[英]Connecting to Kubernetes API from pod
I'm trying to use Kubernetes API from inside a pod. 我正在尝试从吊舱内部使用Kubernetes API。 Going to list/watch pods and custom defined resources. 转到列表/监视窗格和自定义定义的资源。
Construct url as " https://KUBERNETES_SERVICE_HOST:KUBERNETES_SERVICE_PORT_HTTPS " Authorization header = "Bearer /var/run/secrets/kubernetes.io/serviceaccount/token" CaCert = /var/run/secrets/kubernetes.io/serviceaccount/ca.crt 将网址构造为“ https:// KUBERNETES_SERVICE_HOST:KUBERNETES_SERVICE_PORT_HTTPS ”授权标头=“ Bearer /var/run/secrets/kubernetes.io/serviceaccount/token” CaCert = /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
When running inside minikube, the request fails with "Error: connect ETIMEDOUT 10.96.0.1:443" Same code running in GCP fails with: "Error: unable to verify the first certificate" 在minikube中运行时,请求失败,并显示“错误:connect ETIMEDOUT 10.96.0.1:443”。在GCP中运行的相同代码失败,并显示:“错误:无法验证第一个证书”
If you are using curl
, you can skip certificate checks with the -k
flag. 如果使用curl
,则可以使用-k
标志跳过证书检查。
Try 尝试
curl -k https://10.96.0.1:443/api/v1/namespaces -H "Authorization: Bearer <content of /var/run/secrets/kubernetes.io/serviceaccount/token here>"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.