如何将Azure AKS Kubernetes群集自签名CA添加到GitLab CI/CD Kubernetes集成中?

我正在尝试将Azure AKS Kubernetes群集添加到我的GitLab CI/CD Kubernetes集成中.

I'm trying to add my Azure AKS Kubernetes cluster to my GitLab CI/CD Kubernetes integration.

运行此命令后，可以在我的计算机上的集群上执行kubectl命令:

I can execute kubectl commands on the cluster from my pc, after I ran this command:

az aks get-credentials --resource-group <resource-group-name> --name <kubernetes-cluster-name>

它创建了一个.kube/config文件，其内容如下:

It created a .kube/config file with a content like this:

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: <some long base64 string here>
    server: https://<resource-group-name+some-hexadecimal-chars>.hcp.westeurope.azmk8s.io:443
  name: <kubernetes-cluster-name>
contexts:
- context:
    cluster: <kubernetes-cluster-name>
    user: clusterUser_<resource-group-name>_<kubernetes-cluster-name>
  name: <kubernetes-cluster-name>
current-context: <kubernetes-cluster-name>
kind: Config
preferences: {}
users:
- name: clusterUser_<resource-group-name>_<kubernetes-cluster-name>
  user:
    client-certificate-data: <some long base64 string here>
    client-key-data: <some long base64 string here>
    token: <some secret string of hexadecimal chars here>

在GitLab表单中，我必须输入以下字段:

In GitLab form, I have to input these fields:

1. Kubernetes群集名称
2. API URL
3. CA证书-证书颁发机构捆绑包(PEM格式)
4. 令牌
5. 项目名称空间(可选，唯一)

我尝试了这些值:

1. 我将我的<kubernetes-cluster-name>放在天蓝色上与群集名称匹配，在.kube/config文件上与群集名称匹配.
2. 我放置了从.kube/config文件复制的网址https://<resource-group-name+some-hexadecimal-chars>.hcp.westeurope.azmk8s.io:443.
3. 我首先尝试了.kube/config文件中的certificate-authority-data，但是没有用，我已经尝试了.kube/config文件中的所有三个base64字符串，但没有一个起作用.
4. 我放入了.kube/config文件中的令牌.
5. 将此保留为空，因为它是可选的.

1. I put my <kubernetes-cluster-name> to match the name of the cluster on azure and the cluster name on the .kube/config file.
2. I put the url https://<resource-group-name+some-hexadecimal-chars>.hcp.westeurope.azmk8s.io:443 copied from the .kube/config file.
3. I tried first the certificate-authority-data from the .kube/config file, but didn't work and I already tried all three base64 strings from the .kube/config file, none worked.
4. I put the token from the .kube/config file.
5. Leave this empty, as it is optional.

在GitLab中，当我尝试按Install按钮安装Helm Tiller时，出现此错误:

In GitLab, When I try to hit the button Install to install the Helm Tiller, I got this error:

Something went wrong while installing Helm Tiller
Can't start installation process. nested asn1 error

有时我会收到此错误:

Kubernetes error: SSL_connect returned=1 errno=0 state=error: certificate verify failed

自昨天以来，我一直在努力使它正常运行，在Google上搜索了很多它，但是没有找到任何东西.

I'm trying to make this to work since yesterday, had google it a lot and doesn't find anything.

我认为问题出在第三个字段，即CA证书，也许还有其他方法可以从命令行az或kubectl获取此内容.

I think the problem is with this 3rd field, the CA Certificate, maybe there are some other way to get this content from the command line az or kubectl.

这里是否有人已经将Kubernetes从GitLab集成到Azure AKS了?

Are there someone here that already got this Kubernetes integration from GitLab to Azure AKS working?