PaaS FAQ
How do I delete a project deployed to PaaS completely?
This is done by removal of the entire namespace in Kubernetes. Currently this has to be done by a PaaS administrator in the Platon team. Contact us on Teams or Slack and we will help you.
How do I get my service on <service name>.sikt.no instead of <service name>.paas2.uninett.no?
A CNAME DNS record need to be created pointing to the PaaS cluster Ingress Load Balancer. Send a request to hjelp@sikt.no with information about the desired DNS entries, example for service my-service.sikt.no with a CNAME record:
my-service.sikt.no -> paas2-ingress.lb.uninett.no
Then configure your .gitlab-ci.yml to use the new DNS entry. Example of how to set this when using our helper scripts for PaaS deployment:
variables:
KUBE_PROD_DOMAIN: my-service.sikt.no
KUBE_TEST_ID: my-service
Note that when using gitlab-ci-helpers the staging deployment will still be on:
my-service-staging.paas2.uninett.no
How to give new members added to a Gitlab Project access the projects namespace in the PaaS cluster?
To update namespace access you need to go to PaaS Console and click the big blue "update pipeline configuration" button after adding or removing members in your Gitlab project.
Automatic syncing of this is on Platons TODO list.
Can I run a cronjob in PaaS?
Yes, this can be done using the CronJob resource.
See CronJob Example Project for a simple example deployment.
How can I restrict access to my web service to certain IP ranges?
This can be done using the whitelist-source-range on your Ingress resource.
Example:
nginx.ingress.kubernetes.io/whitelist-source-range: '192.168.0.0/24,10.0.0.0/24'
See IP-adresser i Sikts lokalnett for an overview of Sikt network addresses.