K
Q

Kubernetes executor gitlab

11/3/2017

Does anyone successfully setup kubernetes executor/runner on gitlab for CI jobs? I set up mine but its stucking on executing my pipeline indefinitely.

I'm running a runner as a docker container on top of kubernetes cluster and connecting to my gitlab instance for handling my CI builds.

Any working config file would be appreciated.

My runner configuration looks like this:

[[runners]]
  name = "kube-executor"
  url = "https://gitlab.example.ltd/"
  token = "some-token"
  executor = "kubernetes"
  [runners.cache]
  [runners.kubernetes]
    host = "https://my-kubernetes-api-address:443"
    ca_file = "/etc/ssl/certs/ca.crt"
    cert_file = "/etc/ssl/certs/server.crt"
    key_file = "/etc/ssl/certs/server.key"
    image = "docker:latest"
    namespace = "gitlab"
    namespace_overwrite_allowed = "ci-.*"
    privileged = true
    cpu_limit = "1"
    memory_limit = "1Gi"
    service_cpu_limit = "1"
    service_memory_limit = "1Gi"
    helper_cpu_limit = "500m"
    helper_memory_limit = "100Mi"
    poll_interval = 5
    poll_timeout = 3600
    [runners.kubernetes.volumes]

this throws this error: ERROR: Job failed (system failure): Post https://my-kubernetes-api-address:443/api/v1/namespaces/gitlab/secrets: x509: certificate signed by unknown authority

-- Buba Conteh
gitlab
gitlab-ci
gitlab-ci-runner
kubernetes

Similar Questions

use a customer-encrypted disk in a kubernetes pod
Azure Log Analytics/OMS - reconstruct container's log as raw text
Using azure file storage with kubernetes and azure container service (aks) - permission denied
Kubectl apply does not update pods or deployments

1 Answer

1/11/2018

you are using https, so where are the certs, are they self signed certs? if yes you have to mention --tls-cert-file and --tls-private-key-file flags in your configmap.

Copied from https://stackoverflow.com/a/43362697/432115

-- niels
Source: StackOverflow