20 questions with no answers
2
votes
0
answers
61
views
Kubernetes Java Client Unable to Find Config When Running as Docker Container
I have a Java service that uses the Fabric8 Kubernetes Java Client to connect to a Kubernetes cluster. When I run the service locally using java -jar, it works perfectly. However, when I build a ...
1
vote
0
answers
59
views
fake client gives error using CreateToken operation for ServiceAccounts
I have the below code in a test function
import (
"k8s.io/client-go/kubernetes/fake"
)
// Mock Kubernetes client
k8sClient := fake.NewClientset()
// Mock service account
...
- 165k
1
vote
0
answers
69
views
Issue with Assuming service account role from the docker container running in EKS Pod
Currently we are running EKS cluster in AWS. We have created service account and annotated with IAM role.
Current scenario:
We are running a python script using Boto3 inside a docker container within ...
- 464
0
votes
0
answers
369
views
Getting service acount credential in GKE
I have GKE cluster that uses a custom service-account. I'm using it to access Google API (Gmail API). But, when I use
final List<String> SCOPES = List.of(GmailScopes.GMAIL_READONLY);
...
- 1,072
1
vote
0
answers
474
views
How can I programmatically connect to multiple K8S clusters created with the eksctl command in AWS EKS?
I want to push some jobs.yml script to multiple Kubernetes clusters programmatically, connection details will be provided by customers and we can store it in encrypted format in DB or maybe S3.
I'm ...
- 131k
0
votes
0
answers
178
views
cannot access the statsd metrics endpoint from withing its pod calling localhost
I am creating a local cluster as below:
# kind-cluster.yaml
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
containerdConfigPatches:
- |-
[plugins."io.containerd.grpc.v1.cri".registry....
- 165k
0
votes
0
answers
30
views
Not able to get external IP while running load balancer service in k8s, using aws cloud
I am trying to create load balancer service in k8s, However after creating the service, I should have received external IP but not able to see or get. Please find my service.yaml file or output as ...
- 24.2k
2
votes
0
answers
560
views
Changing Role permissions for an active (in-use) ServiceAccount in Kubernetes
Suppose a simple RBAC setup in Kubernetes (assuming default namespace for simplicity):
ServiceAccount + Role + RoleBinding
The role has allows to get and list verbs for pods and pods/log
a Pod using ...
- 761
0
votes
0
answers
108
views
Error while checking for service account using Lookup Function
{{- if not (lookup "v1" "ServiceAccount" "{{.Release.Namespace}}" "{{ .Release.preinstall }}" ) }}
<< another service account >>
{{- end }}
While ...
- 165k
0
votes
0
answers
89
views
Is it possible to use AWS service account in dotnet application instead AWS credentials
Currently, my dotnet application is using AWS credentials but I would like to replace it with service account token. I don't see a way to do that in AWS documentation.
- 689
2
votes
0
answers
3k
views
Confluent Schema Registry on Strimzi - pods not getting created
I've Strimzi Kafka installed on GKE(GCP), and i'm trying to install Confluent Schema registry referring link -
https://github.com/lsst-sqre/strimzi-registry-operator
Steps followed:
Installed ...
- 1,111
0
votes
0
answers
207
views
Is it necessary to add IRSA to aws-auth config map for the corresponding pod to be able to update kube objects
I have a service running inside the EKS cluster which reads/adds/updates/patches different kubernetes objects across multiple namespaces. For this to work, I did the following:
Create an IAM Role =&...
- 1,369
0
votes
0
answers
262
views
Is there a way to grant access to a ServiceAccount from all namespaces in Kubernetes? Or a cluster-wide ServiceAccount?
I'm going to have an unknown number of users access my K8s (specifically OpenShift if that helps) cluster. Each user will have their own random namespace. So I do not know the namespaces in advance ...
- 41
0
votes
0
answers
280
views
How to access an AWS Resource with the role attached to Kubernetes pod?
I am running a web service in Kubernetes environment. I have attached a role (custom_role) to the pod.
This role has permission to access SQS queue.
Now, how do I utilize this role while accessing the ...
- 126k
0
votes
0
answers
73
views
Kubernetes user format
I'm trying to create a pipeline to deploy on Kubernetes. I get an error that the user "system:serviceaccount:my-namespace:default" doesn't have permission to read secrets.
I've installed ...
- 87
4
votes
0
answers
926
views
How do I use a k8s serviceaccount's attached IAM role to make a request to S3 with the AWS SDK for Go v2
In a Go application run as a k8s Job, I am attempting to assume a serviceaccount <-> IAM Role when trying to GetObject from an S3 bucket. I attach a serviceAccountName field to the Job spec in ...
- 2,550
0
votes
0
answers
117
views
kubectl get AzureAssignedIdentities -A -o yaml is empty
I am trying to deploy an api version with the following templates:
"apiVersion": "apiextensions.k8s.io/v1",
"kind": "CustomResourceDefinition",
"metadata&...
- 31
0
votes
0
answers
576
views
No matches for kind "HelmChart" in version "helm.cattle.io/v1"
I am trying to create jenkins from helmChart, I used this way a year ago and it worked but now it is not working and I got this error when I tried to apply the yaml file kubectl apply -f helm.yaml -n ...
- 1,013
0
votes
0
answers
230
views
Kubernetes RBAC ClusterRole
I'm trying to deploy some deployments out of my gitlab runner.
I do not see the error in my clusterrole and in the rolebindng.
Here the error I get:
from server for: "./deployment.yaml": ...
- 1
0
votes
0
answers
711
views
Forbidden error while describe/scale deployment by user system:node:ip.xx
I'm trying to execute K8S kubectl cmds from inside the container(name: autodeploy).
I have configured ClusterRole, ServiceAccount and ClusterRoleBinding. But getting Forbidden error while performing ...
- 358