-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Custom secrets from S3 are not populated to known_tokens.csv
with Kops 1.9
#5090
Comments
known_tokens.csv
with Kops 1.9known_tokens.csv
with Kops 1.9
@justinsb This is the issue with custom auth tokens we've encountered in kops 1.9, I was talking to you about during lunch at KubeCon. |
Hitting the same issue here, looking into a possible systemd unit solution to make it happen, will report back if i make progress. |
any news? did somebody find a workaround? |
is it working in kops 1.10? |
Any updates to this? We have hit the exact same issue |
No updates just workarounds |
The workaround being? |
@followsound |
Haha, yep I've gone with user certs |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
so no intention to bring secrets back?
…On Tue, Nov 6, 2018 at 11:12 AM fejta-bot ***@***.***> wrote:
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually
close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta
<https://github.com/fejta>.
/lifecycle stale
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#5090 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ADjXTblIxZ-quB9LZi1CtCe7viY9DBIOks5usVKLgaJpZM4TvD_f>
.
|
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
@fejta-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
kops
version are you running? The commandkops version
, will displaythis information.
Version 1.9.0 (git-cccd71e67)
kubectl version
will print theversion if a cluster is running or provide the Kubernetes version specified as
a
kops
flag.AWS
Change binary of kops from 1.8.1 to 1.9. Update cluster and rollout.
In our S3 bucket we have custom secrets that were populated to
/srv/kubernetes/known_tokens.csv
when cluster was updated withkops
< 1.9After rolling update
/srv/kubernetes/known_tokens.csv
was lacking our secrets and we have to rollout cluster withkops
1.8.1Commands are okay but logic of populating
kops
secrets has changed.We have found this PR merged which is causing us trouble
https://github.com/kubernetes/kops/pull/3835/files#diff-a7e5ed2b01f8673379c76c3d0b880c8cR270
I expected that upgrading
kops
won't break kubernetes functionality and secrets will be populated like in 1.8.1 versionThis should be in ugprade information because it's breaking change for people using
secrets
from S3.If there is a way to populate secretes with 1.9 we can upgrade
kops
but before that it's blocking for me.The text was updated successfully, but these errors were encountered: