Open emirot opened 4 years ago
Hi, I've similar issue. It seems to add cluster with cli. No error output. But if i list the clusters it shows below message :
Unable to connect to cluster: the server has asked for the client to provide credentials
Do you have any updates on this issue?
I have the similar issue.
I have the same issue too.
running into the same issue trying to add a rancher managed cluster to argo:
FATA[0010] rpc error: code = Unauthenticated desc = the server has asked for the client to provide credentials
having a similar issue while creating an app using ArgoCd CLI, and getting different error while adding cluster
WARNING: This will create a service account `argocd-manager` on the cluster referenced by context `arn:aws:eks:us-west-2:1223456679:cluster/mycluster` with full cluster level admin privileges. Do you want to continue [y/N]? y
INFO[0004] ServiceAccount "argocd-manager" created in namespace "kube-system"
INFO[0005] ClusterRole "argocd-manager-role" created
INFO[0005] ClusterRoleBinding "argocd-manager-role-binding" created
FATA[0008] rpc error: code = PermissionDenied desc = permission denied: clusters, create, mycluster/https://1223456679.gr7.us-west-2.eks.amazonaws.com, sub: gitlab, iat: 2021-09-02T10:42:15Z
I was having this exact issue yesterday.
argocd cluster add MyOtherClusterContext
Output:
...
FATA[0001] rpc error: code = Unauthenticated desc = the server has asked for the client to provide credentials
The issue was actually that the certs in my local context (from ~/.kube/config
) were expired a few days ago (even though kubectl
worked just fine), so just resetting the context credentials worked for me!
In my case, on an Azure AKS cluster, that involved the following Az CLI command:
az aks get-credentials --resource-group my-k8s-resource-group --name MyOtherClusterContext
This is of course different for other clouds vendors and k8s distributions, but they all have a way to add your k8s cluster as a context.
Hope this helps.
As @elg0ch0 stated, this is the solution for thoose landing here because they are trying to add a k8s cluster that is managed by Rancher (and still want to go through it):
This worked for me
level=error msg="could not unmarshal cluster secret prod-secret"
... be sure not to have trailing commas on properties. json.Unmarshal
is unforgiving 💀
I had this error and came across this. My error turned out to be a wrong token. After having used the token of the application-controller (not base64 encoded) from the target cluster everything worked just fine 👍 It's a pity that error message wasn't clear/helpful..
Look at a few things if you run into this issue:
in my case, I was trying to use Rancher managed cluster to Argo, and Rancher had a self-signed Certificate. So, I had to create a service member inside the rancher, permit it to manage the K8s cluster in question, and create a secret for ArgoCD to register that cluster.
Also, I moved to the ACME Certificate to avoid the nasty certificate issues.
I was running into a similar error in a cluster managed by talos+omni. Since it was the cluster argocd is running in, using --in-cluster
fixed it for me:
argocd cluster add omni-talos-cluster-0 --in-cluster
Any solution for this?
Describe the bug
I can't add another k8s cluster, it looks like I'm missing some credentials. What kind of credentials ? Certs needs to be created, https://github.com/argoproj/argo-cd/issues/3655 ?
To Reproduce
In order to argocd login I need the flag
--grpc-web
Documentation: https://argoproj.github.io/argo-cd/getting_started/#5-register-a-cluster-to-deploy-apps-to-optional
Version