Adjust docs about how to setup KAS address

considering current GitLab Omnibus scenario

Adjust docs about how to setup KAS address
considering current GitLab Omnibus scenario
20d076af · João Alexandre Cunha · Amy Qualls · 942be4c5 · 20d076af
Commit 20d076af authored Dec 14, 2020 by João Alexandre Cunha Committed by Amy Qualls Dec 14, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 4 deletions

doc/user/clusters/agent/index.md doc/user/clusters/agent/index.md +12 -4

No files found.
--- a/doc/user/clusters/agent/index.md
+++ b/doc/user/clusters/agent/index.md
@@ -249,11 +249,14 @@ example [`resources.yml` file](#example-resourcesyml-file) in the following ways
  The agent can use the WebSockets or gRPC protocols to connect to the Agent Server.
  Select the option appropriate for your cluster configuration and GitLab architecture:
  - The `wss` scheme (an encrypted WebSockets connection) is specified by default
-    after you install `gitlab-kas` sub-chart or enable `kas` for Omnibus GitLab.
-    In this case, you must set `wss://GitLab.host.tld:443/-/kubernetes-agent` as
+    after you install the `gitlab-kas` sub-chart, or enable `gitlab-kas` for Omnibus GitLab.
+    When using the sub-chart, you must set `wss://kas.host.tld:443` as
+    `kas-address`, where `host.tld` is the domain you've setup for your GitLab installation.
+    When using Omnibus GitLab, you must set `wss://GitLab.host.tld:443/-/kubernetes-agent` as
    `kas-address`, where `GitLab.host.tld` is your GitLab hostname.
-  - Specify the `ws` scheme (such as `ws://GitLab.host.tld:80/-/kubernetes-agent`)
+  - When using the sub-chart, specify the `ws` scheme (such as `ws://kas.host.tld:80`)
    to use an unencrypted WebSockets connection.
+    When using the Omnibus GitLab, specify the `ws` scheme (such as `ws://GitLab.host.tld:80/-/kubernetes-agent`).
  - Specify the `grpc` scheme if both Agent and Server are installed in one cluster.
    In this case, you may specify `kas-address` value as
    `grpc://gitlab-kas.<your-namespace>:5005`) to use gRPC directly, where `gitlab-kas`
@@ -262,6 +265,10 @@ example [`resources.yml` file](#example-resourcesyml-file) in the following ways
    Follow the
    [Support TLS for gRPC communication issue](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/issues/7)
    for progress updates.
+  - When deploying KAS through the [GitLab chart](https://docs.gitlab.com/charts/), it's possible to customize the `kas-address` for `wss` and `ws` schemes to whatever you need.
+    Check the [chart's KAS Ingress docs](https://docs.gitlab.com/charts/charts/gitlab/kas/#ingress)
+    to learn more about it.
+  - In the near future, Omnibus GitLab intends to provision `gitlab-kas` under a sub-domain by default, instead of the `/-/kubernetes-agent` path. Please follow [this issue](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5784) for details.
 - If you defined your own secret name, replace `gitlab-agent-token` with your
  secret name in the `secretName:` section.

@@ -309,7 +316,8 @@ spec:
        args:
        - --token-file=/config/token
        - --kas-address
-        - wss://gitlab.host.tld:443/-/kubernetes-agent
+        - wss://kas.host.tld:443 # change this line for the one below if using Omnibus GitLab
+        # - wss://gitlab.host.tld:443/-/kubernetes-agent
        volumeMounts:
        - name: token-volume
          mountPath: /config