Commit b8c3fed9 authored by Thong Kuah's avatar Thong Kuah Committed by Fabio Pitino

Document internal api for kubernetes agent

Also document how the JWT auth works. Also add YAML docs for the feature
flag (ops type).
parent 5f62f071
---
name: kubernetes_agent_internal_api
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/41045
rollout_issue_url:
group: group::configure
type: ops
default_enabled: true
...@@ -371,7 +371,23 @@ Example response: ...@@ -371,7 +371,23 @@ Example response:
} }
``` ```
## Kubernetes agent information ## Kubernetes agent endpoints
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/41045) in GitLab 13.4.
> - This feature is not deployed on GitLab.com
> - It's not recommended for production use.
The following endpoints are used by the GitLab Kubernetes Agent Server (kas)
for various purposes.
These endpoints are all authenticated using JWT. The JWT secret is stored in a file
specified in `config/gitlab.yml`. By default, the location is in the root of the
GitLab Rails app in a file called `.gitlab_kas_secret`.
CAUTION: **Caution:**
The Kubernetes agent is under development and is not recommended for production use.
### Kubernetes agent information
Called from GitLab Kubernetes Agent Server (kas) to retrieve agent Called from GitLab Kubernetes Agent Server (kas) to retrieve agent
information for the given agent token. This returns the Gitaly connection information for the given agent token. This returns the Gitaly connection
...@@ -388,7 +404,7 @@ Example Request: ...@@ -388,7 +404,7 @@ Example Request:
curl --request GET --header "Gitlab-Kas-Api-Request: <JWT token>" --header "Authorization: Bearer <agent token>" "http://localhost:3000/api/v4/internal/kubernetes/agent_info" curl --request GET --header "Gitlab-Kas-Api-Request: <JWT token>" --header "Authorization: Bearer <agent token>" "http://localhost:3000/api/v4/internal/kubernetes/agent_info"
``` ```
## Kubernetes agent project information ### Kubernetes agent project information
Called from GitLab Kubernetes Agent Server (kas) to retrieve project Called from GitLab Kubernetes Agent Server (kas) to retrieve project
information for the given agent token. This returns the Gitaly information for the given agent token. This returns the Gitaly
...@@ -413,7 +429,7 @@ Example Request: ...@@ -413,7 +429,7 @@ Example Request:
curl --request GET --header "Gitlab-Kas-Api-Request: <JWT token>" --header "Authorization: Bearer <agent token>" "http://localhost:3000/api/v4/internal/kubernetes/project_info?id=7" curl --request GET --header "Gitlab-Kas-Api-Request: <JWT token>" --header "Authorization: Bearer <agent token>" "http://localhost:3000/api/v4/internal/kubernetes/project_info?id=7"
``` ```
## Kubernetes agent usage metrics ### Kubernetes agent usage metrics
Called from GitLab Kubernetes Agent Server (kas) to increase the usage Called from GitLab Kubernetes Agent Server (kas) to increase the usage
metric counters. metric counters.
......
...@@ -45,7 +45,7 @@ module API ...@@ -45,7 +45,7 @@ module API
end end
def check_feature_enabled def check_feature_enabled
not_found! unless Feature.enabled?(:kubernetes_agent_internal_api, default_enabled: true) not_found! unless Feature.enabled?(:kubernetes_agent_internal_api, default_enabled: true, type: :ops)
end end
def check_agent_token def check_agent_token
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment