GitLab cloud native Helm Chart
- Install GitLab with Docker
- Installation from source
- Install GitLab on Microsoft Azure
- Installing GitLab on Google Cloud Platform
- Installing GitLab on Amazon Web Services (AWS)
- Analytics
- Code Review Analytics
- Productivity Analytics
- Value Stream Analytics
- Kubernetes clusters
- Adding and removing Kubernetes clusters
- Adding EKS clusters
- Adding GKE clusters
- Group-level Kubernetes clusters
- Instance-level Kubernetes clusters
- Canary Deployments
- Cluster Environments
- Deploy Boards
- GitLab Managed Apps
- Crossplane configuration
- Cluster management project (alpha)
- Kubernetes Logs
- Runbooks
- Serverless
- Deploying AWS Lambda function using GitLab CI/CD
- Securing your deployed applications
- Groups
- Contribution Analytics
- Custom group-level project templates
- Epics
- Manage epics
- Group Import/Export
- Insights
- Issues Analytics
- Iterations
- Public access
- SAML SSO for GitLab.com groups
- SCIM provisioning using SAML SSO for GitLab.com groups
- Subgroups
- Roadmap
- Projects
- GitLab Secure
- Security Configuration
- Container Scanning
- Dependency Scanning
- Dependency List
- Static Application Security Testing (SAST)
- Secret Detection
- Dynamic Application Security Testing (DAST)
- GitLab Security Dashboard
- Offline environments
- Standalone Vulnerability pages
- Security scanner integration
- Badges
- Bulk editing issues and merge requests at the project level
- Code Owners
- Compliance
- License Compliance
- Compliance Dashboard
- Create a project
- Description templates
- Deploy Keys
- Deploy Tokens
- File finder
- Project integrations
- Integrations
- Atlassian Bamboo CI Service
- Bugzilla Service
- Custom Issue Tracker service
- Discord Notifications service
- Enabling emails on push
- GitHub project integration
- Hangouts Chat service
- Atlassian HipChat
- Irker IRC Gateway
- GitLab Jira integration
- Mattermost Notifications Service
- Mattermost slash commands
- Microsoft Teams service
- Mock CI Service
- Prometheus integration
- Redmine Service
- Slack Notifications Service
- Slack slash commands
- GitLab Slack application
- Webhooks
- YouTrack Service
- Insights
- Issues
- Crosslinking Issues
- Design Management
- Confidential issues
- Due dates
- Issue Boards
- Issue Data and Actions
- Labels
- Managing issues
- Milestones
- Multiple Assignees for Issues
- Related issues
- Service Desk
- Sorting and ordering issue lists
- Issue weight
- Associate a Zoom meeting with an issue
- Merge requests
- Allow collaboration on merge requests across forks
- Merge Request Approvals
- Browser Performance Testing
- How to create a merge request
- Cherry-pick changes
- Code Quality
- Load Performance Testing
- Merge Request dependencies
- Fast-forward merge requests
- Merge when pipeline succeeds
- Merge request conflict resolution
- Reverting changes
- Reviewing and managing merge requests
- Squash and merge
- Merge requests versions
- Draft merge requests
- Members of a project
- Migrating projects to a GitLab instance
- Import your project from Bitbucket Cloud to GitLab
- Import your project from Bitbucket Server to GitLab
- Migrating from ClearCase
- Migrating from CVS
- Import your project from FogBugz to GitLab
- Gemnasium
- Import your project from GitHub to GitLab
- Project importing from GitLab.com to your private GitLab instance
- Import your project from Gitea to GitLab
- Import your Jira project issues to GitLab
- Migrating from Perforce Helix
- Import Phabricator tasks into a GitLab project
- Import multiple repositories by uploading a manifest file
- Import project from repo by URL
- Migrating from SVN to GitLab
- Migrating from TFVC to Git
- Push Options
- Releases
- Repository
- Branches
- Git Attributes
- File Locking
- Git file blame
- Git file history
- Repository mirroring
- Protected branches
- Protected tags
- Push Rules
- Reduce repository size
- Signing commits with GPG
- Syntax Highlighting
- GitLab Web Editor
- Web IDE
- Requirements Management
- Project settings
- Project import/export
- Project access tokens (Alpha)
- Share Projects with other Groups
- Snippets
- Static Site Editor
- Wiki
- Project operations
- Monitor metrics for your CI/CD environment
- Set up alerts for Prometheus metrics
- Embedding metric charts within GitLab-flavored Markdown
- Embedding Grafana charts
- Using the Metrics Dashboard
- Dashboard YAML properties
- Metrics dashboard settings
- Panel types for dashboards
- Using Variables
- Templating variables for metrics dashboards
- Prometheus Metrics library
- Monitoring AWS Resources
- Monitoring HAProxy
- Monitoring Kubernetes
- Monitoring NGINX
- Monitoring NGINX Ingress Controller
- Monitoring NGINX Ingress Controller with VTS metrics
- Alert Management
- Error Tracking
- Tracing
- Incident Management
- GitLab Status Page
- Feature Flags
- GitLab CI/CD
- GitLab CI/CD pipeline configuration reference
- GitLab CI/CD include examples
- Introduction to CI/CD with GitLab
- Getting started with GitLab CI/CD
- How to enable or disable GitLab CI/CD
- Using SSH keys with GitLab CI/CD
- Migrating from CircleCI
- Migrating from Jenkins
- Auto DevOps
- Getting started with Auto DevOps
- Requirements for Auto DevOps
- Customizing Auto DevOps
- Stages of Auto DevOps
- Upgrading PostgreSQL for Auto DevOps
- Cache dependencies in GitLab CI/CD
- GitLab ChatOps
- Cloud deployment
- Docker integration
- Building Docker images with GitLab CI/CD
- Using Docker images
- Building images with kaniko and GitLab CI/CD
- GitLab CI/CD environment variables
- Predefined environment variables reference
- Where variables can be used
- Deprecated GitLab CI/CD variables
- Environments and deployments
- Protected Environments
- GitLab CI/CD Examples
- Test a Clojure application with GitLab CI/CD
- Using Dpl as deployment tool
- Testing a Phoenix application with GitLab CI/CD
- End-to-end testing with GitLab CI/CD and WebdriverIO
- DevOps and Game Dev with GitLab CI/CD
- Deploy a Spring Boot application to Cloud Foundry with GitLab CI/CD
- How to deploy Maven projects to Artifactory with GitLab CI/CD
- Testing PHP projects
- Running Composer and NPM scripts with deployment via SCP in GitLab CI/CD
- Test and deploy Laravel applications with GitLab CI/CD and Envoy
- Test and deploy a Python application with GitLab CI/CD
- Test and deploy a Ruby application with GitLab CI/CD
- Test and deploy a Scala application to Heroku
- GitLab CI/CD for external repositories
- Using GitLab CI/CD with a Bitbucket Cloud repository
- Using GitLab CI/CD with a GitHub repository
- GitLab Pages
- GitLab Pages
- GitLab Pages domain names, URLs, and baseurls
- Create a GitLab Pages website from scratch
- Custom domains and SSL/TLS Certificates
- GitLab Pages integration with Let's Encrypt
- GitLab Pages Access Control
- Exploring GitLab Pages
- Incremental Rollouts with GitLab CI/CD
- Interactive Web Terminals
- Optimizing GitLab for large repositories
- Metrics Reports
- CI/CD pipelines
- Pipeline Architecture
- Directed Acyclic Graph
- Multi-project pipelines
- Parent-child pipelines
- Pipelines for Merge Requests
- Pipelines for Merged Results
- Merge Trains
- Job artifacts
- Pipeline schedules
- Pipeline settings
- Triggering pipelines through the API
- Review Apps
- Configuring GitLab Runners
- GitLab CI services examples
- Using MySQL
- Using PostgreSQL
- Using Redis
- Troubleshooting CI/CD
- GitLab Package Registry
- GitLab Container Registry
- Dependency Proxy
- GitLab Composer Repository
- GitLab Conan Repository
- GitLab Maven Repository
- GitLab NPM Registry
- GitLab NuGet Repository
- GitLab PyPi Repository
- API Docs
- API resources
- .gitignore API
- GitLab CI YMLs API
- Group and project access requests API
- Appearance API
- Applications API
- Audit Events API
- Avatar API
- Award Emoji API
- Project badges API
- Group badges API
- Branches API
- Broadcast Messages API
- Project clusters API
- Group clusters API
- Instance clusters API
- Commits API
- Container Registry API
- Custom Attributes API
- Dashboard annotations API
- Dependencies API
- Deploy Keys API
- Deployments API
- Discussions API
- Dockerfiles API
- Environments API
- Epics API
- Events
- Feature Flags API
- Feature flag user lists API
- Freeze Periods API
- Geo Nodes API
- Group Activity Analytics API
- Groups API
- Import API
- Issue Boards API
- Group Issue Boards API
- Issues API
- Epic Issues API
- Issues Statistics API
- Jobs API
- Keys API
- Labels API
- Group Labels API
- License
- Licenses API
- Issue links API
- Epic Links API
- Managed Licenses API
- Markdown API
- Group and project members API
- Merge request approvals API
- Merge requests API
- Project milestones API
- Group milestones API
- Namespaces API
- Notes API
- Notification settings API
- Packages API
- Pages domains API
- Pipeline schedules API
- Pipeline triggers API
- Pipelines API
- Project Aliases API
- Project import/export API
- Project repository storage moves API
- Project statistics API
- Project templates API
- Projects API
- Protected branches API
- Protected tags API
- Releases API
- Release links API
- Repositories API
- Repository files API
- Repository submodules API
- Resource label events API
- Resource milestone events API
- Resource weight events API
- Runners API
- SCIM API
- Search API
- Services API
- Application settings API
- Sidekiq Metrics API
- Snippets API
- Project snippets
- Application statistics API
- Suggest Changes API
- System hooks API
- Tags API
- Todos API
- Users API
- Project-level Variables API
- Group-level Variables API
- Version API
- Vulnerabilities API
- Vulnerability Findings API
- Wikis API
- GraphQL API
- Getting started with GitLab GraphQL API
- GraphQL API Resources
- API V3 to API V4
- Validate the .gitlab-ci.yml (API)
- User Docs
- Abuse reports
- User account
- Active sessions
- Deleting a User account
- Permissions
- Personal access tokens
- Profile preferences
- Threads
- GitLab and SSH keys
- GitLab integrations
- Git
- GitLab.com settings
- Infrastructure as code with Terraform and GitLab
- GitLab keyboard shortcuts
- GitLab Markdown
- AsciiDoc
- GitLab Notification Emails
- GitLab Quick Actions
- Autocomplete characters
- Reserved project and group names
- Search through GitLab
- Advanced Global Search
- Advanced Syntax Search
- Time Tracking
- GitLab To-Do List
- Administrator Docs
- Reference architectures
- Reference architecture: up to 1,000 users
- Reference architecture: up to 2,000 users
- Reference architecture: up to 3,000 users
- Reference architecture: up to 5,000 users
- Reference architecture: up to 10,000 users
- Reference architecture: up to 25,000 users
- Reference architecture: up to 50,000 users
- Troubleshooting a reference architecture set up
- Working with the bundled Consul service
- Configuring PostgreSQL for scaling
- Configuring GitLab application (Rails)
- Load Balancer for multi-node GitLab
- Configuring a Monitoring node for Scaling and High Availability
- NFS
- Working with the bundled PgBouncer service
- Configuring Redis for scaling
- Configuring Sidekiq
- Admin Area settings
- Continuous Integration and Deployment Admin settings
- Custom instance-level project templates
- Diff limits administration
- Enable and disable GitLab features deployed behind feature flags
- Geo nodes Admin Area
- GitLab Pages administration
- Health Check
- Job logs
- Labels administration
- Log system
- PlantUML & GitLab
- Repository checks
- Repository storage paths
- Repository storage types
- Account and limit settings
- Service templates
- System hooks
- Changing your time zone
- Uploads administration
- Abuse reports
- Activating and deactivating users
- Audit Events
- Blocking and unblocking users
- Broadcast Messages
- Elasticsearch integration
- Gitaly
- Gitaly Cluster
- Gitaly reference
- Monitoring GitLab
- Monitoring GitLab with Prometheus
- Performance Bar
- Usage statistics
- Object Storage
- Performing Operations in GitLab
- Cleaning up stale Redis sessions
- Fast lookup of authorized SSH keys in the database
- Filesystem Performance Benchmarking
- Moving repositories managed by GitLab
- Run multiple Sidekiq processes
- Sidekiq MemoryKiller
- Switching to Puma
- Understanding Unicorn and unicorn-worker-killer
- User lookup via OpenSSH's AuthorizedPrincipalsCommand
- GitLab Package Registry administration
- GitLab Container Registry administration
- Replication (Geo)
- Geo database replication
- Geo with external PostgreSQL instances
- Geo configuration
- Using a Geo Server
- Updating the Geo nodes
- Geo with Object storage
- Docker Registry for a secondary node
- Geo for multiple nodes
- Geo security review (Q&A)
- Location-aware Git remote URL with AWS Route53
- Tuning Geo
- Removing secondary Geo nodes
- Geo data types support
- Geo Frequently Asked Questions
- Geo Troubleshooting
- Geo validation tests
- Disaster Recovery (Geo)
- Disaster recovery for planned failover
- Bring a demoted primary node back online
- Automatic background verification
- Rake tasks
- Back up and restore GitLab
- Clean up
- Namespaces
- Maintenance Rake tasks
- Geo Rake Tasks
- GitHub import
- Import bare repositories
- Integrity check Rake task
- LDAP Rake tasks
- Listing repository directories
- Praefect Rake tasks
- Project import/export administration
- Repository storage Rake tasks
- Generate sample Prometheus data
- Uploads migrate Rake tasks
- Uploads sanitize Rake tasks
- User management
- Webhooks administration
- X.509 signatures
- Server hooks
- Static objects external storage
- Updating GitLab
- GitLab release and maintenance policy
- Security
- Password Storage
- Custom password length limits
- Restrict allowed SSH key technologies and minimum length
- Rate limits
- Webhooks and insecure internal web services
- Information exclusivity
- How to reset your root password
- How to unlock a locked user from the command line
- User File Uploads
- How we manage the TLS protocol CRIME vulnerability
- User email confirmation at sign-up
- Security of running jobs
- Proxying assets
- CI/CD Environment Variables
- Contributor and Development Docs
- Contribute to GitLab
- Community members & roles
- Implement design & UI elements
- Issues workflow
- Merge requests workflow
- Code Review Guidelines
- Style guides
- GitLab Architecture Overview
- CI/CD development documentation
- Database guides
- Database Review Guidelines
- Database Review Guidelines
- Migration Style Guide
- What requires downtime?
- Understanding EXPLAIN plans
- Rake tasks for developers
- Mass inserting Rails models
- GitLab Documentation guidelines
- Documentation Style Guide
- Documentation structure and template
- Documentation process
- Documentation site architecture
- Global navigation
- GitLab Docs monthly release process
- Telemetry Guide
- Usage Ping Guide
- Snowplow Guide
- Experiment Guide
- Feature flags in development of GitLab
- Feature flags process
- Developing with feature flags
- Feature flag controls
- Document features deployed behind feature flags
- Frontend Development Guidelines
- Accessibility & Readability
- Ajax
- Architecture
- Axios
- Design Patterns
- Frontend Development Process
- DropLab
- Emojis
- Filter
- Frontend FAQ
- GraphQL
- Icons and SVG Illustrations
- InputSetter
- Performance
- Principles
- Security
- Tooling
- Vuex
- Vue
- Geo (development)
- Geo self-service framework (alpha)
- Gitaly developers guide
- GitLab development style guides
- API style guide
- Go standards and style guidelines
- GraphQL API style guide
- Guidelines for shell commands in the GitLab codebase
- HTML style guide
- JavaScript style guide
- Migration Style Guide
- Newlines style guide
- Python Development Guidelines
- SCSS style guide
- Shell scripting standards and style guidelines
- Sidekiq debugging
- Sidekiq Style Guide
- SQL Query Guidelines
- Vue.js style guide
- Instrumenting Ruby code
- Testing standards and style guidelines
- Flaky tests
- Frontend testing standards and style guidelines
- GitLab tests in the Continuous Integration (CI) context
- Review Apps
- Smoke Tests
- Testing best practices
- Testing levels
- Testing Rails migrations at GitLab
- Testing Rake tasks
- End-to-end Testing
- Beginner's guide to writing end-to-end tests
- End-to-end testing Best Practices
- Dynamic Element Validation
- Flows in GitLab QA
- Page objects in GitLab QA
- Resource class in GitLab QA
- Style guide for writing end-to-end tests
- Testing with feature flags
- Translate GitLab to your language
- Internationalization for GitLab
- Translating GitLab
- Proofread Translations
- Merging translations from CrowdIn
- Value Stream Analytics development guide
- GitLab subscription
- Activate GitLab EE with a license