New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Invalid Bearer token error in Kube-apiserver when using azure auth provider in kube-config #111902
Comments
@Anumita: This issue is currently awaiting triage. If a SIG or subproject determines this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/sig auth |
cc @enj |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close not-planned |
@k8s-triage-robot: Closing this issue, marking it as "Not Planned". In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close not-planned |
What happened?
We have an kubeadm cluster (1 master and 2 worker nodes). The kube-apiserver is configured to use a webhook server for authn and authz. The kubeconfig is configured to use azure auth provider as well. On running any kubectl command , we are getting "Unauthorized" error . We checked that the request is not reaching our server pod and is failing in kube-apiserver. The error in kube-apiserver is "Invalid bearer token". We checked the token and it is same as the token we are using in another environment where the kubectl command is working.
We aren't sure how more to debug this , since increasing the verbosity in kube-apiserver is not increasing any logs as well.
What did you expect to happen?
kubectl command should not return unauthorized
How can we reproduce it (as minimally and precisely as possible)?
not sure how we can reproduce this as it is working in one environment and not on the other. The only difference would be that there are no worker nodes in the other, it has only one master node
Anything else we need to know?
No response
Kubernetes version
Cloud provider
OS version
Install tools
Container runtime (CRI) and version (if applicable)
Related plugins (CNI, CSI, ...) and versions (if applicable)
The text was updated successfully, but these errors were encountered: