[英]kubernetes api access forbidden
I'm trying to get cluster info like pods through curl -k https://172.26.2.101:6443/api/v1/pods
but i'm getting bellow forbidden error, however, I checked the admin rights and made sure it's in the "system:masters" group.我正在尝试通过curl -k https://172.26.2.101:6443/api/v1/pods
获取像 pod 之类的集群信息,但是我收到以下禁止错误,但是,我检查了它的管理员权限并确保“系统:大师”组。
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {
},
"status": "Failure",
"message": "pods is forbidden: User \"system:anonymous\" cannot list resource \"pods\" in API group \"\" at the cluster scope",
"reason": "Forbidden",
"details": {
"kind": "pods"
},
"code": 403
Any idea?!任何想法?!
Solved by capturing certs from the.kube/config file通过从 .kube/config 文件中捕获证书来解决
client-key-data:客户密钥数据:
echo -n "LS0...Cg==" | base64 -d > admin.key
client-certificate-data:客户证书数据:
echo -n "LS0...C==" | base64 -d > admin.crt
certificate-authority-data:证书授权数据:
echo -n "LS0...g==" | base64 -d > ca.crt
Then, use然后,使用
curl https://172.26.2.101:6443 \
--key admin.key \
--cert admin.crt
--cacert ca.crt
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.