kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Warn that enabling irsa can be disruptive

This commit is contained in:
Ole Markus With 2022-09-01 20:47:22 +02:00
parent bcbd1fa1c5
commit ddb5ad107f
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/cluster_spec.md
View File

@ -1506,6 +1506,8 @@ spec:
{{ kops_feature_table(kops_added_default='1.21') }}
**Warning**: Enabling the following configuration on an existing cluster can be disruptive due to the control plane provisioning tokens with different issuers. The symptom is that Pods are unable to authenticate to the Kubernetes API. To resolve this, delete Service Account token secrets that exists in the cluster and kill all pods unable to authenticate.
kOps can publish the Kubernetes service account token issuer and configure AWS to trust it
to authenticate Kubernetes service accounts: