2020-05-24 23:13:21 +05:30
---
stage: Configure
group: Configure
2021-02-22 17:27:13 +05:30
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
2020-05-24 23:13:21 +05:30
---
2021-09-30 23:02:18 +05:30
# Add a cluster using cluster certificates (DEPRECATED) **(FREE)**
2021-09-04 01:27:46 +05:30
2021-09-30 23:02:18 +05:30
> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 14.0.
2021-09-04 01:27:46 +05:30
WARNING:
Creating a new cluster or adding an existing cluster to GitLab through the certificate-based method
is deprecated and no longer recommended. Kubernetes cluster, similar to any other
2021-09-30 23:02:18 +05:30
infrastructure, should be created, updated, maintained using [Infrastructure as Code ](../../infrastructure/index.md ).
2021-09-04 01:27:46 +05:30
GitLab is developing a built-in capability to create clusters with Terraform.
2021-09-30 23:02:18 +05:30
You can follow along in this [epic ](https://gitlab.com/groups/gitlab-org/-/epics/6049 ).
2020-07-28 23:09:34 +05:30
2021-02-22 17:27:13 +05:30
NOTE:
2021-01-03 14:25:43 +05:30
Every new Google Cloud Platform (GCP) account receives
[$300 in credit upon sign up ](https://console.cloud.google.com/freetrial ).
In partnership with Google, GitLab is able to offer an additional $200 for new GCP
2021-02-22 17:27:13 +05:30
accounts to get started with the GitLab integration with Google Kubernetes Engine.
2021-01-03 14:25:43 +05:30
[Follow this link ](https://cloud.google.com/partners/partnercredit/?pcn_code=0014M00001h35gDQAQ#contact-form )
to apply for credit.
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
NOTE:
Watch the webcast [Scalable app deployment with GitLab and Google Cloud Platform ](https://about.gitlab.com/webcast/scalable-app-deploy/ )
and learn how to spin up a Kubernetes cluster managed by Google Cloud Platform (GCP)
in a few clicks.
2021-01-29 00:20:46 +05:30
2021-09-30 23:02:18 +05:30
## Create new cluster
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
> The certificate-based method for creating clusters from GitLab was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 14.0.
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
As of GitLab 14.0, use [Infrastructure as Code ](../../infrastructure/index.md )
to **safely create your new cluster from GitLab** .
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
The certificate-based method is **deprecated** and scheduled for removal in
GitLab 15.0. However, you can still use it until then. Through
this method, you can host your cluster in EKS, GKE, on premises, and with other
providers. To host them on premises and with other providers,
use either the EKS or GKE method to guide you through and enter your cluster's
settings manually:
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
- [New cluster hosted on Google Kubernetes Engine (GKE) ](add_eks_clusters.md ).
- [New cluster hosted on Amazon Elastic Kubernetes Service (EKS) ](add_gke_clusters.md ).
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
## Add existing cluster
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
If you already have a cluster and want to integrate it with GitLab, see how to
[add an existing cluster ](add_existing_cluster.md ).
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
## Configure your cluster
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
As of GitLab 14.0, use the [GitLab Kubernetes Agent ](../../clusters/agent/index.md ) to configure your cluster.
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
## Disable a cluster
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
When you successfully create a new Kubernetes cluster or add an existing
one to GitLab, the cluster connection to GitLab becomes enabled. To disable it:
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
1. Go to your:
- Project's ** {cloud-gear}** **Infrastructure > Kubernetes clusters** page, for a project-level cluster.
2020-07-28 23:09:34 +05:30
- Group's ** {cloud-gear}** **Kubernetes** page, for a group-level cluster.
2021-09-30 23:02:18 +05:30
- **Menu >** ** {admin}** **Admin >** ** {cloud-gear}** **Kubernetes** page, for an instance-level cluster.
1. Select the name of the cluster you want to disable.
1. Toggle **GitLab Integration** off (in gray).
1. Click **Save changes** .
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
## Remove a cluster
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26815) in GitLab 12.6, you can remove cluster integrations and resources.
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
When you remove a cluster integration, you only remove the cluster relationship
to GitLab, not the cluster. To remove the cluster itself, visit your cluster's
GKE or EKS dashboard to do it from their UI or use `kubectl` .
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
You need at least Maintainer [permissions ](../../permissions.md ) to your
project or group to remove the integration with GitLab.
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
When removing a cluster integration, you have two options:
2020-03-13 15:44:24 +05:30
2021-09-30 23:02:18 +05:30
- **Remove integration**: remove only the Kubernetes integration.
- **Remove integration and resources**: remove the cluster integration and
all GitLab cluster-related resources such as namespaces, roles, and bindings.
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
To remove the Kubernetes cluster integration:
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
1. Go to your cluster details page.
1. Select the **Advanced Settings** tab.
1. Select either **Remove integration** or **Remove integration and resources** .
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
## Access controls
2019-12-26 22:10:19 +05:30
2021-09-30 23:02:18 +05:30
See [cluster access controls (RBAC or ABAC) ](cluster_access.md ).
2021-01-03 14:25:43 +05:30
## Troubleshooting
### There was a problem authenticating with your cluster. Please ensure your CA Certificate and Token are valid
If you encounter this error while adding a Kubernetes cluster, ensure you're
properly pasting the service token. Some shells may add a line break to the
service token, making it invalid. Ensure that there are no line breaks by
pasting your token into an editor and removing any additional spaces.
2021-03-11 19:13:27 +05:30
You may also experience this error if your certificate is not valid. To check that your certificate's
subject alternative names contain the correct domain for your cluster's API, run this:
```shell
echo | openssl s_client -showcerts -connect kubernetes.example.com:443 2>/dev/null |
openssl x509 -inform pem -noout -text
```
Note that the `-connect` argument expects a `host:port` combination. For example, `https://kubernetes.example.com` would be `kubernetes.example.com:443` .