This repository has been archived by the owner on Aug 26, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 269
Current version may not be compatible with K8s 1.8.4-gke.0 #290
Comments
You'll need to set up RBAC. For example, the yaml for my kube-lego setup generated with https://github.com/kubernetes/charts/tree/master/stable/kube-lego looks as follows:
You'll need a similar service account, role and rolebinding. Else, a quick and dirty shortcut could be to just grant admin permissions to the kube-lego:default user: |
The latest master contains RBAC instructions and works perfectly on 1.8.6-gke.0 |
I get this same error on GCP with the jetstack/kube-lego:master-4209 and kubernetes version 1.8.8-gke.0. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I just tried to spin up a cluster using configurations that worked before with a 1.8.2-gke.0 cluster. The new cluster is using 1.8.4-gke.0, and when I apply the kube-lego configs, I get this error repeatedly in my log, and the service never actually spins up.
reflector.go:201] github.com/jetstack/kube-lego/pkg/kubelego/watch.go:112: Failed to list *v1beta1.Ingress: ingresses.extensions is forbidden: User "system:serviceaccount:kube-lego:default" cannot list ingresses.extensions at the cluster scope: Unknown user "system:serviceaccount:kube-lego:default"
The text was updated successfully, but these errors were encountered: