GitLab one of the popular DevOps platform out there, currently. I am evaluating a version GitLab 13.7-pre- release features. This post is supposed to be part of the bigger series with a unified structure. Evaluation in the context of existing infrastructure GitHub + Prometheus + Grafana.
GitLab main components:
- Can be SaaS or self-managed
- Manages Internal Docker Registry
- Provide internal package registry ~ Nexus
Authentication and Authorisation with GitLab:
GitLab continous integration and continous delivery capabilities:
- You need a runner (self hosted, or shared GitLab Runners ) where you can hit limits/costs
- Pipeline described in yml file
- Pipeline stages
- Deployments to Kubernetes
- Alpha support for Serverless apps
- Manual step (converting stage run to trigger manually)
- Deployment safety
- Terraform support
- AFAIU – terraform state is hosted in gitlab storage
- Development in progress
- [Infrastructure as code](https://docs.gitlab.com/ee/user/infrastructure/)
- Pipeline runners
- Custom Registered
- Needed for bigger build machines
- Requires installation/configuration/setup
- Solving security concerns
- And if I understand correctly you can run it at the end on your infrastructure => you pay for the machines
- Pipeline versioning
- Pipeline description in gitlab-ci.yml
- Pipeline triggers
Pipeline additional features
- Slack (integration)
- Via docker image every job is `script`
- Pipeline monitoring via Expositng prometheus endpoint for your grafana
- For GitHub you Need Premium
GitLab Pricing model:
- Has the concept of minutes in the plan + buying extra ($10 per 1000min)
- Pay for the storage $60/10GB see details
- strong push towards Premium with the cost $19/user/month.
- GitLab pricing
I haven’t studied GitLab offering super profoundly, but for building a new project, I would consider starting with it as it provides complete SDLC support (compared to Spinnaker it is CI + CD). Acts as SDLC management on top of the cloud provider – providing an easy way how to comply with the majority of measures from certification, e.g. SOC 2, but those are the gold plan features ($99/user/month). This might be pricy, but if you use ticket management, documentation (instead of, e.g. Jira), roadmap tooling, release notes management, Terrafrom stage seems like a no-brainer!
Challenges you might hit when growing:
- Pipeline deployment ordering as parallel pipelines run
- Shared runners are small machines step to registered add admin infra work
- A security model is similar to Spinnaker, additionally doesn’t allow custom groups, but I guess that you can create custom apps (users)
- Pricing seems scary at the end runners probably run on your infra and registered to the platform, OTOH if managed to keep on shared runners, need to buy a lot of build minutes.
- Storage cost seems high
- Docker registry has 30 days expiry (probably can be extended) => you will be uploading to your GCR
I haven’t studied in deep deployment capabilities:
- Integration with Helm – probably rendering via helm template and then deploy
- Support for deployment strategies – requires appropriate kubernetes object manifests as everywhere
- Registered kubernetes seems to have an agent running in them
- Has all concepts from Spinnaker more less
- Has starting support for Terraform in alpha
GitLab Potential pain points:
- Having a whole pipeline in git(including deployment strategies configurations, approvals) – might pose challenges when there is no pure trunk-based development – requires a need for backporting and harder for surveillance.
GitLab is built on top of plenty of OS projects where I can imagine that integration between your infrastructure and GL might be extensive.
The only reasonable scenario that you fully migrate to GitLab and reduce extra tooling like Assana, GitHub, Confluence, … or for new projects that might be a no-brainer. That migration can be pretty heavy, but you might get some compliance checks for that in a single workspace.