Cannot delete keypair secrets with multiple id's #5318
Comments
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
the
lifecycle/stale
|
I have the same problem. jtolsma did you find a solution for this? |
|
@fcortijo-waldo From initial testing, I was able to delete the keypairs by going into the state store (s3 bucket) and deleting the "issued" and "private" folders under the pki folder. After doing that I ran |
|
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
lifecycle/rotten
|
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
|
@fejta-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Your bots are closing an issue, that is still an issue. I will open a new one. P.s. Where can I buy one of these? It would come handy here at work. |
Thanks for submitting an issue! Please fill in as much of the template below as
you can.
------------- BUG REPORT TEMPLATE --------------------
kopsversion are you running? The commandkops version, will displaythis information.
kops version
Version 1.9.1
kubectl versionwill print theversion if a cluster is running or provide the Kubernetes version specified as
a
kopsflag.Server Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.3", GitCommit:"d2835416544f298c919e2ead3be3d0864b52323b", GitTreeState:"clean", BuildDate:"2018-02-07T11:55:20Z", GoVersion:"go1.9.2", Compiler:"gc", Platform:"linux/amd64"}
AWS
Trying to reset the kubecfg credential to a cluster by following this document: https://github.com/kubernetes/kops/blob/master/docs/rotate-secrets.md
The delete secret secret line worked fine, but the delete secret keypair did not. I have multiple Keypair id's listed and it won't let me delete any of them. I tried deleting just the secrets and recreating them but was still able to connect with my original kubecfg. What is the simplest way to revoke the kubecfg client credentials and roll those to a cluster?
Example:
kops get secret
Keypair kube-controller-manager 6535036977980663811654852636
Keypair kube-controller-manager keyset.yaml
kops delete secret keypair kube-controller-manager
found multiple matching secrets; specify the id of the key
kops delete secret keypair kube-controller-manager 6535036977980663811654852636
I0612 16:02:31.789595 39168 certificate.go:106] Ignoring unexpected PEM block: "RSA PRIVATE KEY"
error deleting secret: error deleting certificate: error loading certificate "s3://foo/bar/pki/private/kube-controller-manager/6535036977980663811654852636.key": could not parse certificate
The file s3://foo/bar/pki/private/kube-controller-manager/6535036977980663811654852636.key exists, but it starts with -----BEGIN RSA PRIVATE KEY-----, the code seems to be looking for CERTIFICATE?
kops delete secret keypair kube-controller-manager keyset.yaml
error deleting secret: keypair had non-integer version: "keyset.yaml"
How do I delete the keyset.yaml?
Thanks in advance.
The text was updated successfully, but these errors were encountered: