Hello, we have a private gitlab server and I am trying to connect a DO kubernetes cluster to our CI/CD. On the setup page, I have the following fields:
Kubernetes cluster name API URL CA Certificate Token Project namespace (optional, unique)
From the config file generated from the DO kubernetes page, I have the cluster name and CA Certificate. What is the API URL and Token that I must use here?
Thanks, David
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
For installing Helm, described rights was not enough for me. I have to do this:
I figured out how add a DigitalOcean Cluster to GitLab. The steps I took (set up your kubectl to use your DigitalOcean Cluster first):
create a new namespace
kubectl create namespace gitlabkubesandbox
switch to that new namespacekubectl config set-context $(kubectl config current-context) --namespace=gitlabkubesandbox
create a service accountkubectl create -f - <<EOF apiVersion: v1 kind: ServiceAccount metadata: name: gitlab EOF
make the new service account cluster adminkubectl create clusterrolebinding gitlab-cluster-admin-binding --clusterrole=cluster-admin --serviceaccount=gitlabkubesandbox:gitlab
describe the new service accountkubectl describe serviceAccounts gitlab
get the secretkubectl describe secret [secret name found in the response form above]
copy the token start the dashboardkubectl proxy
open the dashboard in your browser http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/ switch to the namespace “gitlabkubesandbox” go to secrets => the secret from aboveValues for GitLab: Kubernetes cluster name: whatever API URL: cluster server from the kubeconfig.yml CA Certificate: ca.crt from the Dashboard Token: token from the Dashboard Project namespace: gitlabkubesandbox Check RBAC-enabled when adding the Cluster to GitLab.
Done!
I figured out how add a DigitalOcean Cluster to GitLab. The steps I took (set up your kubectl to use your DigitalOcean Cluster first):
create a new namespace
kubectl create namespace gitlabkubesandbox
switch to that new namespacekubectl config set-context $(kubectl config current-context) --namespace=gitlabkubesandbox
create a service accountkubectl create -f - <<EOF apiVersion: v1 kind: ServiceAccount metadata: name: gitlab EOF
make the new service account cluster adminkubectl create clusterrolebinding gitlab-cluster-admin-binding --clusterrole=cluster-admin --serviceaccount=gitlabkubesandbox:gitlab
describe the new service accountkubectl describe serviceAccounts gitlab
get the secretkubectl describe secret [secret name found in the response form above]
copy the token start the dashboardkubectl proxy
open the dashboard in your browser http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/ switch to the namespace “gitlabkubesandbox” go to secrets => the secret from aboveValues for GitLab: Kubernetes cluster name: whatever API URL: cluster server from the kubeconfig.yml CA Certificate: ca.crt from the Dashboard Token: token from the Dashboard Project namespace: gitlabkubesandbox Check RBAC-enabled when adding the Cluster to GitLab.
Done!
If you are getting a Kubernetes Error 401 it means your Token is incorrect as it was in my case. Here I was using a token from an API tab in the Dashboard BUT should really create the Token by command line like recommended. After generating a user and a token using kubectl commands and changing the Token the installation of Helm worked perfectly. Hope it helps!
I have create a small project under https://devops.ck99.io/ck/gitlab-kubernetes-setup
This contains a summary in a script “setup.sh” with all the steps discussed here.
This comment has been deleted
Hi John, thanks for your help.
I am using the OD <beta> kubernetes. I managed to enter on the console and when I run the kubectl config view, everything is empty…
I’m sorry but I don’t have too much experience with Kubernetes.
Thanks, David
Hey there - would the below two commands help?
Just copy what shows in the terminal when you run those. May be applicable to you.
https://kubernetes.io/docs/tasks/administer-cluster/access-cluster-api/#without-kubectl-proxy