After restore from etcd backup, k8s api returning 401 unauthorized to pods

ryanwalls · April 2, 2017, 12:30am

More details here: https://github.com/rancher/rancher/issues/8388

I’m assuming that somehow the tokens that pods are using to contact the k8s api are invalid. Any ideas on how to reset the API authentication? Restart the API service?

k8s api just prints verification errors over and over:

1 handlers.go:58] Unable to authenticate the request due to an error: crypto/rsa: verification error

ryanwalls · April 2, 2017, 1:06am

Figured out that the service account tokens were no longer valid after the restore for some reason. Had to delete the secrets and delete the pods using the secrets.

Topic		Replies	Views
How to redeploy metrics.k8s.io? Rancher	1	1919	March 10, 2019
2 Dead Rancher clusters due to expired certificates (Rancher 2.2.4) Rancher	2	2496	May 24, 2021
Unable to authenticate into k8s cluster	1	5650	December 29, 2017
Unable to communicate with the k8s API server Rancher 1.x	0	1116	November 2, 2017
V2.2.x restore etcd database Rancher	0	622	September 16, 2019

After restore from etcd backup, k8s api returning 401 unauthorized to pods

Related topics