This repository has been archived by the owner on Jan 11, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 561
k8s clusters missing requestheader-client-ca-file #1390
Comments
This was referenced Dec 18, 2017
Was this fixed? I'm getting hit by this in Azure/helm-charts#102 using acs-engine 0.11.0. I configured the Orchestrator Profile with the below as the Aggregated API is not enabled by default:
The Service Catalog API server is not coming up and below is the log:
|
I was trying to provision the Service Catalog API with rbacEnabled=false |
Thanks for providing this color, @sabbour. Yes, we expect service catalog to be fully functional w/ an orchestratorProfile that looks like the one you pasted. Let us know if you run into any further trouble. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Is this an ISSUE or FEATURE REQUEST? (choose one): FEATURE REQUEST
What version of acs-engine?: n/a
Orchestrator and version (e.g. Kubernetes, DC/OS, Swarm) Kubernetes v1.7
What happened: aggregated API servers need both
client-ca-file
andrequestheader-client-ca-file
keys, current acs-engine-built kubernetes 1.7 clusters are missingrequestheader-client-ca-file
Ref:
https://github.com/kubernetes-incubator/apiserver-builder/blob/master/docs/concepts/auth.md#requestheader-authentication
Starting up the API server with
--requestheader-client-ca-file <string>
option engaged should fix this.The text was updated successfully, but these errors were encountered: