Gitlab CI - K8s - Deployment

Question

just going through this guide on gitlab and k8s gitlab-k8s-cd, but my build keeps failing on this part:

- kubectl delete secret registry.gitlab.com
- kubectl create secret docker-registry registry.gitlab.com --docker-server=https://registry.gitlab.com --docker-username=<my_username> --docker-password=$REGISTRY_PASSWD --docker-email=<my_email>

Although I am not entirely sure what password is needed for --docker-password, I have created an API token in gitlab for my user and I am using that in the secure variables.

This is the error:

$ gcloud container clusters get-credentials deployment
Fetching cluster endpoint and auth data.
kubeconfig entry generated for deployment.
$ kubectl delete secret registry.gitlab.com
Error from server: secrets "registry.gitlab.com" not found
ERROR: Build failed: exit code 1

Any help would be much appreciated thanks.

EDIT

Since the initial post, by removing the initial kubectl delete secret and re-building worked, so it was failing on deleting when there was no previous secret.

Second Edit

Having problems with my deployment.yml for K8s, could anyone shed any light on why I am getting this error:

error validating "deployment.yml": error validating data: field spec.template.spec.containers[0].ports[0]: expected object of type map[string]interface{},

With this yml:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: <app>
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: <app>
    spec:
      containers:
      - name: deployment
        image: registry.gitlab.com/<username>/<app>
        imagePullPolicy: Always
        ports:
        - "80:8080"
        env:
        - name: PORT
          value: "8080"
      imagePullSecrets:
        - name: registry.gitlab.com

And this error:

error validating "deployment.yml": error validating data: found invalid field imagePullSecrets for v1.Container; if you choose to ignore these errors, turn validation off with --validate=false

With this yml:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: <app>
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: <app>
    spec:
      containers:
      - name: <app>
        image: registry.gitlab.com/<project>/<app>
        imagePullPolicy: Always
        ports:
        - "80:8080"
        env:
        - name: PORT
          value: "8080"
      imagePullSecrets:
        - name: registry.gitlab.com

Latest YAML

apiVersion: v1
kind: Service
metadata:
  name: <app_name>
  labels:
    app: <app_name>
spec:
  ports:
    - port: 80
  selector:
    app: <app_name>
    tier: frontend
  type: LoadBalancer
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: <app_name>
  labels:
    app: <app_name>
spec:
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: <app_name>
        tier: frontend
    spec:
      containers:
      - image: registry.gitlab.com/<project>/<app>
        imagePullPolicy: Always
        name: <app_name>
        env:
        - name: PORT
          value: "8080"
        imagePullSecrets:
        - name: registry.gitlab.com
        ports:
          - containerPort: 8080
            hostPort: 80

Answer 1

This is the working YAML file for K8s:

apiVersion: v1
kind: Service
metadata:
  name: <app_name>
  labels:
    app: <app_name>
spec:
  ports:
    - port: 80
  selector:
    app: <app_name>
    tier: frontend
  type: LoadBalancer
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: <app_name>
  labels:
    app: <app_name>
spec:
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: <app_name>
        tier: frontend
    spec:
      containers:
      - image: registry.gitlab.com/<project>/<app>:latest
        imagePullPolicy: Always
        name: <app_name>
        env:
        - name: PORT
          value: "8080"
        ports:
          - containerPort: 8080
            hostPort: 80
      imagePullSecrets:
        - name: registry.gitlab.com

This is the working gitlab-ci file also:

image: docker:latest
services:
  - docker:dind

variables:
  DOCKER_DRIVER: overlay

stages:
  - package
  - deploy

docker-build:
  stage: package
  script:
  - docker build -t registry.gitlab.com/<project>/<app> .
  - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com
  - docker push registry.gitlab.com/<project>/<app>

k8s-deploy:
  image: google/cloud-sdk
  stage: deploy
  script:
  - echo "$GOOGLE_KEY" > key.json
  - gcloud auth activate-service-account --key-file key.json
  - gcloud config set compute/zone <zone>
  - gcloud config set project <project>
  - gcloud config set container/use_client_certificate True
  - gcloud container clusters get-credentials <container-name>
  - kubectl delete secret registry.gitlab.com
  - kubectl create secret docker-registry registry.gitlab.com --docker-server=https://registry.gitlab.com --docker-username=<username> --docker-password=$REGISTRY_PASSWD --docker-email=<user-email>
  - kubectl apply -f deployment.yml

Just need to work out how to alter the script to allow for rolling back.

Answer 2

Regarding your first error:

Ports are defined differently in Kubernetes than in Docker or Docker Compose. This is how the port specification should look like:

ports:
  - containerPort: 8080
    hostPort: 80

See the reference for more information.

Regarding your second error:

According to the reference on PodSpecs, the imagePullSecrets property is correctly placed in your example. However, from reading the error message, it seems that you actually included the imagePullSecrets property into the ContainerSpec, not the PodSpec.

The YAML in your question seems to be correct, in this case. Make sure that your actual manifest matches the example from your question and you did not accidentally indented the imagePullSecrets property more than necessary.