https://rancher.com/ logo
#general
Title
# general
p

polite-breakfast-84569

09/14/2022, 11:41 AM
Hi Everyone, I have some issues currently after updating to Rancher 2.6.8 where I cannot exec to any pods:
Copy code
$ kubectl exec -it my-pod -- sh
Error from server:
after debugging with
kubectl -v=7 exec -it my-pod -- sh
I saw:
Copy code
I0914 13:35:16.704958   79032 round_trippers.go:457] Response Status: 403 Forbidden in 95 milliseconds
I0914 13:35:16.705922   79032 helpers.go:216] server response object: [{
  "metadata": {}
}]
so it seems there is some premission issue even though i am the cluster admin. I just upgraded Rancher and decided to setup a cert-manager Certificate with istio:
Copy code
apiVersion: <http://networking.istio.io/v1beta1|networking.istio.io/v1beta1>
kind: Gateway
metadata:
  name: rancher
  namespace: cattle-system
spec:
  selector:
    app: istio-ingressgateway
  servers:
    - port:
        number: 443
        name: https
        protocol: HTTPS
      hosts:
      - <http://rancher.example.com|rancher.example.com>
      tls:
        mode: SIMPLE
        credentialName: <http://rancher.example.com|rancher.example.com>
---
apiVersion: <http://networking.istio.io/v1beta1|networking.istio.io/v1beta1>
kind: VirtualService
metadata:
  name: rancher
  namespace: cattle-system
spec:
  gateways:
  - rancher
  hosts:
  - <http://rancher.example.com|rancher.example.com>
  http:
  - name: "http"
    route:
    - destination:
        host: rancher.cattle-system.svc.cluster.local
        port:
          number: 80
Is there is something missing from my part?