Hello everyone,
I’m setuping a self-hosted Gitlab for internal use only, I have a running Gitlab Omnibus (v15.7) instance with self-signed certificate and a single node kubernetes (v1.26.2) running on another VM. I managed to get a gitlab-runner-controller-manager running (installed through operator) but now I have an issue when I try to get a runner running, here is my runner yml definition :
apiVersion: apps.gitlab.com/v1beta2
kind: Runner
metadata:
name: gitlab-runner
spec:
gitlabUrl: https://gitlab.example.local
buildImage: alpine
token: gitlab-runner-secret
ca: gitlab-cert
“gitlab-cert” is a secret holding my Gitlab self-signed cert, created based on this documentation : Configuring GitLab Runner on OpenShift | GitLab
When I try to apply my runner yml I get this error :
Error from server (InternalError): error when creating “gitlab-runner.yml”: Internal error occurred: failed calling webhook “mrunner.kb.io”: failed to call webhook: Post “https://gitlab-runner-controller-manager-service.operators.svc:443/mutate-apps-gitlab-com-v1beta2-runner?timeout=10s”: Service Unavailable
I verified if the URL in the error is reachable with a redhat/ubi8 image (note that I use the insecure -k option) :
sh-4.4# curl -k -I -L https://gitlab-runner-controller-manager-service.operators.svc:443/mutate-apps-gitlab-com-v1beta2-runner?timeout=10s
HTTP/2 200
content-type: text/plain; charset=utf-8
content-length: 128
date: Tue, 28 Mar 2023 09:58:08 GMT
If I check used certificate with this URL I’m seeing this :
- Server certificate:
- subject: O=Red Hat, Inc.; CN=gitlab-runner-controller-manager-service.operators
- start date: Mar 27 12:29:13 2023 GMT
- expire date: Mar 26 12:29:13 2025 GMT
- issuer: O=Red Hat, Inc.; CN=olm-selfsigned-5e1746db4db712
- SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
Does anybody know what am I doing wrong here ? Any help would be welcome
Best regards