sticky-microphone-71272
10/19/2022, 7:41 AMwarn serverca Authentication failed for 10.42.3.41:55132: Authenticator ClientCertAuthenticator at index 0 got error: no verified chain is found. Authenticator KubeJWTAuthenticator at index 1 got error: failed to validate the JWT from cluster "Kubernetes": the service account authentication returns an error: [invalid bearer token, token audiences ["<https://kubernetes.default.svc.cluster.local>" "rke2"] is invalid for the target audiences ["istio-ca"]].
2022-10-19T03:09:50.279840Z warn serverca Authentication failed for 10.42.4.42:41496: Authenticator ClientCertAuthenticator at index 0 got error: no verified chain is found. Authenticator KubeJWTAuthenticator at index 1 got error: failed to validate the JWT from cluster "Kubernetes": the service account authentication returns an error: [invalid bearer token, token audiences ["<https://kubernetes.default.svc.cluster.local>" "rke2"] is invalid for the target audiences ["istio-ca"]].
2022-10-19T03:09:50.285617Z warn serverca Authentication failed for 10.42.4.46:50152: Authenticator ClientCertAuthenticator at index 0 got error: no verified chain is found. Authenticator KubeJWTAuthenticator at index 1 got error: failed to validate the JWT from cluster "Kubernetes": the service account authentication returns an error: [invalid bearer token, token audiences ["<https://kubernetes.default.svc.cluster.local>" "rke2"] is invalid for the target audiences ["istio-ca"]].
I google it first and it seems related with init cmd of kube-api? I'm confused right now, so has anyone encounter the same thing like me? BTW, my k8s config is
master01 Ready control-plane,etcd,master 38h v1.21.4+rke2r2 10.64.1.20 <none> Ubuntu 20.04.1 LTS 5.15.0-50-generic <containerd://1.6.2>
master02 Ready control-plane,etcd,master 25h v1.21.4+rke2r2 10.64.1.21 <none> Ubuntu 20.04.1 LTS 5.15.0-50-generic <containerd://1.6.2>
master03 Ready control-plane,etcd,master 20h v1.21.4+rke2r2 10.64.1.22 <none> Ubuntu 20.04.1 LTS 5.15.0-50-generic <containerd://1.6.2>
worker01 Ready <none> 23h v1.21.4+rke2r2 10.64.1.23 <none> Ubuntu 20.04.1 LTS 5.15.0-50-generic <containerd://1.6.2>
worker02 Ready <none> 23h v1.21.4+rke2r2 10.64.1.24 <none> Ubuntu 20.04.1 LTS 5.15.0-50-generic <containerd://1.6.2>
worker03 Ready <none> 23h v1.21.4+rke2r2 10.64.1.25 <none> Ubuntu 20.04.1 LTS 5.15.0-50-generic <containerd://1.6.2>