kubernetes - http:代理错误:x509:证书由未知权威签署
问题描述
我正在使用以下命令启动 kubernetes 代理:
kubectl proxy --port=8001 --address=172.19.104.231 --accept-hosts='^*$'
尝试在主节点中使用 curl 命令访问 kubernetes api,如下所示:
curl http://172.19.104.231:8001
但是服务器端给出了这个提示:
[root@ops001 ~]# kubectl proxy --address=172.19.104.231 --port=8001 --accept-hosts='^*$'
Please enter Username: admin
Please enter Password: Starting to serve on 172.19.104.231:8001
I0119 23:19:32.724990 4274 log.go:172] http: proxy error: x509: certificate signed by unknown authority
I0119 23:19:59.951800 4274 log.go:172] http: proxy error: x509: certificate signed by unknown authority
I0119 23:22:13.782977 4274 log.go:172] http: proxy error: x509: certificate signed by unknown authority
I0119 23:22:22.517052 4274 log.go:172] http: proxy error: x509: certificate signed by unknown authority
我应该如何解决这个问题并访问 kubernetes 成功?我已经阅读了 Kubectl proxy 显示由未知权限签名的证书,并且我没有使用 kubeadmin 安装 kubernetes 并且没有 admin.conf 文件。我也读到了这个kubectl 无法连接到服务器:x509: certificate signed by unknown authority,但我的问题不同。这是我的~/.kube/config:
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2akNDQXFhZ0F3SUJBZ0lVVDN2VHc0dVNxVEtFUW5SNmg4SlFmaXpPMWdNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pURUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFVcHBibWN4RURBT0JnTlZCQWNUQjBKbAphVXBwYm1jeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByCmRXSmxjbTVsZEdWek1CNFhEVEU1TURneU5URXlNRGd3TUZvWERUSTVNRGd5TWpFeU1EZ3dNRm93WlRFTE1Ba0cKQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjBKbGFVcHBibWN4RURBT0JnTlZCQWNUQjBKbGFVcHBibWN4RERBSwpCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUk13RVFZRFZRUURFd3ByZFdKbGNtNWxkR1Z6Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBcVBIQURsVnVUOVh5cXRHOElrZHAKQUV6QXVxYisrNE4rYmxtYWE2TllNUjRiZVFvenNuQ1dTSG1ackwvOHVQMmhhWTJna1I0S2hzVzRueTBtZElWTQphYk51dUtiUHUxTnUrMUVyQVh1OWd3QU1GSkpIWkNwSGFhcE1lWGRSck5aek5ZRFRhN1FENE1iSUZ0MTMzV3dECk1pY2tlczZ2Sm9EYnc2Q01rdjlja2FmenA0QlR4eWdiT01pN1Y4MFI0eUZaRUdFQ1EyQnZFVXZXOCs3MWUwa1QKR0tFOS9TYnpHT2lBTk4yWUlUVjdlTkpmWFZkSjczUXNYdjhJU3dEVUlET0JvTnF4RVQ3WkVMYXBubUJQMlpkOApybGF6YVdIK3g0Q2xSVDV0YUZDeHFvMGNKS1BoVUxvRU5OdWtXQ0JrK3FDQlhndjcwTzhqTUdaZHArdFFJZmdoCkNRSURBUUFCbzJZd1pEQU9CZ05WSFE4QkFmOEVCQU1DQVFZd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFqQWQKQmdOVkhRNEVGZ1FVMDNKQjRHV2RMMXh0bHZiS1FxWExiQ3V4ZUlBd0h3WURWUjBqQkJnd0ZvQVUwM0pCNEdXZApMMXh0bHZiS1FxWExiQ3V4ZUlBd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFKNms0dU94ZTVQN2xCTGh5UUttCkxBUnF3MWEzNE1ZYUN3VHh2UlZsQWFBUVNkdFQzS1JGMTZhUjRSM3B1Y0ZNQTRrT3J4eDloUDQ1N2s2bVZVa1gKclNVUituZkQzS0xFVTZzUHZPRVZjK3grWUxEL1RiVmJLRjRMRE53SWtjclhXTE15VkVoSEVmRGh1TDRWMWgvNQptaG16UTZMVnBWeUJ5MDlOcE5HUklnN0V2Vm5OYVZYTVJaNisvWE5JaHZHNytIQWFydElVOGhJYUlTR3ZNNk1TCldkRmpFZXVxYThwbzNXZkxHSXl6MmFnY0pYTitubXZWMjhPT1UrQTFWU3VpV09vaEtLZ0xGMGowVHpvSGMwKzIKWlRYd0U2WEovd0xxc1BLMXRSZGw5eDA4WmlnTGZXTlR0Tzk4NVdHNUZGalNDMGE1cEUxblJYcmQ2VUZXMDU3SgpERWM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://172.19.104.231:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: admin
name: kubernetes
current-context: kubernetes
kind: Config
preferences: {}
users: []
解决方案
推荐阅读
- bash - bash - 在序列中显式重复:如何将 AACCCC 变为 2A4C?
- arrays - 为什么我应该减去 '0' 以便我可以做 int_arr[5] = char_string[5]?
- python - DataFrame 声明中的 dtype 适用于 Google Colab 但不适用于 Jupyter Notebook
- javascript - 我的“等待”在 webdriverIO 中无法正常工作
- testing - Jmeter 5.4.1 - Groovy 脚本错误“没有方法签名”
- spacy - 从 spacy doc.ents 中删除空格
- jquery-query-builder - jquery querybuilder:在文件 query-builder.standalone 中编辑规则的结构
- android - 在视图模型中替换当前协程调用的最佳实践
- javascript - 如何从 UI5 中的 DOM 中删除脚本元素?
- python - 我如何知道我的 SQL 查询是否暴露给 SQL 注入