Hi, I am trying out the auto registration (of VMs) feature in Istio 1.8.2 and k8s 1.18.10. I was following the steps in Istio / Virtual Machine Installation but running into issues in the following step where we generate the files for VM.
istioctl x workload entry configure -f workloadgroup.yaml -o “${WORK_DIR}” --autoregister
The error is :
Error: could not create a token under service account vm-account in namespace vm-namespace: the server could not find the requested resource
Env:
kubectl version
Client Version: version.Info{Major:“1”, Minor:“18”, GitVersion:“v1.18.10”, GitCommit:“62876fc6d93e891aa7fbe19771e6a6c03773b0f7”, GitTreeState:“clean”, BuildDate:“2020-10-15T01:52:24Z”, GoVersion:“go1.13.15”, Compiler:“gc”, Platform:“darwin/amd64”}
Server Version: version.Info{Major:“1”, Minor:“18”, GitVersion:“v1.18.10”, GitCommit:“62876fc6d93e891aa7fbe19771e6a6c03773b0f7”, GitTreeState:“clean”, BuildDate:“2020-10-15T01:43:56Z”, GoVersion:“go1.13.15”, Compiler:“gc”, Platform:“linux/amd64”}
I was able to previously generate the token and configure the VM, but I was running into connectivity issues. I wanted to try this out in istio 1.7x and ran into the same error while creating Kubernetes Token. Subsequently I am not able to get past this error even in Istio 1.8.2.
echo ‘{“kind”:“TokenRequest”,“apiVersion”:“authentication.k8s.io/v1",“spec”:{“audiences”:[“istio-ca”],"expirationSeconds”:’$tokenexpiretime’}}’ | kubectl create --raw /api/v1/namespaces/$VM_NAMESPACE/serviceaccounts/$SERVICE_ACCOUNT/token -f - | jq -j ‘.status.token’ > “${WORK_DIR}”/istio-token
I am getting the same error on Minikube as well as Kind.
Not sure if this has anything to do with some cached files…but I already tried deleteting ~/.kube and ~/.minikube directories.
Please suggest how to proceed further.