premium - integrating EKS with Gitlab Kubernetes Agent - agent can't reach wss address

I’m trying to use gitlab ci to deploy applications from individual projects in our account to a new EKS cluster.

We use, and I am able to get through the process including installing the gitlab-kubernetes-agent into the cluster. However, when I check the logs of the running pod of the agent, I get the error:

{“level”:“error”,“time”:“2021-10-01T16:30:39.686Z”,“msg”:“Error handling a connection”,“mod_name”:“reverse_tunnel”,“error”:“Connect(): rpc error: code = Unavailable desc = connection error: desc = “transport: Error while dialing failed to WebSocket dial: failed to send handshake request: Get \“\”: dial tcp: i/o timeout””}

I found an error about not having a trailing slash on wss:// - and at first I didn’t have that but I corrected it, and I used this to install that agent:

docker run --pull=always --rm generate --agent-token=AGENT_TOKEN --kas-address=wss:// --agent-version=stable --namespace gitlab-kubernetes-agent | kubectl apply -f

… and, as you can see the error message does include the trailing slash as well.

So - I am unsure about why the agent is unable to make this connection. The security group on these nodes allows full outbound internet access.

1 Like

Using Hetzner Cloud - three nodes. Tried same commands and fixes but same problems. Any idea?

Hello. I guess it’s obvious for those who have been working with Kubernetes for a longer time, but my connection problems went away after enabling the coredns service/addon or whatever, which was disabled by default on a fresh install of microk8s. On microk8s the fix was as simple as running

microk8s enable dns
Might not be your case but I personally had a hard time with this as the beginner I am. Hope it helps.

1 Like

Thx @leminix-fi - In my case you were right. There was a problem with dns. Fixed it now and agent / runner works