Gitlab-runner remote error: tls: handshake failure

General Discussions
1

Hello,
I’m trying to get GitLab-Runner running on Kubernetes, I followed this guide from gitlab: GitLab Runner Helm Chart | GitLab

Cluster information:

Kubernetes version:

  • Client Version: v1.29.3
  • Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
  • Server Version: v1.29.3

Host OS: Debian 12
Helm Version: version.BuildInfo{Version:“v3.14.3”, GitCommit:“f03cc04caaa8f6d7c3e67cf918929150cf6f3f12”, GitTreeState:“clean”, GoVersion:“go1.21.7”}

image:
  registry: registry.gitlab.com
  image: gitlab-org/gitlab-runner

useTini: false

imagePullPolicy: IfNotPresent

gitlabUrl: https://gitlab.com/

runnerToken: '...'

terminationGracePeriodSeconds: 3600

concurrent: 10

shutdown_timeout: 0

checkInterval: 30

sessionServer:
  enabled: false

rbac:
  create: true

  rules:
    - resources: ['configmaps', 'events', 'pods', 'pods/attach', 'pods/exec', 'secrets', 'services']
      verbs: ['get', 'list', 'watch', 'create', 'patch', 'update', 'delete']
    - apiGroups: ['']
      resources: ['pods/exec']
      verbs: ['create', 'patch', 'delete']
    - apiGroups: ['']
      resources: ['pods/log']
      verbs: ['get']

  clusterWideAccess: true

  podSecurityPolicy:
    enabled: false
    resourceNames:
      - gitlab-runner

metrics:
  enabled: false

  portName: metrics

  port: 9252

  serviceMonitor:
    enabled: false

service:
  enabled: false

  type: ClusterIP

runners:
  config: |
    [[runners]]
      [runners.kubernetes]
        namespace = "{{.Release.Namespace}}"
        image = "alpine"

  configPath: ''

  cache: {}

securityContext:
  allowPrivilegeEscalation: false
  readOnlyRootFilesystem: false
  runAsNonRoot: true
  privileged: false
  capabilities:
    drop: ['ALL']

strategy: {}

podSecurityContext:
  runAsUser: 100

  fsGroup: 65533

resources: {}

affinity: {}

topologySpreadConstraints: {}

nodeSelector: {}

tolerations: []

extraEnv: {}

extraEnvFrom: {}

hostAliases: []

deploymentAnnotations: {}

deploymentLabels: {}

podAnnotations: {}

podLabels: {}

priorityClassName: ''

secrets: []

configMaps: {}

volumeMounts: []

volumes: []

extraObjects: []

I then executed this command
helm install --namespace infrastructure gitlab-runner -f values.yml gitlab/gitlab-runner

A pod is started but I get this message in the logs

Merging configuration from template file "/configmaps/config.template.toml" 
ERROR: Verifying runner... failed                   runner=-kTjuh1sU status=couldn't execute POST against https://gitlab.com/api/v4/runners/verify: Post "https://gitlab.com/api/v4/runners/verify": remote error: tls: handshake failure
PANIC: Failed to verify the runner.
2

kubectl describe pods gitlab-runner --namespace=infrastructure

  Normal   Scheduled  5m51s                  default-scheduler  Successfully assigned infrastructure/gitlab-runner-c8d9bc95-f5nck to vps-1456
  Warning  Unhealthy  4m21s (x3 over 4m41s)  kubelet            Liveness probe failed:
  Normal   Killing    4m21s                  kubelet            Container gitlab-runner failed liveness probe, will be restarted
  Warning  Unhealthy  4m21s                  kubelet            Readiness probe failed: cannot exec in a stopped state: unknown
  Normal   Pulled     4m20s (x2 over 5m50s)  kubelet            Container image "registry.gitlab.com/gitlab-org/gitlab-runner:alpine-v16.10.0" already present on machine
  Normal   Created    4m20s (x2 over 5m50s)  kubelet            Created container gitlab-runner
  Normal   Started    4m20s (x2 over 5m50s)  kubelet            Started container gitlab-runner
  Warning  Unhealthy  41s (x30 over 5m31s)   kubelet            Readiness probe failed: