i'm getting an error when running kubectl one one machine (windows)
the k8s cluster is running on CentOs 7 kubernetes cluster 1.7 master, worker
Here's my .kube\config
apiVersion: v1 clusters: - cluster: certificate-authority-data: REDACTED server: https://10.10.12.7:6443 name: kubernetes contexts: - context: cluster: kubernetes user: system:node:localhost.localdomain name: system:node:localhost.localdomain@kubernetes current-context: system:node:localhost.localdomain@kubernetes kind: Config preferences: {} users: - name: system:node:localhost.localdomain user: client-certificate-data: REDACTED client-key-data: REDACTED
the cluster is built using kubeadm with the default certificates on the pki directory
kubectl unable to connect to server: x509: certificate signed by unknown authority
How to resolve Docker x509: certificate signed by unknown authority error. In order to resolve this error, we have to import the CA certificate in use by the ICP into the system keystore. Then, we have to restart the Docker client for the changes to take effect.
Utilize the command “kubectl config set-context my-context —cluster=my-app —namespace=production” to configure per-context parameters. This approach will build a new context named my-context with default Kubernetes cluster and namespace parameters.
To list the existing namespaces in a cluster 'kubectl get namespace' command is used. After executing the command, the following output will be generated: Observe that the Kubernetes object starts with four initial namespaces: Default, kube-node-lease, kube-public, and kube-system.
One more solution in case it helps anyone:
My scenario:
~/.kube/config
~/.kube/config
for server
is https://kubernetes.docker.internal:6443
Issue: kubectl
commands to this endpoint were going through the proxy, I figured it out after running kubectl --insecure-skip-tls-verify cluster-info dump
which displayed the proxy html error page.
Fix: just making sure that this URL doesn't go through the proxy, in my case in bash I used export no_proxy=$no_proxy,*.docker.internal
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With