Commit ecae2c48 authored by Alexander Strachan's avatar Alexander Strachan Committed by Evan Read

Resolve "Add troubleshooting section to capture errors with installing...

Resolve "Add troubleshooting section to capture errors with installing applications to a Kubernetes cluster"
parent aeeba4be
...@@ -314,12 +314,6 @@ install it manually. ...@@ -314,12 +314,6 @@ install it manually.
## Installing applications ## Installing applications
NOTE: **Note:**
Before starting the installation of applications, make sure that time is synchronized
between your GitLab server and your Kubernetes cluster. Otherwise, installation could fail
and you may get errors like `Error: remote error: tls: bad certificate`
in the `stdout` of pods created by GitLab in your Kubernetes cluster.
GitLab provides a one-click install for various applications which can GitLab provides a one-click install for various applications which can
be added directly to your configured cluster. Those applications are be added directly to your configured cluster. Those applications are
needed for [Review Apps](../../../ci/review_apps/index.md) and needed for [Review Apps](../../../ci/review_apps/index.md) and
...@@ -378,6 +372,29 @@ Upgrades will reset values back to the values built into the `runner` ...@@ -378,6 +372,29 @@ Upgrades will reset values back to the values built into the `runner`
chart plus the values set by chart plus the values set by
[`values.yaml`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/vendor/runner/values.yaml) [`values.yaml`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/vendor/runner/values.yaml)
### Troubleshooting applications
Applications can fail with the following error:
```text
Error: remote error: tls: bad certificate
```
To avoid installation errors:
- Before starting the installation of applications, make sure that time is synchronized
between your GitLab server and your Kubernetes cluster.
- Ensure certificates are not out of sync. When installing applications, GitLab expects a new cluster with no previous installation of Tiller.
You can confirm that the certificates match via `kubectl`:
```sh
kubectl get configmaps/values-content-configuration-ingress -n gitlab-managed-apps -o \
"jsonpath={.data['cert\.pem']}" | base64 -d > a.pem
kubectl get secrets/tiller-secret -n gitlab-managed-apps -o "jsonpath={.data['ca\.crt']}" | base64 -d > b.pem
diff a.pem b.pem
```
## Getting the external endpoint ## Getting the external endpoint
NOTE: **Note:** NOTE: **Note:**
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment