Shell access to apps: Permission Denied

[indivision]

Since upgrading to Bluefin, I haven't been able to open apps via the shell option. They all say permission denied.

Full error message:

Code:

WARN[0000] Unable to read /etc/rancher/k3s/k3s.yaml, please start server with --write-kubeconfig-mode to modify kube config permissions
error: error loading config file "/etc/rancher/k3s/k3s.yaml": open /etc/rancher/k3s/k3s.yaml: permission denied

Is this due to not logging in with "root"? Does anyone know of a way around this to make the shell option work?

 

[danb35]

Is this due to not logging in with "root"?

I recall reading that this is expected when using a non-root admin--it's supposed to be fixed in a future release.

 

[indivision]

I recall reading that this is expected when using a non-root admin--it's supposed to be fixed in a future release.

Thank you!

 

[19norant]

Is there a way we can get our own shell from the host in the meantime?

I was hoping to sudo kubectl something or other, but...

Code:

zsh: command not found: kubectl

 

[browntiger]

You would have to look up a right pod and kubectl to it.
May be easier to install Heavy_Script, and use command to pod to open shell.

>I was hoping to sudo kubectl something or other, but...
Because it is not kubectl, it is: k3s kubectl ...

 

[19norant]

Because it is not kubectl, it is: k3s kubectl ...

Ahhh, I'm a kubernetes rookie yet. Coming from a Docker Swarm background and getting settled in. Thanks for the clarification.

I did have some luck, however. For anyone trying to get into a container to check things out in more detail...

Code:

# find your container
sudo docker ps

# shell into it
sudo docker exec -it <your-container-id> /bin/sh

 

[axillent]

Ahhh, I'm a kubernetes rookie yet. Coming from a Docker Swarm background and getting settled in. Thanks for the clarification.

I did have some luck, however. For anyone trying to get into a container to check things out in more detail...

the following command under root fix it:

chmod a+r /etc/rancher/k3s/k3s.yaml

 

[FrostyCat]

The sooner you forget about docker and use kubectl the better IMO. Docker itself is kind of dead in the enterprise space anyway, the runtime (containerd) will still live for a while but eventually it will go away.

Same can be accomplished with this:

Code:

# list pods (a pod is a group of containers, can contain only 1 container too)
k3s kubectl -n ix-APPNAMESPACE get pods

# get a shell inside the pod
k3s kubectl -n ix-APPNAMESPACE exec -ti PODNAME -- bash

# get a shell inside a specific container in a pod
k3s kubectl -n is-APPNAMESPACE exec -ti PODNAME -c CONTAINERNAME -- bash

# and so on.

You can even alias k3s kubectl in your .zshrc if you'd like. E.g.:

Code:

alias k='k3s kubectl'
alias ks='k -n kube-system'
# and so on

Ahhh, I'm a kubernetes rookie yet. Coming from a Docker Swarm background and getting settled in. Thanks for the clarification.

I did have some luck, however. For anyone trying to get into a container to check things out in more detail...

Code:

# find your container
sudo docker ps

# shell into it
sudo docker exec -it <your-container-id> /bin/sh