Red Hat Bugzilla – Bug 1256651
"no API token found for service account default/default" when creating pod
Last modified: 2016-09-08 07:27:34 EDT
What instructions did you follow for setup?
Also, do you have the full command lines for the daemons?
Service accounts require a key, referenced by both the apiserver and the controller-manager.
A signing key is needed for the tokens to be set up automatically. If there are install scripts, the scripts should set up that key (see Kubernetes local-up-cluster.sh for an example, or follow instructions from https://github.com/kubernetes/kubernetes/issues/11355#issuecomment-127378691
I'm open to suggestions for a place to put those instructions, or better defaults in the systemd env files to make it clear that key is required
https://github.com/projectatomic/adb-atomic-developer-bundle/pull/76 (comment form jasonbrooks) shows how to set service account key with ansible:
KUBE_API_ARGS="--tls-cert-file=/etc/kubernetes/certs/server.crt --tls-private-key-file=/etc/kubernetes/certs/server.key --client-ca-file=/etc/kubernetes/certs/ca.crt --token-auth-file=/etc/kubernetes/tokens/known_tokens.csv --service-account-key-file=/etc/kubernetes/certs/server.crt"
Closing due to age. Reopen if you still feel this is an issue.
For 1-node cluster deployment one can use https://github.com/kubernetes/contrib/blob/master/ansible/scripts/deploy-local-cluster.sh. As the cluster is deployed on localhost, flannel installation is skipped as it is not needed.