Deploy to OCI Container Engine for Kubernetes from GitLab CI/CD


In the rapidly evolving landscape of DevOps and cloud-native development, the need for streamlined integration between version control systems and container orchestration platforms can be critical. Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) offers a robust and scalable solution for managing containerized applications. However, some teams may have specific preferences and requirements that lead them to seek alternatives to Oracle Cloud Infrastructure (OCI) native DevOps services.

GitLab is a versatile and comprehensive version control and continuous integration and continuous delivery/deployment (CI/CD) platform that not only meets these preferences but also provides a compelling alternative to OCI DevOps services. In this tutorial, we will guide you through the process of seamlessly connecting GitLab to Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE). The integration presented in this tutorial not only aligns to use an already existing GitLab solution which you might have in place, but also empowers the team with a unified solution for version control, continuous integration, and Kubernetes orchestration.

In the subsequent sections, this tutorial introduces two distinct approaches aimed at doing this integration.



Approach 1: Deploy to OKE from GitLab CI/CD using short-lived generated token

Task 1: Prepare OCI Compute Instance

You will need an OCI Compute instance for the GitLab Runner, for example a virtual machine (VM).

OCI Compute instance

  1. Install kubectl on the VM. For more information, see Install and Set Up kubectl on Linux.

  2. Install OCI CLI and create the configuration file for the authentication to the OCI tenancy (or you will be prompted to create it when running the cluster access steps). For more information, see Install OCI CLI and SDK and CLI Configuration File.

  3. Set up the access to the OKE cluster. Go to Access Your Cluster and click Local Access instructions from the OCI Console.

    OCI OKE Access Cluster

  4. Install GitLab Runner on the VM. Run the following commands as root.

    sudo curl -L | sudo bash
    sudo yum install -y gitlab-runner

    Check the GitLab Runner works.

    gitlab-runner list

Task 2: Configure GitLab Runner and Project

  1. Log in to GitLab, go to Projects and create a new project or use an exiting one.

    GitLab Project

  2. Create a runner or use an existing one. To create a new runner, go to Settings, CI/CD, Runners and Expand. Click New Project Runner and select Platform (for example: Linux), add a Tag which we will use later in the .gitlab-ci.yaml file when configuring your deploy pipeline and then click Create runner.

    GitLab Runner

  3. Register the runner with VM.

    Note: Make a note of the runner authenticaton token in case you need it later.

    Register the runner

    • Run the gitlab-runner register command and enter the following information.

      • GitLab instance URL: Accept the default value
      • Runner Name: Valid locally in the config.toml file. For example: gitlab-oke-runner.
      • Enter an Executor: shell , with this value, you choose that the CI/CD instructions will run on the local machine where kubectl and OCI CLI are installed.

      Register the runner

    • You can review the runner configuration in the file $HOME/.gitlab-runner/config.toml.

Task 3: Setup the CI/CD pipeline

  1. Clone the GitLab project to your local machine.

  2. Create a file named .gitlab-ci.yaml in the project directory, containing the build and deploy instructions. In the deploy section, make sure to include the runner tag you set when creating the runner before.

    $ cat ~/demo-oke/.gitlab-ci.yml
      - build
      - deploy
      stage: build
        - echo "Building the ServiceAccount project..."
      stage: deploy
        - echo "Deploying an nginx pod to the OKE cluster"
        - kubectl run nginx --image=nginx
        - shell-executor
  3. Push the changes to your GitLab project and go to Build and Jobs to check that the build and deploy pipelines are triggered and run successfully.

    CICD pipelines

    Deploy job

    The pipeline deployed an nginx pod in the OKE cluster.

    Notes: Make a note of the tag and key. We will choose the shell executor which will make use of the local machine resources. Otherwise, if you choose Docker for example, you need to provide in your instructions an image which installs kubectl (and OCI CLI for approach 1) in the container.

    $ kubectl get pods
    nginx   1/1     Running   0          47h

Approach 2: Deploy to OKE from GitLab CI/CD using a Kubernetes Service Account

Repeat Tasks 1,2 and 3 from Approach 1 to set up the local VM (install kubectl, OCI CLI, GitLab Runner), register runner, create the pipeline file .gitlab-ci.yaml.

Task 1: Create a Kubernetes Service Account and add its Token

When you use a Kubernetes service account to deploy to OKE from GitLab, the process involves authenticating GitLab with the Kubernetes cluster using the service account credentials.

Next Steps

Using these tasks you can use your GitLab CI/CD pipeline to deploy to OKE. These tasks can be taken as a reference for other CI/CD tools. The integration facilitates continuous integration and delivery, allowing for rapid iteration and deployment of applications to OKE.

In this tutorial the instructions employ a shell executor for testing and handling straight forward scenarios. Alternatively, you can opt for a different executor, for example a Docker executor. In such a case the pipeline is executed within a Docker container rather than on the local machine. Running with a Docker executor will need you to specify a Docker image that includes the required utilities. Consequently, creating a custom image may be essential, incorporating tools such as kubectl and OCI CLI to meet specific pipeline requirements.


More Learning Resources

Explore other labs on or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.