Closed emreberber closed 3 days ago
Thanks @emreberber
Can you please list the steps you used to create the token? Thank you
$ kubectl create sa platform-admin
$ kubectl create clusterrolebinding platform-admin-access --clusterrole cluster-admin --serviceaccount default:platform-admin
$ kubectl create token platform-admin --duration=24h
I followed the steps in the document.
Thank you. Giving a try now. Thanks
@emreberber I am not able to repro.
This is what I did. Installed cert-manager
helm install \
cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.16.1 \
--set crds.enabled=true
Installed Sveltos
helm install projectsveltos projectsveltos/projectsveltos -n projectsveltos --create-namespace
Then deployed Dashboard
kubectl apply -f https://raw.githubusercontent.com/projectsveltos/sveltos/v0.41.1/manifest/dashboard-manifest.yaml
Finally created
kubectl create sa platform-admin
kubectl create clusterrolebinding platform-admin-access --clusterrole cluster-admin --serviceaccount default:platform-admin
kubectl create token platform-admin --duration=24h
and I am able to login successfully.
Can you share more details?
thanks
I tried exactly these steps but I get the same error again.
I am using Kind.
k3d cluster create projectsveltos-cluster-02 \
--agents 2 --servers 1 \
--image rancher/k3s:v1.27.4-k3s1
+----------------------------------------+-----------------+---------------------------------------------------------+
| dashboard-54c6777f9c-9tnz5 | dashboard | docker.io/projectsveltos/dashboard:v0.41.1 |
+----------------------------------------+-----------------+---------------------------------------------------------+
| ui-backend-manager-596f8bddf6-82qg7 | manager | projectsveltos/ui-backend:v0.41.1 |
+----------------------------------------+-----------------+---------------------------------------------------------+
Thanks. Trying that as well. I assume you are doing a port-forward of the dashboard service
Yes, that's exactly it.
kubectl port-forward svc/dashboard -n projectsveltos 8080:80
I was able to repro. The version v1.27 does not support this authentication.
I tried with
k3d cluster create projectsveltos-cluster-03 \
--agents 2 --servers 1 \
--image rancher/k3s:v1.29.10-k3s1
and following all steps above, it worked.
v1.28.0 seems to be the first Kubernetes verision with SelfSubjectReview
https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md
The SelfSubjectReview API is promoted to authentication.k8s.io/v1 and the kubectl auth whoami command is GA. (https://github.com/kubernetes/kubernetes/pull/117713, [@nabokihms](https://github.com/nabokihms)) [SIG API Machinery, Architecture, Auth, CLI and Testing]
@emreberber I will use this bug to add a note on documentation, Dashboard requires v1.28.0 or newer release.
Great work 🚀 Thanks
Note added
Problem Description
Hello. I created Token with Platform-Admin, but I get an error on the login screen.
Platform Administrator Example
System Information
SVELTOS VERSION:
0.41.1
KUBERNETES VERSION:1.27.4
Logs