polite-breakfast-84569
09/14/2022, 11:41 AM$ kubectl exec -it my-pod -- sh
Error from server:
after debugging with kubectl -v=7 exec -it my-pod -- sh
I saw:
I0914 13:35:16.704958 79032 round_trippers.go:457] Response Status: 403 Forbidden in 95 milliseconds
I0914 13:35:16.705922 79032 helpers.go:216] server response object: [{
"metadata": {}
}]
so it seems there is some premission issue even though i am the cluster admin.
I just upgraded Rancher and decided to setup a cert-manager Certificate with istio:
apiVersion: <http://networking.istio.io/v1beta1|networking.istio.io/v1beta1>
kind: Gateway
metadata:
name: rancher
namespace: cattle-system
spec:
selector:
app: istio-ingressgateway
servers:
- port:
number: 443
name: https
protocol: HTTPS
hosts:
- <http://rancher.example.com|rancher.example.com>
tls:
mode: SIMPLE
credentialName: <http://rancher.example.com|rancher.example.com>
---
apiVersion: <http://networking.istio.io/v1beta1|networking.istio.io/v1beta1>
kind: VirtualService
metadata:
name: rancher
namespace: cattle-system
spec:
gateways:
- rancher
hosts:
- <http://rancher.example.com|rancher.example.com>
http:
- name: "http"
route:
- destination:
host: rancher.cattle-system.svc.cluster.local
port:
number: 80
Is there is something missing from my part?