Skip to content

Unable to run Dashboard on Minikube with RBAC #2797

New issue
New issue
Closed
Closed
Unable to run Dashboard on Minikube with RBAC#2797
@rayterrill

Description

@rayterrill
rayterrill
opened on Jan 27, 2018
Environment
Dashboard version: 1.8.2
Kubernetes version: 1.8.0
Operating system: Windows 10 (1709 16299.192)
Node.js version: v9.3.0
Go version: N/A
Steps to reproduce
  1. Launch minikube in RBAC mode
minikube start --extra-config=apiserver.Authorization.Mode=RBAC
  1. Deploy Dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kuberne
tes-dashboard.yaml
  1. Dashboard pod fails to deploy, verified with kubectl get pods --namespace=kube-system
PS C:\wip> kubectl get pods --namespace=kube-system
NAME                                   READY     STATUS             RESTARTS   AGE
kube-addon-manager-minikube            1/1       Running            0          1m
kube-dns-86f6f55dd5-fnqkr              2/3       Running            0          1m
kubernetes-dashboard-7rb4g             0/1       CrashLoopBackOff   3          1m
kubernetes-dashboard-c8b4bc89b-xwlg7   1/1       Running            0          10s
storage-provisioner                    1/1       Running            0          1m
Observed result

Dashboard pod fails to deploy successfully.

Pod logs (via kubectl logs kubernetes-dashboard-7rb4g --namespace=kube-system)

2018/01/27 19:20:23 Synchronizer kubernetes-dashboard-key-holder-kube-system exited with error: kubernetes-dashboard-key-holder-kube-system watch ended with timeout
panic: secrets is forbidden: User "system:serviceaccount:kube-system:default" cannot create secrets in the namespace "kube-system"

goroutine 1 [running]:
github.com/kubernetes/dashboard/src/app/backend/auth/jwe.(*rsaKeyHolder).init(0xc4201d05e0)
        /home/travis/build/kubernetes/dashboard/.tmp/backend/src/github.com/kubernetes/dashboard/src/app/backend/auth/jwe/keyholder.go:132 +0x2d3
github.com/kubernetes/dashboard/src/app/backend/auth/jwe.NewRSAKeyHolder(0x1a78da0, 0xc4203c7620, 0xc4203c7620, 0x1278920)
        /home/travis/build/kubernetes/dashboard/.tmp/backend/src/github.com/kubernetes/dashboard/src/app/backend/auth/jwe/keyholder.go:171 +0x83
main.initAuthManager(0x1a77300, 0xc42014d1a0, 0x384, 0x1, 0x1)
        /home/travis/build/kubernetes/dashboard/.tmp/backend/src/github.com/kubernetes/dashboard/src/app/backend/dashboard.go:160 +0x12f
main.main()
        /home/travis/build/kubernetes/dashboard/.tmp/backend/src/github.com/kubernetes/dashboard/src/app/backend/dashboard.go:94 +0x27b
Expected result

Pods should deploy successfully.

Comments

Works successfully without RBAC (launching minikube with just 'minikube start').

Apologies if I've bungled anything. Working on learning K8s.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions