Issue
I'm trying to deploy my docker image into the cluster using Jenkins. my Jenkins application is running in an EC2 ubuntu server. Initially, when I tried I was getting this error.
I referred to this stack and added Jenkins users IAM arn to the Kube config file using
kubectl edit configmap aws-auth -n kube-system
After updating the config file when I run my pipeline, I get this new error
My question is,
- This Jenkins User is an admin user, then why am I getting this access control error?
Please help me with this?
Solution
As mentioned in the comment
The service account jenkins doesn't have privileges to list pods kube-system. You would have to create ClusterRoleBinding and ClusterRole to make it work.
You can do that with kubectl create like in above @Gowtham Babu answer.
There is an example from below medium tutorial
Also when rbac is set to true, following have to be done in order to allow jenkins pod access to “kube-system” namespace of the kubernetes cluster.
Create a clusterrolebinding with permissions “cluster-admin”,
kubectl create clusterrolebinding jenkinsrolebinding - -clusterrole=cluster-admin - - group=system:serviceaccounts:jenkins
Additional resources:
- https://medium.com/@pallavisengupta/jenkins-kubernetes-authentication-and-authorization-fa6966356c90
- https://kubernetes.io/docs/reference/access-authn-authz/rbac/
Answered By - Jakub