Kubernetes:./hack/local-up-cluster.sh 需要身份验证
Kubernetes: ./hack/local-up-cluster.sh requires authentication
我已将本地 kubernetes 从 master(2016 年 12 月)更新为 v1.5.3
我使用 hack/local-up-cluster.sh 启动我的本地集群:
sudo KUBE_ENABLE_CLUSTER_DNS=true \
SERVICE_CLUSTER_IP_RANGE="10.100.0.0/16" \
API_HOST_IP=0.0.0.0 \
hack/local-up-cluster.sh
更新后出现这个错误:
Creating kube-system namespace
Cluster "local" set.
Context "local" set.
Switched to context "local".
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Error from server (AlreadyExists): error when creating "namespace.yaml": namespaces "kube-system" already exists
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
deployment "kube-dns" created
Please enter Username:
我该如何解决?
完整日志:
0.0 hack/local-up-cluster.sh
[sudo] password for dmitry:
make: Entering directory '/opt/kubernetes'
make[1]: Entering directory '/opt/kubernetes'
can't load package: package .: no buildable Go source files in /opt/kubernetes
can't load package: package .: no buildable Go source files in /opt/kubernetes
can't load package: package .: no buildable Go source files in /opt/kubernetes
can't load package: package .: no buildable Go source files in /opt/kubernetes
make[1]: Leaving directory '/opt/kubernetes'
+++ [0227 19:34:34] Building the toolchain targets:
k8s.io/kubernetes/hack/cmd/teststale
k8s.io/kubernetes/vendor/github.com/jteeuwen/go-bindata/go-bindata
+++ [0227 19:34:34] Generating bindata:
test/e2e/framework/gobindata_util.go
+++ [0227 19:34:35] Building go targets for linux/amd64:
cmd/kubectl
cmd/hyperkube
make: Leaving directory '/opt/kubernetes'
API SERVER insecure port is free, proceeding...
API SERVER secure port is free, proceeding...
Detected host and ready to start services. Doing some housekeeping first...
Using GO_OUT /opt/kubernetes/_output/local/bin/linux/amd64
Starting services now!
Starting etcd
etcd --advertise-client-urls http://127.0.0.1:2379 --data-dir /tmp/tmp.FhAud4KuG4 --listen-client-urls http://127.0.0.1:2379 --debug > "/dev/null" 2>/dev/null
Waiting for etcd to come up.
+++ [0227 19:34:38] On try 2, etcd: : http://127.0.0.1:2379
{"action":"set","node":{"key":"/_test","value":"","modifiedIndex":4,"createdIndex":4}}
Waiting for apiserver to come up
+++ [0227 19:34:39] On try 2, apiserver: : {
"major": "1",
"minor": "5",
"gitVersion": "v1.5.3",
"gitCommit": "029c3a408176b55c30846f0faedf56aae5992e9b",
"gitTreeState": "clean",
"buildDate": "2017-02-27T11:05:22Z",
"goVersion": "go1.7.4",
"compiler": "gc",
"platform": "linux/amd64"
}
Creating kube-system namespace
Cluster "local" set.
Context "local" set.
Switched to context "local".
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Error from server (AlreadyExists): error when creating "namespace.yaml": namespaces "kube-system" already exists
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
deployment "kube-dns" created
Please enter Username:
kubectl config view:
apiVersion: v1
clusters:
- cluster:
certificate-authority: /var/run/kubernetes/apiserver.crt
server: https://localhost:6443
name: local
contexts:
- context:
cluster: local
user: ""
name: local
current-context: local
kind: Config
preferences: {}
users: []
kubectl config get-contexts local:
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* local local
您的 local 上下文配置时没有用户,但您的集群似乎配置为使用 CA。如果您的集群正在使用 CA,您需要一个具有由上述 CA 签名的有效证书的用户,或者需要一个有效的用户令牌才能通过 TLS 进行通信。
您提到的脚本 gives some hints 关于您应该在完成后配置客户端的方式,请尝试按照以下步骤操作:
cluster/kubectl.sh config set-credentials myself --username=admin --password=admin
cluster/kubectl.sh config set-context local --cluster=local --user=myself
cluster/kubectl.sh config use-context local
另一种选择是以通过 不安全 端口进行通信的方式更改本地配置,该端口默认为 8080。您可以使用以下命令实现:
kubectl config set-cluster local --server=http://localhost:8080
参考文献:
我已将本地 kubernetes 从 master(2016 年 12 月)更新为 v1.5.3
我使用 hack/local-up-cluster.sh 启动我的本地集群:
sudo KUBE_ENABLE_CLUSTER_DNS=true \
SERVICE_CLUSTER_IP_RANGE="10.100.0.0/16" \
API_HOST_IP=0.0.0.0 \
hack/local-up-cluster.sh
更新后出现这个错误:
Creating kube-system namespace
Cluster "local" set.
Context "local" set.
Switched to context "local".
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Error from server (AlreadyExists): error when creating "namespace.yaml": namespaces "kube-system" already exists
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
deployment "kube-dns" created
Please enter Username:
我该如何解决?
完整日志:
0.0 hack/local-up-cluster.sh
[sudo] password for dmitry:
make: Entering directory '/opt/kubernetes'
make[1]: Entering directory '/opt/kubernetes'
can't load package: package .: no buildable Go source files in /opt/kubernetes
can't load package: package .: no buildable Go source files in /opt/kubernetes
can't load package: package .: no buildable Go source files in /opt/kubernetes
can't load package: package .: no buildable Go source files in /opt/kubernetes
make[1]: Leaving directory '/opt/kubernetes'
+++ [0227 19:34:34] Building the toolchain targets:
k8s.io/kubernetes/hack/cmd/teststale
k8s.io/kubernetes/vendor/github.com/jteeuwen/go-bindata/go-bindata
+++ [0227 19:34:34] Generating bindata:
test/e2e/framework/gobindata_util.go
+++ [0227 19:34:35] Building go targets for linux/amd64:
cmd/kubectl
cmd/hyperkube
make: Leaving directory '/opt/kubernetes'
API SERVER insecure port is free, proceeding...
API SERVER secure port is free, proceeding...
Detected host and ready to start services. Doing some housekeeping first...
Using GO_OUT /opt/kubernetes/_output/local/bin/linux/amd64
Starting services now!
Starting etcd
etcd --advertise-client-urls http://127.0.0.1:2379 --data-dir /tmp/tmp.FhAud4KuG4 --listen-client-urls http://127.0.0.1:2379 --debug > "/dev/null" 2>/dev/null
Waiting for etcd to come up.
+++ [0227 19:34:38] On try 2, etcd: : http://127.0.0.1:2379
{"action":"set","node":{"key":"/_test","value":"","modifiedIndex":4,"createdIndex":4}}
Waiting for apiserver to come up
+++ [0227 19:34:39] On try 2, apiserver: : {
"major": "1",
"minor": "5",
"gitVersion": "v1.5.3",
"gitCommit": "029c3a408176b55c30846f0faedf56aae5992e9b",
"gitTreeState": "clean",
"buildDate": "2017-02-27T11:05:22Z",
"goVersion": "go1.7.4",
"compiler": "gc",
"platform": "linux/amd64"
}
Creating kube-system namespace
Cluster "local" set.
Context "local" set.
Switched to context "local".
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Error from server (AlreadyExists): error when creating "namespace.yaml": namespaces "kube-system" already exists
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
deployment "kube-dns" created
Please enter Username:
kubectl config view:
apiVersion: v1
clusters:
- cluster:
certificate-authority: /var/run/kubernetes/apiserver.crt
server: https://localhost:6443
name: local
contexts:
- context:
cluster: local
user: ""
name: local
current-context: local
kind: Config
preferences: {}
users: []
kubectl config get-contexts local:
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* local local
您的 local 上下文配置时没有用户,但您的集群似乎配置为使用 CA。如果您的集群正在使用 CA,您需要一个具有由上述 CA 签名的有效证书的用户,或者需要一个有效的用户令牌才能通过 TLS 进行通信。
您提到的脚本 gives some hints 关于您应该在完成后配置客户端的方式,请尝试按照以下步骤操作:
cluster/kubectl.sh config set-credentials myself --username=admin --password=admin
cluster/kubectl.sh config set-context local --cluster=local --user=myself
cluster/kubectl.sh config use-context local
另一种选择是以通过 不安全 端口进行通信的方式更改本地配置,该端口默认为 8080。您可以使用以下命令实现:
kubectl config set-cluster local --server=http://localhost:8080
参考文献: