New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stale token in cloud-init-settings/kube-system-hetzner-kubelet-bootstrap-config #1732
Comments
That looks like a bug indeed in the example manifests indeed. Would you be interested in submitting the change, as you correctly identified what needs to be changed? |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with /lifecycle stale |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with /lifecycle rotten |
/remove-lifecycle rotten |
Just installed OSM creates a secret
cloud-init-settings/kube-system-hetzner-kubelet-bootstrap-config
, all working fine, but after an hour cloud machines cant add to cluster due to token in/etc/kubernetes/bootstrap-kubelet.conf
is wrongI found that bootstrap token (that creates by OSM) with TTL=1hour
This token OSM pod writes to
cloud-init-settings/kube-system-hetzner-kubelet-bootstrap-config
First hour everything goes fine, cloud machines creartes and working fine
After this first hour cloud machines stopped add to cluster due to kubeadm token is stale and OSM pod couldnt write new token to
cloud-init-settings/kube-system-hetzner-kubelet-bootstrap-config
I see such error in OSM pod log:
I found that there are no permissions to update this token: https://github.com/kubermatic/machine-controller/blob/main/examples/operating-system-manager.yaml#L1154-L1158
After I added an update verb
cloud-init-settings/operating-system-manager
role the secretcloud-init-settings/kube-system-hetzner-kubelet-bootstrap-config
going to be updated and fixed this issueIs it a bug? I think you need to add an update verb to role "cloud-init-settings/operating-system-manager"
The text was updated successfully, but these errors were encountered: