K
Q

Update deployment from within Kubernetes Cluster

2/6/2020

I am attempting to use the k8s API inside the cluster to update a deployment within the namespace home.

ClusterRole:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  namespace: home
  name: home-role
rules:
- apiGroups: [""] # "" indicates the core API group
  resources: ["pods, deployments"]
  verbs: ["get", "watch", "list", "create", "delete", "update"]

Service Account:

get serviceaccounts -n home
NAME      SECRETS   AGE
default   1         3h2m
kubectl describe serviceaccounts -n home          
Name:                default
Namespace:           home
Labels:              <none>
Annotations:         <none>
Image pull secrets:  <none>
Mountable secrets:   default-token-8rzns
Tokens:              default-token-8rzns
Events:              <none>

ClusterRoleBinding:

kubectl create clusterrolebinding home-role-binding \
 --clusterrole=home-role  \
 --serviceaccount=home:default

But I am getting this error when the API call is made:

open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory

Does anyone have any insight into where the issue may lie?

-- Nicholas Martinez
kubernetes
permissions

Similar Questions

ActiveMQ running in Kubernetes minikube: how to configure admin password
forwarding from public VIP to clusterIP with iptables: iptables mode
k8s: forwarding from public VIP to clusterIP with iptables
Java Spring spring microservice running out of heap size on kubernetes

1 Answer

2/6/2020

First off deployments are in apps/v1, not v1. Then you probably need to share the pod definition for the place you are running your api call from. You may have disabled service account token mounting.

-- coderanger
Source: StackOverflow