Error with RBAC ClusterRoleBinding in section #8

[jon-small]

I'm following this guide for the first time and came across an issue in the RBAC section of step 8 I wanted to make you aware of. With my config (K8s v1.28), using 'namespace=""' in the ClusterRoleBinding will error out with the following:

pi@controller1:~ $ cat <<EOF | kubectl apply --kubeconfig admin.kubeconfig -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: system:kube-apiserver
  namespace: ""
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:kube-apiserver-to-kubelet
subjects:
  - apiGroup: rbac.authorization.k8s.io
    kind: User
    name: kubernetes
EOF
Error from server: error when retrieving current configuration of:
Resource: "rbac.authorization.k8s.io/v1, Resource=clusterrolebindings", GroupVersionKind: "rbac.authorization.k8s.io/v1, Kind=ClusterRoleBinding"
Name: "system:kube-apiserver", Namespace: ""
from server for: "STDIN": etcdserver: leader changed

I removed the 'namespace=""' line from the config and it worked properly:

pi@controller1:~ $ cat <<EOF | kubectl apply --kubeconfig admin.kubeconfig -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: system:kube-apiserver
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:kube-apiserver-to-kubelet
subjects:
  - apiGroup: rbac.authorization.k8s.io
    kind: User
    name: kubernetes
EOF
clusterrolebinding.rbac.authorization.k8s.io/system:kube-apiserver created

My Setup:

• (5) Raspberry Pi 3+ 2GB RAM nodes
• Kubernetes v1.28 ARM64
• K8s Lab Diagram.pdf

Thank you for this guide and the continuing maintenance of it!