K
Q

Get "Kubernetes error: Unauthorized" when try to configure GitLab CI Runner with Kubernetes

8/15/2018

I try to run GitLab CI for private GitLab instance with Kubernetes at GCP following this instruction.

I got IP of Kubernetes master with kubectl cluster-info

Then I created ServiceAccount with kubectl, and also get token with command kubectl describe secret/SERVICEACCOUNT-XXXXX

Then I got the certificate with

kubectl -o json get secret SERVICEACCOUNT-XXXXX | jq -r '.data."ca.crt"' | base64 -d - | tee ca.crt

I inserted IP, token and ca.crt content in the Kubernetes integration fields for "Add an existing Kubernetes cluster" command at GitLab.

After that, I tried to install Helm at GitLab, but get an error

Something went wrong while installing Helm Tiller
Kubernetes error: Unauthorized

Can you help me, please, to find out how to solve these problems?

-- Ragnar
gitlab
gitlab-ci
google-cloud-platform
kubernetes
kubernetes-helm

Similar Questions

Why Istio "Authentication Policy" Example Page isn't working as expected?
Start a container from another one in a pod in Kubernetes
Implementing iptables rules on Kubernetes nodes
kubectl port-forward reports `error: error upgrading connection: unable to upgrade connection: pod does not exist`

1 Answer

8/16/2018

Not 100% for gitlab CI but if its building inside the cluster then maybe this https://kubernetes.io/docs/reference/access-authn-authz/rbac/

RBAC is enabled by default on GKE so you may need to set cluster role permissions for Gitlab so it can spin up containers.

-- Dan
Source: StackOverflow