Kubernetes CA or token are not valid

I’m trying to setup a local gitlab instance (inside docker on Host A) to access a Kubernetes Cluster (using rancher on Host B).

I followed the steps on Adding and removing Kubernetes clusters | GitLab

However I get: “There was a problem authenticating with your cluster. Please ensure your CA Certificate and Token are valid.”
This issue arises when I connect it on project level and also on instance level.

So I checked the cert, like they write in the docs, which tells me:
DNS:localhost, DNS:rancher.cattle-system, IP Address:10.0.0.73, IP Address:127.0.0.1, IP Address:172.17.0.4

10.0.0.73 is the IP of host B, so everything seems fine.

The URL to the cluster is https://10.0.0.73:4443 without trailing slashes.

I also think the token is correctly configured:


I also checked that there are no newlines nor spaces within the token.

I also checked tail -f logs/gitlab-rails/kubernetes.log which stays empty.

I would really appreciate if anyone could point me in the correct direction.

That is a generic error saying it couldn’t connect. It could be anything from a network issue where the connection timeouts to invalid CA or token.
There was a lot of issues with GitLab - Rancher integration in the past and I am not sure if it was fixed already. From what I can remember you cannot use the values that Rancher provides and must extract it from the cluster directly.

Kubernetes API is usually on port 6443.

You can take a look at Rancher 2.2 - Gitlab integration - Not working · Issue #19272 · rancher/rancher · GitHub for some guides how to set it up.

1 Like

Thank you, this fixed my Problem.
This issue was, that gitlab was not able to connect to the cluster (since my port was wrong. I’m new to k8s and I thought 4443 is correct since this is the rancher port - I mapped it from 443 to 4443)

For other People struggeling, the correct address is not the Adresse of the rancher server.
In my example it was https://10.0.0.73:6443

@gitlabteam - I really would appreciate having clearer error messages or at least logging info