目前我有一个Kubernetes集群准备与Gitlab-runner及其kubernetes执行器一起使用,我想从不同的Openshift集群中使用它,所以我有两个不同的分离集群。
我目前正在使用 config.toml 在Openshift pod上运行Gitlab-runner图像,遵循here中的文档:
concurrent = 1
check_interval = 10
[[runners]]
name = "size-XL"
url = "https://blablabla/ci"
token = "blablabla"
executor = "kubernetes"
[runners.kubernetes]
namespace = "gitlab"
privileged = false
host= "https://blablabla:6443"
cert_file= "/etc/ssl/certs/cert.pem"
key_file= "/etc/ssl/certs/key.pem"
ca_keyfile= "/etc/ssl/certs/ca.pem"
cpu_limit = "4"
memory_limit = "6Gi"
service_cpu_limit = "1"
service_memory_limit = "2Gi"
helper_cpu_limit = "2"
helper_memory_limit = "2Gi"
cpu_request = "1"
memory_request = "2Gi"
service_cpu_request = "250Mi"
service_memory_request = "512Mi"
helper_cpu_request = "250Mi"
helper_memory_request = "512Mi"
service-account = "test"
service_account_overwrite_allowed = ".*"
image = "blablabla"
我的问题是,即使它能够连接到K8s群集并开始挑选作业,但只要它能够这样做,我就明白了:
Checking for jobs... received job=17311 repo_url=https://blablabla.git runner=c36ccf98
WARNING: Preparation failed: error connecting to Kubernetes: ca file, cert file and key file must be specified when using file based auth job=17311 project=3128 runner=c36ccf98
Will be retried in 3s ... job=17311 project=3128 runner=c36ccf98
WARNING: Preparation failed: error connecting to Kubernetes: ca file, cert file and key file must be specified when using file based auth job=17311 project=3128 runner=c36ccf98
Will be retried in 3s ... job=17311 project=3128 runner=c36ccf98
WARNING: Preparation failed: error connecting to Kubernetes: ca file, cert file and key file must be specified when using file based auth job=17311 project=3128 runner=c36ccf98
Will be retried in 3s ... job=17311 project=3128 runner=c36ccf98
ERROR: Job failed (system failure): error connecting to Kubernetes: ca file, cert file and key file must be specified when using file based auth job=17311 project=3128 runner=c36ccf98
我没有运气,任何想法?
答案 0 :(得分:0)
ca_keyfile= "/etc/ssl/certs/ca.pem"
实际上是问题所在。因为它只是ca_file而不是ca_keyfile