kubernetes - kubectl : unable to recognize "csr.yaml": no matches for kind "CertificateSigningRequest" in version "certificates.k8s.io/v1"

Question

Welcome To Ask or Share your Answers For Others

kubernetes - kubectl : unable to recognize "csr.yaml": no matches for kind "CertificateSigningRequest" in version "certificates.k8s.io/v1"

asked Oct 7, 2021 in Technique[技术] by 深蓝 (71.8m points)

kubernetes - kubectl : unable to recognize "csr.yaml": no matches for kind "CertificateSigningRequest" in version "certificates.k8s.io/v1"

i have this template i try to invoke: looking at the docs example here

--- 
apiVersion: certificates.k8s.io/v1
kind: CertificateSigningRequest
metadata: 
  name: vault-csr
spec: 
  groups: 
    - system: authenticated
  request: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJRklEQ0NBd2dDQVFBd0lERWVNQndHQTFVRUF3d1ZkbUYxYkhRdWRtRjFiSFF0Y0dWeWMyOHVjM1pqTUlJQwpJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBZzhBTUlJQ0NnS0NBZ0VBdFJubkFQR2R4bG1xdjhMOW1Gc29YOXJuCk9JcTVGTnJMZmRDelZCVEVnUEV6TDgzSWFsT1cya2lrNWFRM282d2NSTmx1S3NzeUl1c0ZUSTFqR2djWjN0eXkKSDFqMlROMmNHMHp4MGVaYTJqK3JMVkkwSmVTdXFHNkdmY01rRzRudUhZSGJraDZUYmgyalc5S0RTUTVRekNzdwo0Rlg4bDZXVEVILzdSemgwNCt0RkdFamxVVktkakJYcnVqMnhBc0NqemJ2Sy9GaEhLRjJwRVpza1pSNWtCbC80Cm1KL2xHUTRUTysyVW5CbmsvalJJd3g5a0ZGWDhucEhGWxxxLS0K
  signerName: kubernetes.io/kubelet-serving
  usages:
  - digital signature
  - key encipherment
  - server auth

the version of kubectl:

$ kubectl version --short
Client Version: v1.20.0
Server Version: v1.18.9-eks-d1db3c

And im working with AWS EKS i keep getting :

$ kubectl create -f csr.yaml
error: unable to recognize "csr.yaml": no matches for kind "CertificateSigningRequest" in version "certificates.k8s.io/v1"

UPDATE after changing to apiVersion: certificates.k8s.io/v1beta1

apiVersion: certificates.k8s.io/v1beta1
kind: CertificateSigningRequest
metadata: 
  name: vault-csr
spec: 
  groups: 
    - system: authenticated
  request: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSB.....
  usages:
  - digital signature
  - key encipherment
  - server auth

Im getting now this error:

$ kubectl create -f csr.yaml
error: error validating "tmp/csr.yaml": error validating data: ValidationError(CertificateSigningRequest.spec.groups[0]): invalid type for io.k8s.api.certificates.v1beta1.CertificateSigningRequestSpec.groups: got "map", expected "string"; if you choose to ignore these errors, turn validation off with --validate=false

question from:https://stackoverflow.com/questions/65857310/kubectl-unable-to-recognize-csr-yaml-no-matches-for-kind-certificatesignin

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Answer

深蓝 · Answer 1 · 2021-10-06T19:27:30+0000

As per the K8s change doc, the CertificateSigningRequest API is promoted to certificates.k8s.io/v1 only as part of the K8s 1.19 release.

It was under certificates.k8s.io/v1beta1 before that.

I suspect that to be a problem as your server version is v1.18.

So, try changing your apiVersion as below:

apiVersion: certificates.k8s.io/v1beta1

Categories

kubernetes - kubectl : unable to recognize "csr.yaml": no matches for kind "CertificateSigningRequest" in version "certificates.k8s.io/v1"

kubernetes - kubectl : unable to recognize "csr.yaml": no matches for kind "CertificateSigningRequest" in version "certificates.k8s.io/v1"

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags