latest version gives failure #98
Comments
|
You need to be sure that, so called, in cluster authentication works. Please check following links: http://kubernetes.io/docs/user-guide/service-accounts/ For example on my environment i have following created in default namespace: There is a high probability that you are running apiserver without ServiceAccount admission controller. In my setup i am using following list for apiserver |
|
Hi @dshulyak thanks your your quick response! I checked the API server and it has these settings enabled for the admission control: NamespaceLifecycle,LimitRanger,SecurityContextDeny,ResourceQuota,ServiceAccount I also have the serviceaccounts and secrets in the default namespace like you have. I guess I'm missing something in the controller and scheduler yaml files that i insert into K8S to access the info? |
|
@electrical There is no need to change anything except I found similar topic, and one of the suggestions is to ensure that generated token is valid. This, but in default namespace: |
|
Been doing some more digging but unable to find any reasoning why it doesn't work. |
|
Did a bit more digging. I'm getting a 'HTTP/1.1 401 Unauthorized' response when using the token of the serviceaccount secret. Would that mean that the token is invalid and needs to be re-generated? |
|
Well, re-created the secret in the kube-system namespace and it seems to work now :-) guess somehow i got into a weird state. |
Hi,
When using the latest version with the example yaml files I'm getting this error:
14/12/2016 16:40:31Error: the server has asked for the client to provide credentials (post thirdpartyresources.extensions)
I'm running K8S 1.4.6 on top of Rancher 1.2.0
The text was updated successfully, but these errors were encountered: