K
Q

Kubernetes Continuous deployment stage in Gitlab Online fails

7/9/2018

I am working on setting up a cloud DevOps deployment pipeline using Gitlab CI online, Kubernetes, and docker. I am following an example post at Continous delivery of a spring boot application with Gitlab CI and kubernetes and Kubectl delete/create secret forbidden (Google cloud platform) .

Find below my .gitlab-ci.yml file's source

image: docker:latest
services:
  - docker:dind

variables:
  DOCKER_DRIVER: overlay
  SPRING_PROFILES_ACTIVE: gitlab-ci

stages:
  - build
  - package
  - deploy

maven-build:
  image: maven:3-jdk-8
  stage: build
  script: "mvn package -B"
  artifacts:
    paths:
      - target/*.jar

docker-build:
  stage: package
  script:
  - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com
  - docker build -t registry.gitlab.com/username/mta-hosting-optimizer .
  - docker push registry.gitlab.com/username/mta-hosting-optimizer

k8s-deploy:
  image: google/cloud-sdk
  stage: deploy
  script:
  - echo "$GOOGLE_KEY" > key.json
  - gcloud auth activate-service-account --key-file key.json
  - gcloud config set compute/zone europe-west1-c
  - gcloud config set project mta-hosting-optimizer
  - gcloud config unset container/use_client_certificate
  - gcloud config set container/use_client_certificate True
  - gcloud container clusters get-credentials mta-hosting-optimizer
  - kubectl create -f admin.yaml --validate=false
  - kubectl create clusterrolebinding serviceaccounts-cluster-admin--clusterrole=cluster-admin --group=system:serviceaccounts
  - kubectl delete secret registry.gitlab.com
  - kubectl create secret docker-registry registry.gitlab.com --docker-server=https://registry.gitlab.com --docker-username=username --docker-password=$REGISTRY_PASSWD --docker-email=email@email.com
  - kubectl apply -f deployment.yml

Deployment fails at the line below

  - kubectl create -f admin.yaml --validate=false

The error message displayed upon this failure is as follow:

error: error converting YAML to JSON: yaml: mapping values are not allowed in this context
ERROR: Job failed: exit code 1

The admin.yaml file's source is as follows:

apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: kubernetes-dashboard labels: k8s-app: kubernetes-dashboard roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: kubernetes-dashboard namespace: kube-system

The Maven build and Docker build/package stages work find. This is the only stage that fails. I will appreciate everyone's help in resolving this issue. Thank you very much.

-- sage
docker
gitlab
kubectl
kubernetes

Similar Questions

presto - moving worker from docker to kubernetes
python FileNotFoundError: [Errno 2] with absolute path and file exists
Kubernetes getting sibling-pod IP/properties from the same deployment/replicaset
ICP 2.1.0.3 Install Timeout: FAILED - RETRYING: Waiting for kube-dns to start
K8s Game Servers: Dynamically forward TCP & UDP for Pods via Service/Ingress

1 Answer

7/11/2018

You have a YAML validation error. This means that your YAML isn't formatted correctly.

screenshot

You most likely wanted to format your admin.yaml file this way:

apiVersion: rbac.authorization.k8s.io/v1beta1 
kind: ClusterRoleBinding 
metadata: 
    name: kubernetes-dashboard 
    labels: 
        k8s-app: kubernetes-dashboard
    namespace: kube-system
roleRef: 
  apiGroup: rbac.authorization.k8s.io 
  kind: ClusterRole 
  name: cluster-admin 
subjects: 
- kind: ServiceAccount 
  name: kubernetes-dashboard

Also: As Matthew L Daniel already pointed out you shouldn't disable validation of the YAML files.

-- bn4t
Source: StackOverflow