gitlab-ci can not exec in K8S

I use gitlab-ci run the code test build deploy. I want run it in K8S The runner run in CENTOS 7 config like below


concurrent = 1
check_interval = 0

[[runners]]
  name = "k8s"
  url = "https://domain"
  token = "68474e7c93c0e019fc0f748a5rffdr"
  executor = "kubernetes"
  [runners.cache]
  [runners.kubernetes]
    host = "https://IP:6443"
    cert_file = "/etc/gitlab-runner/ssl/kubernetes.pem"
    key_file = "/etc/gitlab-runner/ssl/kubernetes-key.pem"
    ca_file = "/etc/gitlab-runner/ssl/ca.pem"
    image_pull_secrets = ["2017"]
    privileged = true
    namespace = "gitlab"
    image = "docker:dind"
    service_memory_limit = "2Gi"
    cpu_limit = "1"
    service-account = "default"

When i run Pipelines i get below

Running with gitlab-ci-multi-runner 9.3.0 (3df822b)
  on k8s (68474e7c)  job=403 project=359 runner=68474e7c
Shell configuration: environment: []
dockercommand:
- sh
- -c
- "if [ -x /usr/local/bin/bash ]; then\n\texec /usr/local/bin/bash \nelif [ -x /usr/bin/bash
  ]; then\n\texec /usr/bin/bash \nelif [ -x /bin/bash ]; then\n\texec /bin/bash \nelif
  [ -x /usr/local/bin/sh ]; then\n\texec /usr/local/bin/sh \nelif [ -x /usr/bin/sh
  ]; then\n\texec /usr/bin/sh \nelif [ -x /bin/sh ]; then\n\texec /bin/sh \nelse\n\techo
  shell not found\n\texit 1\nfi\n\n"
command: bash
arguments: []
passfile: false
extension: ""
  job=403 project=359 runner=68474e7c
Configuration entry 'namespace_overwrite_allowed' is empty, using configured namespace.  job=403 project=359 runner=68474e7c
Configuration entry 'service_accunt_overwrite_allowed' is empty, disabling override.  job=403 project=359 runner=68474e7c
Using Kubernetes namespace: gitlab                  job=403 project=359 runner=68474e7c
Using Kubernetes executor with image docker:git ...  job=403 project=359 runner=68474e7c
Waiting for signals...                              job=403 project=359 runner=68474e7c
Starting Kubernetes command...                      job=403 project=359 runner=68474e7c
ERROR: Job failed (system failure): the server does not allow access to the requested resource (post secrets)  job=403 project=359 runner=68474e7c
Submitting job to coordinator... ok                 job=403 runner=68474e7c
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x48 pc=0x4c832d]

The runner exit. I alse create the Role and Rolebindings ,the same things happen


kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  namespace: gitlab
  name: gitlab-admin

rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]

kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: gitlab-admin
  namespace: gitlab
subjects:
- kind: ServiceAccount
  name: default
  namespace: gitlab
roleRef:
  kind: Role
  name: gitlab-admin
  apiGroup: rbac.authorization.k8s.io

Anyone can help me ! Thanks

Edited Jun 28, 2017 by eddie wen