[英]Get https://api.[mycluster]/api?timeout=32s: x509: certificate signed by unknown authority, Kubernetes cluster created on AWS using kops and Travis-CI
I follow mainly the following article , at the end I have the following issue while trying to deploy new objects to the cluster我主要遵循以下文章,最后在尝试将新对象部署到集群时遇到以下问题
error: unable to recognize "./[different files].yaml": Get https://api.[mycluster]/api?timeout=32s : x509: certificate signed by unknown authority错误:无法识别“./[不同文件].yaml”:获取https://api.[mycluster]/api?timeout=32s :x509:由未知机构签名的证书
I think that I have to pass kube cert effectively some where in travis configuration file, any suggestion please我认为我必须在 travis 配置文件中的某个位置有效地传递 kube cert,请提出任何建议
Effectively, the problem was related to cluster certificates, in the article cited previously there is a base64 encoding issue which will make fail the secrets injection.实际上,该问题与集群证书有关,在前面引用的文章中,存在一个 base64 编码问题,这会使密钥注入失败。 so we have to add information to the kubernetes config file , we find the following block in inject_secret.sh所以我们必须在kubernetes 配置文件中添加信息,我们在inject_secret.sh 中找到以下块
./kubectl config set clusters.udagramk8s.kops.ucci.uk.certificate-authority-data $CERTIFICATE_AUTHORITY_DATA
./kubectl config set users.udagramk8s.kops.ucci.uk.client-certificate-data "$CLIENT_CERTIFICATE_DATA"
./kubectl config set users.udagramk8s.kops.ucci.uk.client-key-data "$CLIENT_KEY_DATA"
./kubectl config set users.udagramk8s.kops.ucci.uk.password "$KUBE_PASSWORD"
./kubectl config set users.udagramk8s.kops.ucci.uk.net-basic-auth.password "$KUBE_PASSWORD"
And what we have to do to ensure the presence of these env variables, is to add them simply by the Travis-CI console, under project settings section为了确保这些 env 变量的存在,我们必须做的是通过 Travis-CI 控制台在项目设置部分下简单地添加它们
Note: we can get the variables values by using the following command cat ~/.kube/config
注意:我们可以使用以下命令获取变量值cat ~/.kube/config
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.