search

CrowdStrike / terraform-kubectl-falcon

Module to manage CrowdStrike Falcon Sensor and the Kubernetes Protection Agent on a Kubernetes cluster.
https://registry.terraform.io/modules/CrowdStrike/falcon/kubectl/latest
The Unlicense
7 stars 14 forks source link

eks blueprint example k8s-protection-agent image pull 401 #27

Closed ryanjpayne closed 1 year ago

ryanjpayne commented 1 year ago

when using /examples/aws-eks-blueprint-example

Normal   Scheduled  49s                default-scheduler  Successfully assigned falcon-kubernetes-protection/kpagent-cs-k8s-protection-agent-856b87f9f5-vsfrm to ip-10-0-10-217.us-east-2.compute.internal
  Warning  Failed     34s                kubelet            Failed to pull image "registry.crowdstrike.com/kubernetes_protection/kpagent:0.917.0": rpc error: code = Unknown desc = failed to pull and unpack image "registry.crowdstrike.com/kubernetes_protection/kpagent:0.917.0": failed to resolve reference "registry.crowdstrike.com/kubernetes_protection/kpagent:0.917.0": failed to authorize: failed to fetch oauth token: unexpected status: 403
  Normal   BackOff    22s (x2 over 47s)  kubelet            Back-off pulling image "registry.crowdstrike.com/kubernetes_protection/kpagent:0.917.0"
  Warning  Failed     22s (x2 over 47s)  kubelet            Error: ImagePullBackOff
  Normal   Pulling    8s (x3 over 48s)   kubelet            Pulling image "registry.crowdstrike.com/kubernetes_protection/kpagent:0.917.0"
  Warning  Failed     8s (x2 over 48s)   kubelet            Failed to pull image "registry.crowdstrike.com/kubernetes_protection/kpagent:0.917.0": rpc error: code = Unknown desc = failed to pull and unpack image "registry.crowdstrike.com/kubernetes_protection/kpagent:0.917.0": failed to resolve reference "registry.crowdstrike.com/kubernetes_protection/kpagent:0.917.0": failed to authorize: failed to fetch oauth token: unexpected status: 401
  Warning  Failed     8s (x3 over 48s)   kubelet            Error: ErrImagePull
ffalor commented 1 year ago

What's the bug? The error just looks like expired creds.

ryanjpayne commented 1 year ago

Although I could have made a mistake, following the example module with known good keys resulted in the 401. So I labeled this a bug not against the core module itself but the example. I see now that isn't clear in my initial title or description.

ffalor commented 1 year ago

Lets connect - this keeps popping up.

ryanjpayne commented 1 year ago

issue resolved after further testing. must have been user error