I am encountering a TokenRequest API warning after upgrading my LKE cluster. Is this something I should be concerned about?

From our documentation:

• https://www.linode.com/docs/products/compute/kubernetes/guides/upgrade-kubernetes-version/#upgrade-process

When a Kubernetes version upgrade is initiated on an LKE cluster (including both patch versions and minor versions), the control plane components are automatically upgraded. New worker nodes are also created using the new version.

This warning appears because the Kubernetes version 1.27 release no longer automatically generates service account tokens for every service account. kubectl displays this warning because the auto-generated tokens from version 1.26 persist after the 1.27 upgrade.

To fix this warning, you’ll need to delete all secrets of type kubernetes.io/service-account-token that you haven't manually created yourself. More information about managing service tokens is available here:

• https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/

After the tokens in kube-system are deleted, you will need to regenerate then download your Kubeconfig to restore access to your cluster. LKE will recreate the necessary tokens when you regenerate your Kubeconfig file. You can find more regenerating your Kubeconfig file here:

• https://www.linode.com/docs/products/compute/kubernetes/get-started/#access-and-download-your-kubeconfig

Our LKE changelogs are available here:

• https://www.linode.com/docs/release-notes/lke/

Hi. When I list out all of the secrets of that type in kube-system, I have tens of them. Please can you confirm whether I should be deleting all of them or just specific ones?

I have read the article with the understanding I should delete them all but, before I do that I wanted to check.

Cheers

I deleted all the tokens using the command referenced in the release notes here: https://www.linode.com/docs/release-notes/lke/#linode-kubernetes-engine-v1540