[英]Spinnaker unable to communicate with kubernetes cluster
I am trying to deploy spinnaker locally with minikube and minio, i have everything setted up, my kubernetes cluster is up and running with a composed app on it, details below:我正在尝试使用 minikube 和 minio 在本地部署 spinnaker,我已经设置了一切,我的 kubernetes 集群已启动并运行,上面有一个组合应用程序,详细信息如下:
| NAME | READY | UP-TO-DATE | AVAILABLE | AGE |
|---------------------------|-------|------------|-----------|-----|
| deployment.extensions/api | 1/1 | 1 | 1 | 18s |
| deployment.extensions/db | 1/1 | 1 | 1 | 18s |
I configured both, my kubernetes and storage on my hal config, i will paste it below as well, when i try to deploy using "sudo hal deploy apply" i get the following error:我在我的 hal 配置中配置了我的 kubernetes 和存储,我也将其粘贴在下面,当我尝试使用“sudo hal deploy apply”进行部署时,我收到以下错误:
- WARNING You have not specified a Kubernetes context in your halconfig, Spinnaker will use "minikube" instead.
警告您尚未在 halconfig 中指定 Kubernetes 上下文,Spinnaker 将使用“minikube”代替。 ?
? We recommend explicitly setting a context in your halconfig, to ensure changes to your kubeconfig won't break your deployment.
我们建议在您的 halconfig 中明确设置上下文,以确保对 kubeconfig 的更改不会破坏您的部署。
!
! ERROR Unable to communicate with your Kubernetes cluster: An error has occurred.. ?
错误无法与您的 Kubernetes 集群通信:发生错误.. ? Unable to authenticate with your Kubernetes cluster.
无法通过您的 Kubernetes 集群进行身份验证。 Try using kubectl to verify your credentials.
尝试使用 kubectl 来验证您的凭据。
Problems in default.security:
default.security 中的问题:
WARNING Your UI or API domain does not have override base URLs set even though your Spinnaker deployment is a Distributed deployment on a remote cloud provider.
警告您的 UI 或 API 域没有设置覆盖基本 URL,即使您的 Spinnaker 部署是远程云提供商上的分布式部署。 As a result, you will need to open SSH tunnels against that deployment to access Spinnaker.
因此,您需要针对该部署打开 SSH 隧道才能访问 Spinnaker。 ?
? We recommend that you instead configure an authentication mechanism (OAuth2, SAML2, or x509) to make it easier to access Spinnaker securely, and then register the intended Domain and IP addresses that your publicly facing services will be using.
我们建议您改为配置身份验证机制(OAuth2、SAML2 或 x509),以便更轻松地安全访问 Spinnaker,然后注册您的面向公众的服务将使用的预期域和 IP 地址。
Failed to prep Spinnaker deployment
未能准备 Spinnaker 部署
Here is my hal config:这是我的 hal 配置:
currentDeployment: default
deploymentConfigurations:
- name: default
version: ''
providers:
appengine:
enabled: false
accounts: []
aws:
enabled: false
accounts: []
bakeryDefaults:
baseImages: []
defaultKeyPairTemplate: '{{name}}-keypair'
defaultRegions:
- name: us-west-2
defaults:
iamRole: BaseIAMRole
ecs:
enabled: false
accounts: []
azure:
enabled: false
accounts: []
bakeryDefaults:
templateFile: azure-linux.json
baseImages: []
dcos:
enabled: false
accounts: []
clusters: []
dockerRegistry:
enabled: true
accounts:
- name: my-docker-registry
requiredGroupMembership: []
providerVersion: V1
permissions: {}
address: https://index.docker.io
username: <sensitive> (this is my actual username)
password: <sensitive> (this is my actual password)
email: fake.email@spinnaker.io
cacheIntervalSeconds: 30
clientTimeoutMillis: 60000
cacheThreads: 1
paginateSize: 100
sortTagsByDate: false
trackDigests: false
insecureRegistry: false
repositories:
- ericstoppel1/atixlabs
primaryAccount: my-docker-registry
google:
enabled: false
accounts: []
bakeryDefaults:
templateFile: gce.json
baseImages: []
zone: us-central1-f
network: default
useInternalIp: false
kubernetes:
enabled: true
accounts:
- name: my-k8s-account
requiredGroupMembership: []
providerVersion: V1
permissions: {}
dockerRegistries:
- accountName: my-docker-registry
namespaces: []
configureImagePullSecrets: true
cacheThreads: 1
namespaces: []
omitNamespaces: []
kinds: []
omitKinds: []
customResources: []
cachingPolicies: []
kubeconfigFile: /home/osboxes/.kube/config
oAuthScopes: []
onlySpinnakerManaged: false
primaryAccount: my-k8s-account
oracle:
enabled: false
accounts: []
bakeryDefaults:
templateFile: oci.json
baseImages: []
cloudfoundry:
enabled: false
accounts: []
deploymentEnvironment:
size: SMALL
type: Distributed
accountName: my-k8s-account
updateVersions: true
consul:
enabled: false
vault:
enabled: false
customSizing: {}
sidecars: {}
initContainers: {}
hostAliases: {}
affinity: {}
nodeSelectors: {}
gitConfig:
upstreamUser: spinnaker
livenessProbeConfig:
enabled: false
haServices:
clouddriver:
enabled: false
disableClouddriverRoDeck: false
echo:
enabled: false
persistentStorage:
persistentStoreType: s3
azs: {}
gcs:
rootFolder: front50
redis: {}
s3:
bucket: spin-763f86d5-10ba-497e-9348-264fc353edec
rootFolder: front50
pathStyleAccess: false
endpoint: https://localhost:9001
accessKeyId: AKIAIOSFODNN7EXAMPLE
secretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
oracle: {}
features:
auth: false
fiat: false
chaos: false
entityTags: false
jobs: false
metricStores:
datadog:
enabled: false
tags: []
prometheus:
enabled: false
add_source_metalabels: true
stackdriver:
enabled: false
period: 30
enabled: false
notifications:
slack:
enabled: false
twilio:
enabled: false
baseUrl: https://api.twilio.com/
timezone: America/Los_Angeles
ci:
jenkins:
enabled: false
masters: []
travis:
enabled: false
masters: []
wercker:
enabled: false
masters: []
concourse:
enabled: false
masters: []
gcb:
enabled: false
accounts: []
repository:
artifactory:
enabled: false
searches: []
security:
apiSecurity:
ssl:
enabled: false
uiSecurity:
ssl:
enabled: false
authn:
oauth2:
enabled: false
client: {}
resource: {}
userInfoMapping: {}
saml:
enabled: false
userAttributeMapping: {}
ldap:
enabled: false
x509:
enabled: false
iap:
enabled: false
enabled: false
authz:
groupMembership:
service: EXTERNAL
google:
roleProviderType: GOOGLE
github:
roleProviderType: GITHUB
file:
roleProviderType: FILE
ldap:
roleProviderType: LDAP
enabled: false
artifacts:
bitbucket:
enabled: false
accounts: []
gcs:
enabled: false
accounts: []
oracle:
enabled: false
accounts: []
github:
enabled: false
accounts: []
gitlab:
enabled: false
accounts: []
http:
enabled: false
accounts: []
helm:
enabled: false
accounts: []
s3:
enabled: false
accounts: []
maven:
enabled: false
accounts: []
templates: []
pubsub:
enabled: false
google:
enabled: false
pubsubType: GOOGLE
subscriptions: []
publishers: []
canary:
enabled: false
serviceIntegrations:
- name: google
enabled: false
accounts: []
gcsEnabled: false
stackdriverEnabled: false
- name: prometheus
enabled: false
accounts: []
- name: datadog
enabled: false
accounts: []
- name: signalfx
enabled: false
accounts: []
- name: aws
enabled: false
accounts: []
s3Enabled: false
reduxLoggerEnabled: true
defaultJudge: NetflixACAJudge-v1.0
stagesEnabled: true
templatesEnabled: true
showAllConfigsEnabled: true
webhook:
trust:
enabled: false
I have my kubernetes config and can acces to it, so, separately it all seems to work, what may be wrong?我有我的 kubernetes 配置并且可以访问它,所以,单独它似乎都可以工作,可能有什么问题?
As per issue reported:根据报告的问题:
WARNING You have not specified a Kubernetes context in your halconfig, Spinnaker will use "minikube" instead.
警告您尚未在 halconfig 中指定 Kubernetes 上下文,Spinnaker 将使用“minikube”代替。
I don't see any Kuberenetes context entry defined in your hal
config, find here dedicated chapter from Spinnaker guideline document.我没有看到您的
hal
配置中定义了任何 Kuberenetes 上下文条目,请在此处找到 Spinnaker 指南文档中的专用章节。
Try adding the kubernetes details to the halyard context.尝试将 kubernetes 详细信息添加到 halyard 上下文中。
hal config provider kubernetes account add <ACCOUNT>
hal config provider kubernetes enable
This link can be used for reference: https://www.spinnaker.io/reference/halyard/commands/这个链接可以参考: https : //www.spinnaker.io/reference/halyard/commands/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.