How many agents should I have?

Hi y’all,

I trying to build a branch-based GitOps declarative infrastructure for Kubernetes. I plan to create clusters on a cloud provider with crossplane, and those clusters will be stored in Gitlab. However, as I start building, I seem to be running into gitlab-agent sprawl.

Every application I will be deploying to each of my environments is stored in a separate git repo, and I’m wondering if I need a separate agent for each repo and environment. For example, I have my three clusters prod, stage, and dev, and my three apps, API, kafka, and DB. I’ve started with three agents per repo (gitlab-agent-api-prod, gitlab-agent-kafka-stage, …), Which seems a bit excessive. Do I really need 9 agents?

Additionally, I now have to install as many agents as I have apps onto each of my clusters, which already eats up significant resources. I’d imagine I can get away with one gitlab agent per cluster, I am just not seeing how that is done. Any help would be appreciated!

Uh, I’m also now more confused with the gitlab agent hierarchy issue. According to the documentation, the agent no longer supports instance-level authorization, and is limited to group-level authorization at best. This does pose a bit of an organizational challenge for private deployments.

I understand that based on the current rules, perhaps you need to make the following adjustments to your project structure to achieve your desired goals

  1. create groups
  2. create a k8s agent management project in the group, integrate 3 agents in it to correspond to the 3 k8s clusters, and authorize the agents for use within the group Authorize the agent to access projects in your groups
  3. Move all projects to the group and then specify the $KUBE_CONTEXT to be deployed according to the different branches in .gitlab-ci.yml Update your .gitlab-ci.yml file to run kubectl commands

Hope this helps a bit

Translated with DeepL Translate: The world's most accurate translator (free version)

Thank you so much. Unfortunately, it seems the gitlab agent for kubernetes isn’t mature enough for my (or frankly anyone else I’ve talked to) use cases. I ended up using fluxCD, which lets me target a specific branch, as well as manage repositories and deployments from the kubernetes API. I suggest that gitlab adopt this approach, and hope they one day reach a similar level of functionality.

Thanks again!