setting up Helm cli resulting in fatal 'Error: remote error: tls: bad certificate'

Question

I am following https://github.com/rpsene/icp-scripts/blob/master/icp-310-single-node.sh to install CE version of ICP using docker. but resulting on below error

TASK [tiller : Deploying Tiller] ***********************************************
changed: [localhost]

TASK [tiller : Waiting for Tiller to start] ************************************
changed: [localhost]

TASK [helm-config : Setting up Helm cli] ***************************************
FAILED - RETRYING: Setting up Helm cli (10 retries left).
FAILED - RETRYING: Setting up Helm cli (9 retries left).
FAILED - RETRYING: Setting up Helm cli (8 retries left).
FAILED - RETRYING: Setting up Helm cli (7 retries left).
FAILED - RETRYING: Setting up Helm cli (6 retries left).
FAILED - RETRYING: Setting up Helm cli (5 retries left).
FAILED - RETRYING: Setting up Helm cli (4 retries left).
FAILED - RETRYING: Setting up Helm cli (3 retries left).
FAILED - RETRYING: Setting up Helm cli (2 retries left).
FAILED - RETRYING: Setting up Helm cli (1 retries left).
fatal: [localhost]: FAILED! => changed=true
  attempts: 10
  cmd: |-
    helm init --client-only --skip-refresh
     export HELM_HOME=~/.helm
     cp /installer/cluster/cfc-certs/helm/admin.crt $HELM_HOME/cert.pem
     cp /installer/cluster/cfc-certs/helm/admin.key $HELM_HOME/key.pem
     kubectl -n kube-system get pods -l app=helm,name=tiller
     helm list --tls
  delta: '0:00:02.447326'
  end: '2019-01-31 19:36:02.072940'
  msg: non-zero return code
  rc: 1
  start: '2019-01-31 19:35:59.625614'
  stderr: 'Error: remote error: tls: bad certificate'
  stderr_lines: <omitted>
  stdout: |-
    $HELM_HOME has been configured at /root/.helm.
    Not installing Tiller due to 'client-only' flag having been set
    Happy Helming!
    NAME                             READY     STATUS    RESTARTS   AGE
    tiller-deploy-546cd68bcb-b8wkw   1/1       Running   1          5h
  stdout_lines: <omitted>

PLAY RECAP *********************************************************************
192.168.17.131             : ok=159  changed=87   unreachable=0    failed=0
localhost                  : ok=75   changed=40   unreachable=0    failed=1

Playbook run took 0 days, 0 hours, 10 minutes, 10 seconds

Answer 1

Got this error after reinstalling kubernetes integration on gitlab.

The error on the kubernetes integration page was: "Something went wrong while installing GitLab Runner. Operation failed. Check pod logs for install-runner for more details."

It turned out that gitlab is not correctly removing any deployments/pods on google cloud console after deleting kubernetes integration.

To get pod logs:

kubectl -n gitlab-managed-apps get pods
kubectl -n gitlab-managed-apps logs [pod-name]

To solve the problem:

First remove your kubernetes integration on gitlab. Then delete the gitlab-managed-apps workspace.

gcloud config set project [project-id]
kubectl delete namespace gitlab-managed-apps

At the end re-add kubernetes integration.

Have fun.

Answer 2

Thank you Richard for your answer. From your answer get the glimpse and researched on it. Found out that certificate builder was outdated just updated that and voila it installed without an error.

Answer 3

You many need to upgrade the tiller-deploy by reinitiate it.

# use following command to check whether the tiller-deploy pod is running or not
$kubectl get pod -n kube-system

# delete tiller-deploy deployment
$kubectl delete deployment -n kube-system tiller-deploy

# use the same command to confirm that the tiller-deploy is deleted
$kubectl get pod -n kube-system

# use the command below to deploy tiller-deploy again
$helm init