I've got a problem with roles and authentication kubernetes. I created a one-node (one maser) cluster, on my baremetal server, and I made this cluster listen on different IP than default (with option "--apiserver-advertise-address= ip address "). But now I basically can do nothing in it, because of kubectl does not work. I can't create pods and services I need. When I created the cluster, without this IP changinh, it works. So my question is how to fix this? It is probably an authorization problem, but I can't even create cluster role or cluster role binding because of errors like this: " error: failed to create clusterrolebinding: clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "system:node:e4-1" cannot create resource "clusterrolebindings" in API group "rbac.authorization.k8s.io" at the cluster scope"... Is there any way to "login" as admin, or something, or is there a way to change something in configs files to fix this?
Based on the flag you mention I assume you are using kubeadm
to create your cluster. Most probable cause is that you are using the wrong .conf
file. My suspicions are that you are using the kubelet.conf
instead of admin.conf
.
Below you can find an example of the kubeadm init
output. It contains steps that you need to follow to start using kubectl
:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a Pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join <control-plane-host>:<control-plane-port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>
As you see one of the commands is to copy admin.conf
file into /.kube/config
which then kubectl
uses to manage cluster.