GitLab Runner Registration Failed — Fix Guide (2026)
GitLab Runner failing to register, showing offline, or not picking up jobs? Here's how to debug and fix runner registration and connection issues.
Runner registration errors, offline runners, or jobs stuck in pending — here's the systematic fix for GitLab Runner issues.
Common Error Messages
# Registration fails
ERROR: Registering runner... failed
runner=abc123
status=couldn't execute POST against https://gitlab.com/api/v4/runners:
Post "https://gitlab.com/api/v4/runners": dial tcp: connection refused
# Runner shows offline
Shared Runner #1234 is offline
# Jobs stuck
This job is stuck because the project doesn't have any runners online assigned to it.
# Token error
ERROR: Registering runner... failed
status=404 Not FoundStep 1: Check Runner Status
# For self-managed runner
gitlab-runner status
# or
systemctl status gitlab-runner
# Check runner list
gitlab-runner list
# Verify runner can reach GitLab
curl -v https://gitlab.com/api/v4/runners/verify \
--request POST \
--form "token=<runner-token>"Fix 1: Invalid or Expired Registration Token
Registration tokens expire and rotate. Most "registration failed" errors are stale tokens.
# Get a fresh registration token from GitLab:
# Project → Settings → CI/CD → Runners → Registration token
# Re-register with fresh token
gitlab-runner register \
--url https://gitlab.com \
--registration-token <fresh-token> \
--executor docker \
--docker-image alpine:latest \
--description "my-runner" \
--non-interactive
# Verify
gitlab-runner verifyNote: In GitLab 16+, the old registration token system was deprecated in favor of Runner Authentication Tokens. If you're on 16+:
# New way (GitLab 16+)
# Create runner in GitLab UI first: Admin → CI/CD → Runners → New runner
# Get the token from the UI, then:
gitlab-runner register \
--url https://gitlab.com \
--token <runner-authentication-token> \
--executor docker \
--docker-image alpine:latest \
--non-interactiveFix 2: Network Connectivity Issues
Runner can't reach GitLab server:
# Test connectivity
curl -v https://gitlab.com
# If using self-hosted GitLab
curl -v https://your-gitlab.company.com
# Check DNS resolution
nslookup gitlab.com
# Check if port 443 is open
nc -zv gitlab.com 443
# Check firewall rules (Linux)
iptables -L -n | grep 443If you're behind a corporate proxy:
# Set proxy in runner config
# Edit /etc/gitlab-runner/config.toml
[[runners]]
environment = ["HTTPS_PROXY=http://proxy.company.com:8080", "HTTP_PROXY=http://proxy.company.com:8080"]Fix 3: Docker Executor Issues
For Docker executor runners:
# Check Docker is running
systemctl status docker
# Check runner can use Docker
docker ps
# Runner user needs to be in docker group
usermod -aG docker gitlab-runner
# Restart runner after adding to docker group
systemctl restart gitlab-runnerFix 4: Kubernetes Runner Not Picking Up Jobs
For runners deployed in Kubernetes (Helm chart):
# Check runner pods are running
kubectl get pods -n gitlab
# Check logs
kubectl logs -n gitlab -l app=gitlab-runner --tail=50
# Check runner config
kubectl get configmap -n gitlab gitlab-runner -o yamlCommon Kubernetes runner issues:
Wrong namespace permissions:
# The runner service account needs permission to create pods
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: gitlab-runner
namespace: gitlab
rules:
- apiGroups: [""]
resources: ["pods", "pods/exec", "pods/log", "secrets", "configmaps"]
verbs: ["get", "list", "watch", "create", "delete", "update", "patch"]Runner tag mismatch:
# In your .gitlab-ci.yml
build:
tags:
- kubernetes # must match runner's tags
script:
- echo "building"# Check what tags the runner has
kubectl get configmap -n gitlab gitlab-runner -o yaml | grep tagsFix 5: Runner Config File Issues
The runner config is at /etc/gitlab-runner/config.toml:
concurrent = 4
check_interval = 0
[[runners]]
name = "my-runner"
url = "https://gitlab.com"
token = "runner-authentication-token"
executor = "docker"
[runners.docker]
tls_verify = false
image = "alpine:latest"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
shm_size = 0Common config mistakes:
- Wrong
url— must end with/or not, consistently concurrenttoo low — runner won't pick up new jobs while at limit- Missing
volumesfor caching — each job reinstalls dependencies
Fix 6: SSL Certificate Errors
# Error: x509: certificate signed by unknown authority
gitlab-runner register \
--tls-ca-file /path/to/ca.crt \
...
# Or disable TLS verification (not for production)
[[runners]]
tls-skip-verify = trueFor self-hosted GitLab with custom CA:
# Copy CA cert to system store
cp your-ca.crt /usr/local/share/ca-certificates/
update-ca-certificates
# Restart runner
systemctl restart gitlab-runnerFix 7: Runner Shows Online But Jobs Still Pending
Jobs pending with an online runner usually means tag mismatch or runner is locked:
# In .gitlab-ci.yml — if no tags specified, job only runs on untagged runners
# Add or remove tags to match your runner
# Check if runner is locked to a specific project
# GitLab UI: Runner settings → "Lock to current projects"
# Unlock it or assign to the projectDebugging Checklist
# 1. Check runner service
systemctl status gitlab-runner
# 2. Check logs (most useful)
journalctl -u gitlab-runner -n 50
tail -f /var/log/gitlab-runner/gitlab-runner.log
# 3. Run in debug mode
gitlab-runner --debug run
# 4. Verify token is valid
gitlab-runner verify --delete
# 5. Test connectivity
curl https://gitlab.com/api/v4/version
# 6. Re-register if needed
gitlab-runner unregister --all-runners
gitlab-runner register ...Quick summary:
- Registration fails → fresh token from GitLab UI (GitLab 16+ uses new token format)
- Network error → check firewall, proxy, DNS
- Docker executor → ensure Docker running, runner user in docker group
- K8s runner pending → check RBAC, runner tags match pipeline tags
- SSL error → add CA cert or configure
tls-ca-file - Jobs pending with online runner → tag mismatch or runner locked to different project
Stay ahead of the curve
Get the latest DevOps, Kubernetes, AWS, and AI/ML guides delivered straight to your inbox. No spam — just practical engineering content.
Related Articles
CI/CD Pipeline Is Broken: How to Debug and Fix GitHub Actions, Jenkins & ArgoCD Failures (2026)
Your CI/CD pipeline failed and you don't know why. This complete debugging guide covers GitHub Actions, Jenkins, and ArgoCD failures with real error messages and step-by-step fixes.
Docker Build Taking Too Long — Cache and Speed Fixes (2026)
Docker builds taking 10+ minutes every time? Here's how to fix layer caching, use BuildKit properly, and cut build times by 80% with multi-stage builds and cache mounts.
GitHub Actions Docker Push: Permission Denied / Unauthorized Fix (2026)
Getting 'permission denied' or 'unauthorized: authentication required' when pushing Docker images in GitHub Actions? Here are all the causes and fixes.