Kubernetes-Integration: There was a problem authenticating with your cluster. Please ensure your CA Certificate and Token are valid

Hello together,

we have GitLab running on our local server and also a kubernetes cluster. I want to use the kubernetes integration to deploy the runner on our cluster.

So I followed the instructions on the documentation site and everything went like described:

https://docs.gitlab.com/ee/user/project/clusters/add_remove_clusters.html#existing-kubernetes-cluster

After i saved alle options (including ip, cert and token) i get the following error:

There was a problem authenticating with your cluster. Please ensure your CA Certificate and Token are valid. 

I verified token and cert with an curl call with exact the same data and i got a valid result from the kubernetes cluster. Furthermore i made the curl call also from our gitlab server machine so that there is no firewall-problem. This worked aswell.

I tailed and grepped the latest logs but the ip adress was not found.

Do you have any ideas, what the problem might be? Are there log files where to look after the connection attempt?

Thanks

2 Likes

I’m experiencing the same issue myself. I have not yet resolved it, but here’s what I’ve found so far.

To see a log of the error, you can:

tail -F /var/log/gitlab/gitlab-rails/kubernetes.log

And also:

tail -F /var/log/gitlab/gitlab-rails/production.log

In my case, I use LetsEncrypt for the Kubernetes server. It works fine when I test with CURL, but Gitlab doesn’t like it. I downloaded the root certificates and reconfigured gitlab, like so:

wget https://letsencrypt.org/certs/isrgrootx1.pem.txt -O /etc/gitlab/trusted-certs/isrgrootx1.pem
wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt -O /etc/gitlab/trusted-certs/lets-encrypt-x3-cross-signed.pem
sudo rm /var/opt/gitlab/trusted-certs-directory-hash
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart

But I am still getting the same error when trying to add the Kubernetes cluster to my project.

I’m still researching, if I find something I’ll add another response here.

Hello,

the solution in my case was very simple. I entered the kubernetes adress including the path to the api. I missread the documentation at one point. After I corrected the value and set it only to the kubernetes adress, it worked.

Hope it is also that easy in your case.

1 Like

Here is my solution.
I generate the token according the documentation.
But when I copy the token, my shell soft-wrap the token and ADD new line charater add the end of each line, which cause the error!

1 Like

Wow, can’t believe this is actually the solution to the issue i had !