Failing to install Gitlab-Runner from Kubernetes intergration page

I’ve been struggling onto getting my local Kubernetes cluster to work with my GitLab instance.

When attempting to install GitLab-runner/Ingress/Prometheus from a repositories Kubernetes Applications one click install I get the following output:

Looking at my Kubernetes cluster’s logs for the install-runner pod i get the following logs:

$ kubectl -n gitlab-managed-apps logs install-runner
"runner" has been added to your repositories
Error: remote error: tls: bad certificate

From my tiller-deploy pod I also found this log:

$ kubectl -n gitlab-managed-apps logs  tiller-deploy-6cc8b46cf-wv2m4 tiller
[main] 2018/10/19 17:45:50 Starting Tiller v2.7.2 (tls=true)
[main] 2018/10/19 17:45:50 GRPC listening on :44134
[main] 2018/10/19 17:45:50 Probes listening on :44135
[main] 2018/10/19 17:45:50 Storage driver is ConfigMap
[main] 2018/10/19 17:45:50 Max history per release is 0
2018/10/19 17:46:44 grpc: Server.Serve failed to complete security handshake from "": tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid

Note I was able to connect to my Kubernetes cluster and install Helm with the one-click install button. It seem though the Gitlab installed helm pod is having issues.

Additionally, I’m somewhat lost onto obtain more logs or reports on this error. Any assistance is appreciated!

First Host:

  • Ubuntu 18.04 host
  • GitLab Enterprise Edition 11.3.6-ee

Second Host:

  • Ubuntu 18.04 host
  • Fresh Kubernetes cluster made with kubeadm

Other info:

  • Both Hosts on the same internal network.
  • Host 1 has valid certs
  • Host 2 has self signed certs created by kubeadm
  • Kubernetes is integrated with GitLab with the Host 2 CA cert, and RBAC-enabled cluster checked.
  • possibly related issue


It makes sense to check the time-sync between your GitLab instance and kubernetes cluster. I had the same problem for my GitLab instance. After setting up ntp and syncing time, it became possible to install ingress and other applications.


Turns out there was a huge time sync issue between both my servers (+24 mins) :grimacing:

Your hint to check the time solved my issue with the installations TLS cert issues and allowed the gitlab-runner to be installed!

Many Thanks!