We have an application that makes pod deployments to the Kubernetes cluster, but it started failing a week later saying “Unauthorized”. I noticed it’s because the config file on DigitalOcean is being reset. How can I work around this? We register the cluster to this application using the config file, but we can’t be changing it every week.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
you could make a cronjob once a week downloading the new kubeconfig file trough doctl
with a command like this:
Same question, looks like a showstopper for us - can’t use DO Kubernetes until this is resolved
Relevant: https://www.digitalocean.com/docs/kubernetes/overview/#known-issues
The certificate authority, client certificate, and client key data in the kubeconfig.yaml file are rotated weekly. If you run into errors like the server doesn’t have a resource type “<resource>”, Unauthorized, or Unknown resource type: nodes, try downloading a new cluster configuration file. The certificates will be valid for one week from the time of the download.
I talked to support about this, and it seems that they classified this as an actual Issue their engineers are working on. Also this apperantely is probably one of many blockers for Kubernetes Services getting out of LTD.