Gitlab上的Kubernetes执行程序-错误:作业失败(系统故障):发布* api/v1/命名空间/gitlab/pods:x509:证书由未知授权机构签名 [英] Kubernetes executor on Gitlab - ERROR: Job failed (system failure): Post *api/v1/namespaces/gitlab/pods: x509: certificate signed by unknown authority
问题描述
我正在尝试为Gitlab设置Kubernetes执行器,但出现此错误: 错误:作业失败(系统故障):发布 https://api.kubernetes.de/api/v1/namespaces/gitlab/豆荚:x509: 未知权限签署的证书
I'm trying to set up Kubernetes executor for Gitlab but I get this error: ERROR: Job failed (system failure): Post https://api.kubernetes.de/api/v1/namespaces/gitlab/pods: x509: certificate signed by unknown authority
这是我的configmap.yml:
This is my configmap.yml:
apiVersion: v1
kind: ConfigMap
metadata:
name: gitlab-runner
namespace: gitlab
data:
config.toml: |
concurrent = 4
[[runners]]
name = "Kubernetes Runner"
url = "http://########/ci"
token = "############"
executor = "kubernetes"
[runners.kubernetes]
host = "https://api.kubernetes.de"
namespace = "gitlab"
namespace_overwrite_allowed = "ci-.*"
privileged = true
cpu_limit = "1"
memory_limit = "1Gi"
service_cpu_limit = "1"
service_memory_limit = "1Gi"
helper_cpu_limit = "500m"
helper_memory_limit = "100Mi"
poll_interval = 5
poll_timeout = 3600
[runners.kubernetes.node_selector]
gitlab = "true"
这是Deployment.yml:
And this is deployment.yml:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: gitlab-runner
namespace: gitlab
spec:
replicas: 1
selector:
matchLabels:
name: gitlab-runner
template:
metadata:
labels:
name: gitlab-runner
spec:
containers:
- args:
- run
image: gitlab/gitlab-runner:latest
imagePullPolicy: Always
name: gitlab-runner
volumeMounts:
- mountPath: /etc/gitlab-runner
name: config
- mountPath: /etc/ssl/certs
name: cacerts
readOnly: true
restartPolicy: Always
volumes:
- configMap:
name: gitlab-runner
name: config
- hostPath:
path: /usr/share/ca-certificates/mozilla
name: cacerts
推荐答案
您正在使用https
,所以证书在哪里,它们是自签名证书吗?如果是,则必须在configmap中为kubelet提及--tls-cert-file
和--tls-private-key-file
标志.
you are using https
, so where are the certs, are they self signed certs ? if yes you have to mention --tls-cert-file
and --tls-private-key-file
flags in your configmap for kubelet.
这篇关于Gitlab上的Kubernetes执行程序-错误:作业失败(系统故障):发布* api/v1/命名空间/gitlab/pods:x509:证书由未知授权机构签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!