Hi everyone, I've managed to setup a 5 node cluster, 2 masters, 3 workers. using the "roll your own" instructions here:
https://kubernetes.io/docs/getting-started-guides/scratch/#preparing-certs I can run pods np but dns is not functional. As per the documentation, One method is to setup a cluster DNS service: https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dns/ All fine and dandy, while I realise its the job of the add-on manager to kick start the pod that project provides, I have been firing it up manually, in the interests of debugging kubectl create -f kube-dns.yaml Everything is created successfully, and eventually the deployment "spawns" a pod, and the pod the containers etc... however the kube-dns ALWAYS fails with this error: "Failed to create a kubernetes client: open /var/run/secrets/kubernetes.io/serviceaccount/token" I understand that this is kubernetes providing a token to the container, but whay I dont get is why it cannot be found. Especially when it appears the required secrets are in existence: bddcbpkbn1:~ # kubectl get serviceaccounts -n kube-system NAME SECRETS AGE default 2 13d kube-dns 2 29m bddcbpkbn1:~ # kubectl get secrets -n kube-system NAME TYPE DATA AGE default-token-6wnx5 kubernetes.io/service-account-token 2 44m default-token-94kww kubernetes.io/service-account-token 2 46m kube-dns-token-mnbg2 kubernetes.io/service-account-token 2 28m kube-dns-token-wrs8h kubernetes.io/service-account-token 2 26m bddcbpkbn1:~ # Can anyone offer any suggestions as to why this is failing, or how I can go about diagnosing the issue? Thanks in advance -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.