minishift: Adding developer to sudoers fails when using 3.6.x version of OpenShift
Looks like we have some code regression the way minishift_kubeconfig created and this make minishift failed during adding developer user to sudoers.
$ ./minishift start --openshift-version v3.6.0-alpha.2
[...]
Image pull complete
OpenShift server started.
The server is accessible via web console at:
https://192.168.42.71:8443
You are logged in as:
User: developer
To login as administrator:
oc login -u system:admin
Error during post cluster up configuration: Unable to add sudoer role
About this issue
- Original URL
- State: closed
- Created 7 years ago
- Comments: 20 (15 by maintainers)
Commits related to this issue
- Issue #1011 Fix Adding developer to sudoers when use v1.3.6 — committed to praveenkumar/minishift by praveenkumar 7 years ago
- Issue #1011 Fix Adding developer to sudoers when use v1.3.6 — committed to praveenkumar/minishift by praveenkumar 7 years ago
- Issue #1011 Fix Adding developer to sudoers when use v1.3.6 - Current implementation use version compare which should be upstream — committed to praveenkumar/minishift by praveenkumar 7 years ago
- Issue #1011 Fix Adding developer to sudoers when use v3.6 - Current implementation use version compare which should be upstream — committed to praveenkumar/minishift by praveenkumar 7 years ago
- Issue #1011 Fix Adding developer to sudoers when use v3.6 - Current implementation use version compare which should be upstream — committed to praveenkumar/minishift by praveenkumar 7 years ago
- Issue #1011 Fix Adding developer to sudoers when use v3.6 - Current implementation use version compare which should be upstream — committed to praveenkumar/minishift by praveenkumar 7 years ago
- Issue #1011 Fix Adding developer to sudoers when use v3.6 - Current implementation use version compare which should be upstream — committed to praveenkumar/minishift by praveenkumar 7 years ago
- Issue #1011 Keeping OpenShift version check contained in PostClusterUp — committed to hferentschik/minishift by hferentschik 7 years ago
- Issue #1011 Fix Adding developer to sudoers when use v3.6 - Current implementation use version compare which should be upstream — committed to praveenkumar/minishift by praveenkumar 7 years ago
@hferentschik it is assigned to @praveenkumar and I believe he is working on it.
@jorgemoralespou @csrwng So I tried to find out what actually causing the issue and looks like the way kubeconfig generated for v1.5.1 and v3.6.x is changed. For 3.6.x we only have
system:admincert for127.0.0.1not with the cluster IP. I generated kubeconfig for both version and pasted https://paste.fedoraproject.org/paste/ZmtA98~gc31O3MYo3cLpwQ. The way we were creatingminishift_kubeconfigbreak because of it now. Any specific reason this changed?So, here’s what I saw, not sure what’s the real problem, but taking a guess, would be because I have a real messed up kubeconfig in my HOME.
In the minishift_kubeconfig you save in .minishift/machines the user system:admin that’s there is not a valid one. Probably could be taken from a previous run of minishift.
Think that every time you start minishift, in the $HOME/.kube/config you’ll have an entry for the context (user, cluster and namespace). These will use the certificates from the minishift install you’re creating. It might happen that the user you’re finding has certificates from a previous run of minishift, hence not able to validate/login.
I would take 2 actions:
How can you test if the minishift is properly created:
If you don’t get that user, the context is not correct.
You can check in regular context with:
Then you can compare the relevant entries from both files.
Hope this helps.