MountVolume.SetUp failed for volume "init-runner-secrets"
I am trying to install the Gitlab Runner from within a "Cluster Management Project" as described here: https://docs.gitlab.com/ee/user/infrastructure/clusters/manage/management_project_applications/runner.html
But the runner releas will not go pass the init status:
NAME READY STATUS RESTARTS AGE pod/runner-gitlab-runner-7fdb67b87-jtnct 0/1 Init:0/1 0 16m
Kubernetes cluster: v1.20.8-gke.900
Cluster Management Project
applications/gitlab-runner/helmfile.yaml
repositories:
- name: gitlab
url: https://charts.gitlab.io
releases:
- name: runner
namespace: gitlab-managed-apps
chart: gitlab/gitlab-runner
version: 0.32.0
installed: true
values:
- values.yamlapplications/gitlab-runner/values.yaml
## REQUIRED VALUES
# gitlabUrl: "" # Injected with ci/cd variables
# runnerRegistrationToken: "" # Injected with ci/cd variables
## Configure the maximum number of concurrent jobs
## - Documentation: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section
## - Default value: 10
## - Currently don't support auto-scaling.
concurrent: 4
## Defines in seconds how often to check GitLab for a new builds
## - Documentation: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section
## - Default value: 3
checkInterval: 30
## For RBAC support
rbac:
create: true
clusterWideAccess: true
## Configuration for the Pods that that the runner launches for each new job
runners:
image: ubuntu:20.04
builds: {}
services: {}
helpers: {}
## Specify the tags associated with the runner. Comma-separated list of tags.
## - Documentation: https://docs.gitlab.com/ce/ci/runners/#using-tags
tags: kubernetes
## Run all containers with the privileged flag enabled
## This will allow the docker:dind image to run if you need to run Docker
## commands. Please read the docs before turning this on:
## - Documentation: https://docs.gitlab.com/runner/executors/kubernetes.html#using-docker-dind
privileged: true
resources: {}CI/CD Variables:
Problem "MountVolume.SetUp failed for volume "init-runner-secrets""
$ kubectl describe pod/runner-gitlab-runner-7fdb67b87-jtnct
Name: runner-gitlab-runner-7fdb67b87-jtnct
Namespace: gitlab-managed-apps
Priority: 0
Node: gke-gitlab-default-pool-00a7cdcb-7p4s/10.164.0.7
Start Time: Mon, 30 Aug 2021 15:59:39 +0200
Labels: app=runner-gitlab-runner
chart=gitlab-runner-0.32.0
heritage=Helm
pod-template-hash=7fdb67b87
release=runner
Annotations: checksum/configmap: ccc68b55f8e3eab61a6c86fbbb9b315fc312bcc7aa94ec8b4e94f79cbafd47d1
checksum/secrets: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
prometheus.io/port: 9252
prometheus.io/scrape: true
Status: Pending
IP:
IPs: <none>
Controlled By: ReplicaSet/runner-gitlab-runner-7fdb67b87
Init Containers:
configure:
Container ID:
Image: gitlab/gitlab-runner:alpine-v14.2.0
Image ID:
Port: <none>
Host Port: <none>
Command:
sh
/configmaps/configure
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Environment:
CI_SERVER_URL:
CLONE_URL:
RUNNER_EXECUTOR: kubernetes
REGISTER_LOCKED: true
RUNNER_TAG_LIST: kubernetes
KUBERNETES_IMAGE: ubuntu:20.04
KUBERNETES_PRIVILEGED: true
Mounts:
/configmaps from configmaps (ro)
/init-secrets from init-runner-secrets (ro)
/secrets from runner-secrets (rw)
/var/run/secrets/kubernetes.io/serviceaccount from runner-gitlab-runner-token-fprlm (ro)
Containers:
runner-gitlab-runner:
Container ID:
Image: gitlab/gitlab-runner:alpine-v14.2.0
Image ID:
Port: 9252/TCP
Host Port: 0/TCP
Command:
/bin/bash
/configmaps/entrypoint
State: Waiting
Reason: PodInitializing
Ready: False
Restart Count: 0
Liveness: exec [/bin/bash /configmaps/check-live] delay=60s timeout=1s period=10s #success=1 #failure=3
Readiness: exec [/usr/bin/pgrep gitlab.*runner] delay=10s timeout=1s period=10s #success=1 #failure=3
Environment:
CI_SERVER_URL:
CLONE_URL:
RUNNER_EXECUTOR: kubernetes
REGISTER_LOCKED: true
RUNNER_TAG_LIST: kubernetes
KUBERNETES_IMAGE: ubuntu:20.04
KUBERNETES_PRIVILEGED: true
Mounts:
/configmaps from configmaps (rw)
/home/gitlab-runner/.gitlab-runner from etc-gitlab-runner (rw)
/secrets from runner-secrets (rw)
/var/run/secrets/kubernetes.io/serviceaccount from runner-gitlab-runner-token-fprlm (ro)
Conditions:
Type Status
Initialized False
Ready False
ContainersReady False
PodScheduled True
Volumes:
runner-secrets:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium: Memory
SizeLimit: <unset>
etc-gitlab-runner:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium: Memory
SizeLimit: <unset>
init-runner-secrets:
Type: Projected (a volume that contains injected data from multiple sources)
SecretName: runner-gitlab-runner
SecretOptionalName: <nil>
configmaps:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: runner-gitlab-runner
Optional: false
runner-gitlab-runner-token-fprlm:
Type: Secret (a volume populated by a Secret)
SecretName: runner-gitlab-runner-token-fprlm
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 3m27s default-scheduler Successfully assigned gitlab-managed-apps/runner-gitlab-runner-7fdb67b87-jtnct to gke-gitlab-default-pool-00a7cdcb-7p4s
Warning FailedMount 84s kubelet Unable to attach or mount volumes: unmounted volumes=[init-runner-secrets], unattached volumes=[runner-gitlab-runner-token-fprlm etc-gitlab-runner runner-secrets configmaps init-runner-secrets]: timed out waiting for the condition
Warning FailedMount 79s (x9 over 3m27s) kubelet MountVolume.SetUp failed for volume "init-runner-secrets" : secret "runner-gitlab-runner" not foundWork around
When I hardcode the runnerRegistrationToken in the values file, the runner is working perfectly. But I prefer not to commit such a secret in the project.