I’m using Gitlab EE (13.7.0-pre) through gitlab.com.
I’m following this tutorial to create and add a new EKS Kubernetes cluster to my project.
In many attempts, the cluster and its resources were created seamlessly in GitLab operations, AWS CloudFormation, EKS, EC2 (nodes) and etc.
But after the completion and the success message, I don’t have any information about the cluster or new runners in Gitlab. But in AWS the cluster was created without errors and with successful messages in CloudFormation and EKS.
In GitLab I have “Unknown Error” and “Unable to Connect” messages, and every attempt to install applications (like Prometheus) runs until timeout.
This is the police attached to my role (like the doc)
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: [
“autoscaling:CreateAutoScalingGroup”,
“autoscaling:DescribeAutoScalingGroups”,
“autoscaling:DescribeScalingActivities”,
“autoscaling:UpdateAutoScalingGroup”,
“autoscaling:CreateLaunchConfiguration”,
“autoscaling:DescribeLaunchConfigurations”,
“cloudformation:CreateStack”,
“cloudformation:DescribeStacks”,
“ec2:AuthorizeSecurityGroupEgress”,
“ec2:AuthorizeSecurityGroupIngress”,
“ec2:RevokeSecurityGroupEgress”,
“ec2:RevokeSecurityGroupIngress”,
“ec2:CreateSecurityGroup”,
“ec2:createTags”,
“ec2:DescribeImages”,
“ec2:DescribeKeyPairs”,
“ec2:DescribeRegions”,
“ec2:DescribeSecurityGroups”,
“ec2:DescribeSubnets”,
“ec2:DescribeVpcs”,
“eks:CreateCluster”,
“eks:DescribeCluster”,
“iam:AddRoleToInstanceProfile”,
“iam:AttachRolePolicy”,
“iam:CreateRole”,
“iam:CreateInstanceProfile”,
“iam:CreateServiceLinkedRole”,
“iam:GetRole”,
“iam:ListRoles”,
“iam:PassRole”,
“ssm:GetParameters”
],
“Resource”: “*”
}
]
}
This is my service role (I tried many variations for the docs. This last was created from CloudFormation template):
