Welcome to the Linux Foundation Forum!

Lab 6.3 does not show service account at step 11

Hi,
trying to complete the lab exercise on ServiceAccounts, does not show serviceaccounts as described in Step 11. I checked all the previous steps look good. COuld please help here if i am missing anything here? My secondapp.yaml FYR:

apiVersion: v1
kind: Pod
metadata:
  name: secondapp
spec:
  serviceAccountName: secret-access-sa
  securityContext:
    runAsUser: 1000
  containers:
  - name: busy
    image: busybox
    command:
      - sleep
      - "3600"
    securityContext:
      runAsUser: 2000
      allowPrivilegeEscalation: false
      capabilities:
        add: ["NET_ADMIN","SYS_TIME"]
    volumeMounts:
    - name: mysql
      mountPath: /mysqlpassword
  volumes:
  - name: mysql
    secret:
      secretName: lfsecret

Comments

  • jskora
    jskora Posts: 3
    edited August 2021

    I'm getting the same bad results that show kube-api-access-xxxxx instead of secret-access-sa-token-xxxxx or default-token-xxxxx (like the "before" example shows). I wiped things and tried a second time with no change.

    $ kubectl describe pod secondapp | grep -i secret
          /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-5ncf7 (ro)
        Type:        Secret (a volume populated by a Secret)
        SecretName:  lfsecret
    
  • chrispokorni
    chrispokorni Posts: 2,155

    Hi,

    Thank you for your feedback. I started investigating the issues, and after preliminary testing I am suspecting an admission controller that may be required but is not accepted by the apiserver when reconfigured. I will keep looking into it.

    Regards,
    -Chris

  • Hi,

    I am having the same issue as well.

    Thanks.

  • I am having the same issue too

  • jskora
    jskora Posts: 3
    edited September 2021

    Unfortunately, at this point it seems that the course material is either broken or out of date. I wouldn't recommend waiting for a solution. I had to just move on with the course.

  • serewicz
    serewicz Posts: 1,000

    Thanks for the information. I'll work on updating the material today.

    As you are aware, Kubernetes is a dynamic subject. The constant change does lead to hiccups.

    Regards,

  • Yes, I am aware that Kubernetes is regularly changing. That's part of why I paid for the course and used the exact distro and install processes it recommended.

    My frustration wasn't that an issue cropped up, but that it went weeks unresolved. Doing the course work on my own time after work, trying this unsuccessfully multiple times cost me a lot of time.

  • alfonso.prado
    alfonso.prado Posts: 1
    edited October 2021

    Apparently it's still broken. Exactly the same problem happens to me :|. Any help or contribution I would be very grateful

Categories

Upcoming Training