Cluster information:
Kubernetes version: v1.28.11
Cloud being used: (put bare-metal if not on a public cloud): VMware
Installation method: kubeadm
Host OS: Debian 6.1.52-1 (2023-09-07) x86_64 GNU/Linux
CNI and version: flannelcni/flannel:v0.20.2
CRI and version: containerd containerd.io 1.7.18
I have two clusters: jenkp and jenkpba. On the jenkp cluster, my Jenkins (controller) application is up and running. I want to create a Jenkins build agent on the jenkpba cluster using Jenkins hosted on the jenkp cluster.
I created a service account on the jenkpba cluster, attached a separate secret to the service account, and generated a token. The service account has full permissions as specified in the following YAML configuration:
“”"
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: k8s-jenkins-crb
subjects:
- kind: ServiceAccount
name: k8s-jenkins
namespace: jenkins
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
“”"
When I use this token inside a pod by storing it in a variable and executing a command, it works successfully:
jenkins@jenkins1-abcdefg-wrph7:/ curl -k -H “Authorization: Bearer $jenkpba” https://10.10.x.x:6443/api
{
“kind”: “APIVersions”,
“versions”: [
“v1”
],
“serverAddressByClientCIDRs”: [
{
“clientCIDR”: “0.0.0.0/0”,
“serverAddress”: “10.10.x.x:6443”
}
]
}
However, when I try to use this token to authenticate with Kubernetes through the Jenkins controller, the authentication fails.
I would appreciate your support in troubleshooting the communication between Kubernetes and Jenkins.