openshift 3.11 oc command : error: Error loading config file ".kube/config": yaml: line 11: could not find expected ':'

Question

In a okd cluster installed using https://github.com/openshift/origin/tree/release-3.11

After the okd installation the oc command was working fine but after somedays, I'm facing a weird issue with oc command i.e running any oc command in the cluster is giving

[kubenode@master ~]$ oc status
error: Error loading config file "/home/kubenode/.kube/config": yaml: line 11: could not find expected ':'

The permission of the /home/kubenode/.kube/config is :

[kubenode@master ~]$ ls -al /home/kubenode/.kube/config
-rwx------. 1 kubenode kubenode 6102 Dec 11 00:30 /home/kubenode/.kube/config

While trying to solve this, what I have done is, Empty the file /home/kubenode/.kube/config and copy the content of /etc/origin/master/admin.kubeconfig to /home/kubenode/.kube/config

This has solved the problem but its temporary solution because after some time(few hours) again i get the issue. What could be the root cause for this and what can be the permanent fix?

Answer 1

This is the intended behaviour, as Access tokens and Authorize codes are supposed to only have a limited lifetime.

You should review the Configuring authentication and user agent documentation to set the following options to your liking (for example much longer timeouts) in your /etc/origin/master/master-config.yaml on your Master Nodes:

oauthConfig:
  ...
  tokenConfig:
    accessTokenMaxAgeSeconds: 86400 
    authorizeTokenMaxAgeSeconds: 300 
  ...
  sessionConfig:
    sessionMaxAgeSeconds: 300 

Note that you'll need to apply these settings to all Master Nodes in your cluster. After changing the settings, remember to restart the API and the Controllers using the following commands:

# master-restart api
# master-restart controllers