Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

kubectl unable to connect to server: x509: certificate signed by unknown authority

i'm getting an error when running kubectl one one machine (windows)

the k8s cluster is running on CentOs 7 kubernetes cluster 1.7 master, worker

Here's my .kube\config

    apiVersion: v1 clusters: - cluster:     certificate-authority-data: REDACTED     server: https://10.10.12.7:6443   name: kubernetes contexts: - context:     cluster: kubernetes     user: system:node:localhost.localdomain   name: system:node:localhost.localdomain@kubernetes current-context: system:node:localhost.localdomain@kubernetes kind: Config preferences: {} users: - name: system:node:localhost.localdomain   user:     client-certificate-data: REDACTED     client-key-data: REDACTED    

the cluster is built using kubeadm with the default certificates on the pki directory

kubectl unable to connect to server: x509: certificate signed by unknown authority

like image 362
bherto39 Avatar asked Sep 15 '17 07:09

bherto39


People also ask

How do I fix x509 certificate signed by unknown authority?

How to resolve Docker x509: certificate signed by unknown authority error. In order to resolve this error, we have to import the CA certificate in use by the ICP into the system keystore. Then, we have to restart the Docker client for the changes to take effect.

How do I change the context in Kubernetes?

Utilize the command “kubectl config set-context my-context —cluster=my-app —namespace=production” to configure per-context parameters. This approach will build a new context named my-context with default Kubernetes cluster and namespace parameters.

How do I list namespaces in Kubernetes?

To list the existing namespaces in a cluster 'kubectl get namespace' command is used. After executing the command, the following output will be generated: Observe that the Kubernetes object starts with four initial namespaces: Default, kube-node-lease, kube-public, and kube-system.


1 Answers

One more solution in case it helps anyone:

My scenario:

  • using Windows 10
  • Kubernetes installed via Docker Desktop ui 2.1.0.1
  • the installer created config file at ~/.kube/config
  • the value in ~/.kube/config for server is https://kubernetes.docker.internal:6443
  • using proxy

Issue: kubectl commands to this endpoint were going through the proxy, I figured it out after running kubectl --insecure-skip-tls-verify cluster-info dump which displayed the proxy html error page.

Fix: just making sure that this URL doesn't go through the proxy, in my case in bash I used export no_proxy=$no_proxy,*.docker.internal

like image 171
sapeish Avatar answered Sep 20 '22 11:09

sapeish