Error when approving certificate following Recommended steps to Secure Kubernetes cluster
I was following the guide Recommended Steps to Secure a DigitalOcean Kubernetes Cluster and at the approving step I’m receiving a not found response and an error
error: no kind "CertificateSigningRequest" is registered for version "certificates.k8s.io/v1" in scheme "k8s.io/kubernetes/pkg/kubectl/scheme/scheme.go:28"
I did create a private certificate using openssl and then a certificate signing request configuration with CN set to user, the username I want to allow access.
Then I created the certificate signing request by using api v1 as in Kubernetes Certificate Signing Requests documentation
apiVersion: certificates.k8s.io/v1 kind: CertificateSigningRequest metadata: name: user spec: groups: - system:authenticated request: L...= signerName: kubernetes.io/kube-apiserver-client usages: - client auth
I saved this file as user.yml and applied to the cluster using the kubeconfig downloaded from the admin panel.
kubectl apply -f ./user.yml kubectl get csr
The pending CSR lists the one I added
NAME AGE SIGNERNAME REQUESTOR CONDITION user 62m kubernetes.io/kube-apiserver-client DO-email Pending
But when I want to approve it I get back the error
kubectl certificate approve user No resources found error: no kind "CertificateSigningRequest" is registered for version "certificates.k8s.io/v1" in scheme "k8s.io/kubernetes/pkg/kubectl/scheme/scheme.go:28"