Reputation: 11384
Access to Kubernetes in IBM Cloud
I had a friend grant me access to his kube cluster (hosted on IBM Cloud).
I can login via the IBM Cloud console
However when I try to access them via the kubectl: kubectl get nodes
results in an error message:
Error from server (Forbidden): nodes is forbidden: User "https://iam.ng.bluemix.net/kubernetes#" cannot list nodes at the cluster scope.
Why would the access (RBACs) be different between the console and the CLI?
Upvotes: 0
Views: 510
Answers (3)
Reputation: 4964
I am the dev lead for the IBM Kubernetes Service. You need to generate the RBAC on the cluster first. You can do this 2 ways.
- Goto the access tab in the UI and click download cluster config.
- Or use the cli and run
ibmcloud ks cluster-config xxxxwhere xxxx is the id of the cluster.
Upvotes: 1
Reputation: 9041
As mentioned by code, you may not have enough privileges configured for your user in RBAC. Perhaps, you have a typo in the cluster-role-binding configuration for that user.
In this case, you have passed the authentication phase, but you have been blocked on the authorization phase trying to execute the “get” command.
Upvotes: 0
Reputation: 384
If the user name in User "https://iam.ng.bluemix.net/kubernetes#" has any capitalization, I'd suggest opening a ticket w/IBM. There are some cases where internal users have capital letters in their user name, which causes authentication issues.
In the meantime, you should still be able to use the CLI.
Upvotes: 0
Related Questions
- Accessing Kubernetes Dashboard
- Failed to request IAM token for Kubernetes on Bluemix
- IBM Cloud Function - Connecting to Kubernetes container
- kubernetes remote access dashboard
- Kubernetes dashboard
- Expose kubernetes dashboard
- Accessing Kubernetes dashboard on Compute instance in Oracle Cloud
- How to create Kubernetes cluster on IBM Cloud with service ID?
- Accessing the Kube dashboard on IBM Cloud
- How to access canonical kubernetes dashboard externally?