polite-napkin-9009807/05/2022, 4:27 PM
I get a long delay followed by an error
kubectl logs <pod>
Reading on stackexchange etc. it seems that this means I have somehow hosed my RBAC. I'm considering taking off and nuking the whole site from orbit, as this cluster is not in production yet, but before I do I was hoping to understand how I have broken it. I have been comparing clusterRoles and clusterRoleBindings between this new broken cluster and the other one which I have built using the 0.37.1 code. I can't find any mention of
Error from server (InternalError): Internal error occurred: Authorization error (user=kube-apiserver-kubelet-client, verb=get, resource=nodes, subresource=proxy)
in there but
Looks the same on both clusters. Does anyone have any pointers as to where I can look, or what causes this error?
Name: system:kubelet-api-admin Labels: <http://kubernetes.io/bootstrapping=rbac-defaults|kubernetes.io/bootstrapping=rbac-defaults> Annotations: <http://rbac.authorization.kubernetes.io/autoupdate|rbac.authorization.kubernetes.io/autoupdate>: true PolicyRule: Resources Non-Resource URLs Resource Names Verbs --------- ----------------- -------------- ----- nodes/log   [*] nodes/metrics   [*] nodes/proxy   [*] nodes/spec   [*] nodes/stats   [*] nodes   [get list watch proxy]