Deploying Renku with an external GitLab¶
GitLab is a component of the Renku platform. Running it is quite resource-intensive. For development purposes or if you already have an existing GitLab instance running, you might want to use this instance as a backend service for Renku.
In the section about running Renku locally we give a
detailed description of how to bring up a local version of the platform using gitlab.com
while also using gitlab.com
as an identity provider. Note that in Renku deployments
which include their own GitLab, the dependency is the other way around, meaning
that the Renku GitLab instance uses the Renku Keycloak instance as identity provider.
Caveats¶
There are known caveats for a setup using an external GitLab instance:
Notebook servers can only be launched from public projects. This is due to the fact that the users credentials are needed for pulling images for private projects from the GitLab registry. In deployments which include “their own” GitLab instance, we use a GitLab API token with sudo permissions for this purpose. This is obviously not possible when using an existing GitLab instance that you are not managing yourself.
gitlab.com
limits the total size of each repository to 10 GB (including the files added to git-lfs). This is fine for development work but quite restrictive for actual Renku projects.Depending on how CI runners are configured on the GitLab instance which you are using, you might have to adapt the
.gitlab-ci.yaml
file in your projects. See the paragraph on configuring GitLab CI.
gitlab.com¶
The extra configuration needed for a deployment against gitlab.com
is in a
specific values file.
This file can also be used as a secondary values file in a Renku deployment which is
running in the cloud.
renkulab.io¶
You can also use the GitLab instance of the SDSCs public renku deployment
https://renkulab.io/gitlab as a GitLab backend. The same
values file.
has the necessary configurations for such a deployment indicated. All the steps
necessary for such a setup are identical to the ones when using gitlab.com
,
except for the configuration of renkulab.io/gitlab
as the upstream identity provider
for your Keycloak instance. Instead of gitlab.com
pick the generic OICD provider
option and fill in the following information:
Field |
Value |
---|---|
Alias |
renkulab |
Authorization URL |
|
Token URL |
|
Client ID |
[Application Id of GitLab client application] |
Client Secret |
[Secret of GitLab client application] |