Lab 6.1 Step 2: No Resources Found
After typing the command under step 2: kubectl get secrets --all-namespaces, I have "No resources found" returned. Is there some underlying detail I missed along the way?
FYI, /var/run/secrets does not exist
Best Answer
-
Hi @mabricker,
In latest releases, Kubernetes no longer creates token secrets automatically. It becomes the user's responsibility to create them as desired. The following commands should work instead:
export token=$(kubectl create token default)
curl https://k8scp:6443/apis --header "Authorization: Bearer $token" -k
Regards,
-Chris3
Answers
-
Had the same question as @mabricker . Thanks @chrispokorni for explaining why the default tokens are not created (anymore). The Course material should be updated accordingly.
0 -
I also ran into the same issue. Glad to see it answered here. Thanks @chrispokorni
0 -
Should the above commands create resources that should be viewable using the kubectl get secrets command? Because it does not create any secrets according to my installation.
0 -
Hi @dont827273,
The
kubectl create token ...
command above creates a token, not a secret.You can read more at https://kubernetes.io/docs/concepts/configuration/secret/
Regards,
-Chris0 -
its 2/28/2023 and I've ran into this exact issue with this lab material. SO basically your suggestion is to create it and disregard steps 1-3.
0 -
Same issue here. @chrispokorni Do we create secrets or just skip these steps?
0 -
Hello @kmai007
In the updated lab (2/28/2023) we have added the step 6.2 which generates the token
export token=$(kubectl create token default)
Please verify.
thanks,
Fazlur0 -
Summary of issue and proposed answer and correction to lab document:
The Problem:
For Lab 6.1 - Step 1 -3
With k8s Version 1.25.1 you will get the following
$ kubectl get secrets --all-namespaces
No resources found
$ kubectl get secrets
No resources found in default namespace.Solution: Skip steps 1-4 and instead run
$ export token=$(kubectl create token default)
Then as in step 5 run:
$ curl https://k8scp:6443/apis --header "Authorization: Bearer $token" -k0 -
0
-
Is that version active? at the moment I do not see step 6.2
0 -
Hi @nicocerquera,
Yes it is. It has been active since its release 3/1/2023.
Please clear your browser cache, log back into the course, and navigate to Lab 6.1 under the Lessons menu, or simply download the entire lab guide PDF from the Resources menu.
Regards,
-Chris0 -
How are you @chrispokorni? I did precisely the instructions you gave ( export token=$(kubectl create token default)
and curl https://k8scp:6443/apis --header "Authorization: Bearer $token" -k),
although the answer is not a resource found when I try to get secrets.0 -
I am good @maybel, thank you for asking. How are things with you?
The token creation command does not generate a secret. That is the reason why no secret is found, which is the expected behavior.
However, was thecurl
successful once the token was supplied?Regards,
-Chris0 -
Hi @chrispokorni , As the British like to say: not too bad. Thanks for the curl question because it clarified the exact sentence creating the secret. Unfortunately, it didn't work.
student@cp:~$ kubectl get namespaces NAME STATUS AGE accounting Active 113d default Active 125d kube-node-lease Active 125d kube-public Active 125d kube-system Active 125d linkerd Active 82d linkerd-viz Active 82d low-usage-limit Active 119d small Active 117d student@cp:~$ kubectl -n default get secrets NAME TYPE DATA AGE dashboard-kubernetes-dashboard-certs Opaque 0 41d dashboard-kubernetes-dashboard-token kubernetes.io/service-account-token 3 5d17h kubernetes-dashboard-csrf Opaque 1 41d kubernetes-dashboard-key-holder Opaque 2 41d myingress-ingress-nginx-admission Opaque 3 105d sh.helm.release.v1.dashboard.v1 helm.sh/release.v1 1 41d sh.helm.release.v1.myingress.v1 helm.sh/release.v1 1 103d student@cp:~$ kubectl -n default get serviceaccounts NAME SECRETS AGE dashboard-kubernetes-dashboard 0 41d default 0 125d myingress-ingress-nginx 0 103d student@cp:~$ export token=$(kubectl create token default) student@cp:~$ export token=$(kubectl create token default -n default) student@cp:~$ curl https://k8scp:6443/apis --header "Authorization: Bearer $token" -k { "kind": "APIGroupList", "apiVersion": "v1", "groups": [ { "name": "apiregistration.k8s.io", "versions": [ { "groupV ... ... ], "preferredVersion": { "groupVersion": "metrics.k8s.io/v1beta1", "version": "v1beta1" } } ] }student@cp:~$kubectl -n default get secrets NAME TYPE DATA AGE dashboard-kubernetes-dashboard-certs Opaque 0 41d dashboard-kubernetes-dashboard-token kubernetes.io/service-account-token 3 5d17h kubernetes-dashboard-csrf Opaque 1 41d kubernetes-dashboard-key-holder Opaque 2 41d myingress-ingress-nginx-admission Opaque 3 105d sh.helm.release.v1.dashboard.v1 helm.sh/release.v1 1 41d sh.helm.release.v1.myingress.v1 helm.sh/release.v1 1 103d student@cp:~$ kubectl -n default get serviceaccounts NAME SECRETS AGE dashboard-kubernetes-dashboard 0 41d default 0 125d myingress-ingress-nginx 0 103d
As you can see, I have a namespace called default. The namespace called default has a service account called default as well.
From help I got this:```
Request a token for a service account in a custom namespace
kubectl create token myapp --namespace myns
```Because of the command help, I created a token called default in the namespace default, and there is no secret with that name in my namespace default.
By the way, I'm doing lab 15, and I don't catch how to create secrets .I appreciate any help you can provide. You always find the patience to help me.
0 -
sorry for the giant letters
0 -
Hi @maybel,
Based on the output shown at step 3 of lab exercise 6.1, your curl command seems to be successful, as it produced the expected output. Meaning that the token was also created successfully.
If needed, a secret object can be created by the user to store the token:
https://kubernetes.io/docs/concepts/configuration/secret/#service-account-token-secretsRegards,
-Chris0
Categories
- All Categories
- 167 LFX Mentorship
- 219 LFX Mentorship: Linux Kernel
- 798 Linux Foundation IT Professional Programs
- 356 Cloud Engineer IT Professional Program
- 180 Advanced Cloud Engineer IT Professional Program
- 82 DevOps Engineer IT Professional Program
- 149 Cloud Native Developer IT Professional Program
- 112 Express Training Courses
- 138 Express Courses - Discussion Forum
- 6.2K Training Courses
- 48 LFC110 Class Forum - Discontinued
- 17 LFC131 Class Forum
- 35 LFD102 Class Forum
- 227 LFD103 Class Forum
- 19 LFD110 Class Forum
- 39 LFD121 Class Forum
- 15 LFD133 Class Forum
- 7 LFD134 Class Forum
- 17 LFD137 Class Forum
- 63 LFD201 Class Forum
- 3 LFD210 Class Forum
- 5 LFD210-CN Class Forum
- 2 LFD213 Class Forum - Discontinued
- 128 LFD232 Class Forum - Discontinued
- 1 LFD233 Class Forum
- 2 LFD237 Class Forum
- 23 LFD254 Class Forum
- 697 LFD259 Class Forum
- 109 LFD272 Class Forum
- 3 LFD272-JP クラス フォーラム
- 10 LFD273 Class Forum
- 154 LFS101 Class Forum
- 1 LFS111 Class Forum
- 1 LFS112 Class Forum
- 1 LFS116 Class Forum
- 1 LFS118 Class Forum
- LFS120 Class Forum
- 7 LFS142 Class Forum
- 7 LFS144 Class Forum
- 3 LFS145 Class Forum
- 1 LFS146 Class Forum
- 3 LFS147 Class Forum
- 1 LFS148 Class Forum
- 15 LFS151 Class Forum
- 1 LFS157 Class Forum
- 34 LFS158 Class Forum
- 8 LFS162 Class Forum
- 1 LFS166 Class Forum
- 1 LFS167 Class Forum
- 3 LFS170 Class Forum
- 2 LFS171 Class Forum
- 1 LFS178 Class Forum
- 1 LFS180 Class Forum
- 1 LFS182 Class Forum
- 1 LFS183 Class Forum
- 29 LFS200 Class Forum
- 736 LFS201 Class Forum - Discontinued
- 2 LFS201-JP クラス フォーラム
- 14 LFS203 Class Forum
- 102 LFS207 Class Forum
- 1 LFS207-DE-Klassenforum
- 1 LFS207-JP クラス フォーラム
- 301 LFS211 Class Forum
- 55 LFS216 Class Forum
- 48 LFS241 Class Forum
- 48 LFS242 Class Forum
- 37 LFS243 Class Forum
- 15 LFS244 Class Forum
- LFS245 Class Forum
- LFS246 Class Forum
- 50 LFS250 Class Forum
- 1 LFS250-JP クラス フォーラム
- LFS251 Class Forum
- 155 LFS253 Class Forum
- LFS254 Class Forum
- LFS255 Class Forum
- 5 LFS256 Class Forum
- 1 LFS257 Class Forum
- 1.3K LFS258 Class Forum
- 10 LFS258-JP クラス フォーラム
- 121 LFS260 Class Forum
- 159 LFS261 Class Forum
- 41 LFS262 Class Forum
- 82 LFS263 Class Forum - Discontinued
- 15 LFS264 Class Forum - Discontinued
- 11 LFS266 Class Forum - Discontinued
- 20 LFS267 Class Forum
- 25 LFS268 Class Forum
- 31 LFS269 Class Forum
- 1 LFS270 Class Forum
- 199 LFS272 Class Forum
- 1 LFS272-JP クラス フォーラム
- LFS274 Class Forum
- 3 LFS281 Class Forum
- 10 LFW111 Class Forum
- 261 LFW211 Class Forum
- 182 LFW212 Class Forum
- 15 SKF100 Class Forum
- 1 SKF200 Class Forum
- 1 SKF201 Class Forum
- 782 Hardware
- 198 Drivers
- 68 I/O Devices
- 37 Monitors
- 96 Multimedia
- 174 Networking
- 91 Printers & Scanners
- 83 Storage
- 758 Linux Distributions
- 80 Debian
- 67 Fedora
- 15 Linux Mint
- 13 Mageia
- 23 openSUSE
- 143 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 348 Ubuntu
- 461 Linux System Administration
- 39 Cloud Computing
- 70 Command Line/Scripting
- Github systems admin projects
- 90 Linux Security
- 77 Network Management
- 101 System Management
- 46 Web Management
- 64 Mobile Computing
- 17 Android
- 34 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 371 Off Topic
- 114 Introductions
- 174 Small Talk
- 19 Study Material
- 806 Programming and Development
- 304 Kernel Development
- 204 Software Development
- 1.8K Software
- 211 Applications
- 180 Command Line
- 3 Compiling/Installing
- 405 Games
- 309 Installation
- 97 All In Program
- 97 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)