minishift: Cannot login to minishift as admin

A workaround is:

minishift ssh
sudo cat /home/docker/.kube/config

then paste it to your ~/.kube/config

@carbonin you should try to use admin user addon and then you can able to login as admin with password admin

$ minishift addon apply admin-user

Here is the work around:

$ minishift addon enable admin-user

$ minishift start 

$ oc login -u admin
Authentication required for https://192.168.64.2:8443 (openshift)
Username: admin
Password: admin
Login successful.

You have access to the following projects and can switch between them with 'oc project <projectname>':

    default
    kube-public
    kube-system
  * myproject
    openshift
    openshift-infra
    openshift-node
    openshift-web-console

Using project "myproject".

Or

$ minishift addon apply admin-user

$ oc login -u admin
Authentication required for https://192.168.64.2:8443 (openshift)
Username: admin
Password: admin
Login successful.

Hello all!

As a workaround for this issue I connected to the openshift-origin pod and added the cluster-admin user role to the standard “developer” user. This effectively turns developer into cluster admin with full access to infrastructure projects/namespaces.

with minishift VM up and running:

minishift ssh #to connect to the VM
[docker@minishift docker]#sudo -s #to have access to the docker daemon(not sure if absolutely necessary)
[root@minishift docker]# docker ps -f "name=origin" --format "{{.ID}}" #to get the ID of the Origin pod
8d63f6fb9b34
[root@minishift docker]# docker exec -it $(docker ps -f "name=origin" --format "{{.ID}}") "/bin/bash" #to attach to the running container with a bash shell interactive tty
[root@minishift origin]# oc whoami
system:admin
[root@minishift origin]# oc adm policy add-cluster-role-to-user cluster-admin developer #to effectively give admin rights to the "developer" user

This is also persistent, so the policy config does not neet to be reapplied upon minishift restart.

edit:/ below procedure from @Valien is a simpler one

@nilarte Yes, we have done a release as users are facing a lot of issue because of this. It is released as part of https://github.com/minishift/minishift/releases/tag/v1.20.0. cc @gbraad

So saw this on another issue linked to the system:admin error. You need to run the following to get the admin-use addon to work properly:

1. minishift addon enable admin-user
2. minishift addon apply admin-user

Once done you should be able to login as admin/admin and see all the cluster projects.

Thanks for the workaround as I was bashing my head against the desk with the system:admin bug.

Switching to minishift from the normal oc cluster up docker containers since Docker broke the proxy issues.

All of us used to be able to login as system:admin previously. They have decided to take that power away from us now, and hence this issue was opened. Till this issue is fixed or a conclusion is reached, the workaround to become an admin of your cluster is to enable the admin-user addon, and then login as user: admin and pass: admin. It won’t give you our favorite system:admin user, but give the admin user admin rights. You’ll be able to see the system projects after enabling the admin-user addon. Any other user, is well, just any other user.

I am running into this issue too. I see a difference in ~/.kube/config between v1.17.0+f974f0c and v1.18.0+756b128. With v1.17, after doing minishift start, if I check ~/.kube/config I see that it has the following section for users:

users:
- name: developer/192-168-42-166:8443
  user:
    token: YQSovKc82xd61TAIDKsE40r9xLhz0GCgoNH_7G2UMmE
- name: system:admin/127-0-0-1:8443
  user:
    client-certificate-data: <data>
    client-key-data: <data>

If I then delete ~/.kube/ and ~/.minishift/ and try minishift start with v1.18, I see the following in ~/.kube/config:

users:
- name: developer/192-168-42-117:8443
  user:
    token: W0HLMgNMG3uuanznSn3TzcfBhA5PDWy2YO4xAxef9Do

The system:admin user is missing which I think is the cause of the issue. Was this change done on purpose between releases or is it a regression?

@ibaboo as per logs you are using kvm if you want to use the VirtualBox then --vm-driver virtualBox is needed as start option.

I am using Virtual Box

@ibabooI am not able to reproduce the issue you are facing. What I m suspecting, in your case there might be old oc reference present in the path. Please try these steps

1. ./minishift start
2. eval $(./minishift oc-env)
3. oc login -u system:admin