I've followed these instructions for setting up a kubernetes cluster on AWS using kops.
I've then been able to run kubectl create -f ... commands to get an application running.
I can access (what I presume is) the API at https://api.useast1.dev.example.com/, in my browser.
This prompts for authentication, the credentials of which I get by running
kubectl config view --minifyas per these instructions from the kops github.
The API then shows:
{
"paths": [
"/apis",
"/apis/",
"/apis/apiextensions.k8s.io",
"/apis/apiextensions.k8s.io/v1beta1",
"/healthz",
"/healthz/etcd",
"/healthz/ping",
"/healthz/poststarthook/generic-apiserver-start-informers",
"/healthz/poststarthook/start-apiextensions-controllers",
"/healthz/poststarthook/start-apiextensions-informers",
"/metrics",
"/swagger-2.0.0.json",
"/swagger-2.0.0.pb-v1",
"/swagger-2.0.0.pb-v1.gz",
"/swagger.json",
"/swaggerapi",
"/version"
]
}
Now I'm trying to setup GitLab CI, which requests an API endpoint and a Service Token.
I created a service token using these instructions from kubernetes, though I haven't done the imagePullSecret part.
However, when I try to anything on the kubernetes cluster (Install Helm Tiller for example), it gives me: Kubernetes error: Unauthorized. I assume this is because I haven't given it any credentials to access that API.
How do I set up kubernetes cluster such that Gitlab doesn't require those credentials to access the API?
Ok, there was a bit of confusion about what the token is.
Best way to retrieve the token is:
kubectl get secretsTo list the secrets
Then
kubectl describe secret SECRET_NAMETo retrieve the token.