When deploying oom/kubernetes/oneclick/createAll.bash -n onap -a kube2msb I get the following error and my pod “po/kube2msb-registrator” fails to start.
2018-01-12 13:55:45.256605 I | Using https://kubernetes.default.svc.cluster.local:443 for kubernetes master
2018-01-12 13:55:45.266852 I | Could not connect to Kube MasterUnauthorized
My understanding is that kube2msb-registrator is trying to access the kube-master API from within the pod
I found a file “oom/kubernetes/kube2msb/values.yaml” which has a hard coded token
If I replace the token with the one returned from the following command I can get the pod to start.
kubectl describe secret $(kubectl get secrets | grep default | cut -f1 -d ' ')
It is not recommended to use a hard coded token. A service account should be used instead. This is the recommended way described by kubernetes.