Kubernetes 401 Unauthorized, token not copied to containers Kubernetes 401 Unauthorized, token not copied to containers kubernetes kubernetes

Kubernetes 401 Unauthorized, token not copied to containers


kubernetes distributed-computing

The service account token secret should be added as a volume when the pods are created. This is done by the ServiceAccount admission plugin.

Some questions:

  1. If you inspect one of the running pods in the API, does it include a volume and volume mount referencing a service account token?

  2. What admission plugins do you have configured for your API server?

kubernetes distributed-computing

The token is itself created during admission control processing.

The setting recommended for >1.4 is 

--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota

Mind the "ServiceAccount" part!

See original doc

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last