Trouble Shooting Documentation - mchirico/k8sv19 GitHub Wiki

Step 1

Use the following Dockerfile with no entrypoint

FROM golang:latest AS build


WORKDIR $GOPATH/src/github.com/mchirico/k8sv19
COPY . $GOPATH/src/github.com/mchirico/k8sv19

RUN cd examples/in-cluster-client-configuration && go build  -o /bin/project

#ENTRYPOINT ["/usr/bin/top"]

Step 2

make
make kind

Step 3

Run interactively

kubectl run s3 --rm -i --tty --image gcr.io/septapig/k8sv19:dev -- /bin/bash

Step 4

mkdir /root/go
mkdir /root/go/bin

export GOPATH=/root/go
export GOBIN=/root/go/bin

go install ./...

Step 5

At this point, you should get the following error.

root@s3:/go/src/github.com/mchirico/k8sv19# /root/go/bin/in-cluster-client-configuration
panic: pods is forbidden: User "system:serviceaccount:default:default" cannot list resource "pods" in API group "" at the cluster scope

goroutine 1 [running]:
main.main()
	/go/src/github.com/mchirico/k8sv19/examples/in-cluster-client-configuration/main.go:56 +0x47f

Step 6

Add cluster admin to the default account. Note, you're in a dev environment here. You'd never do this in production.

rbac-default-to-admin.yaml

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: k8sv19-rbac
subjects:
  - kind: ServiceAccount
    # Reference to upper's `metadata.name`
    name: default
    # Reference to upper's `metadata.namespace`
    namespace: default
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

Using the file above..

kubectl apply -f rbac-default-to-admin.yaml

Step 7

Now it should loop through

root@s3:/go/src/github.com/mchirico/k8sv19# /root/go/bin/in-cluster-client-configuration
There are 33 pods in the cluster
Pod example-xxxxx not found in default namespace
There are 33 pods in the cluster
Pod example-xxxxx not found in default namespace