UNABLE_TO_VERIFY_LEAF_SIGNATURE k8s Javascript 客户端
[英]UNABLE_TO_VERIFY_LEAF_SIGNATURE k8s Javascript client
问题描述
I am trying to programmatically connect to my AWS EKS cluster using the official k8s JavaScript Client .
我正在尝试使用官方k8s JavaScript Client以编程方式连接到我的 AWS EKS 集群。 I wanted to try and use loadFromOptions() , instead of loadFromDefault() .我想尝试使用loadFromOptions() ,而不是loadFromDefault() 。 So, from the README.md of the library repo, I was able to come up with the following因此,从库 repo 的README.md中,我能够想出以下内容
const k8s = require('@kubernetes/client-node');
const kc = new k8s.KubeConfig();
const cluster = {
name: 'NAME',
server: 'SERVER',
};
const user = {
name: 'NAME',
exec: {
apiVersion: 'client.authentication.k8s.io/v1alpha1',
args: [
'--region',
'us-east-1',
'eks',
'get-token',
'--cluster-name',
'NAME',
],
command: 'aws',
env: [
{
name: 'AWS_PROFILE',
value: 'NAME'
}
]
}
}
const context = {
name: 'NAME',
user: user.name,
cluster: cluster.name,
};
kc.loadFromOptions({
clusters: [cluster],
users: [user],
contexts: [context],
currentContext: context.name,
});
const k8sApi = kc.makeApiClient(k8s.CoreV1Api);
k8sApi.listNamespacedPod('default').then((res) => {
console.log(res.body);
});
But unfortunately, I am hit with this error, where am I going wrong?但不幸的是,我遇到了这个错误,我哪里出错了?
1 个解决方案
解决方案1
0 已采纳 2021-12-02 08:57:51
The error message is complaining that it does not know the cluster's certificate issuer.错误消息抱怨它不知道集群的证书颁发者。
Your cluster object needs one of the following properties to specify the certificate authority:您的cluster object 需要以下属性之一来指定证书颁发机构:
-
caFile: Filename containing the certificate authoritycaFile:包含证书颁发机构的文件名 caData: Base64-encoded contents of the certificate authority filecaData:证书颁发机构文件的 Base64 编码内容
According to the AWS documentation , you should be able to retrieve the certificate authority as "the certificateAuthority.data that was created for your cluster".根据AWS 文档,您应该能够将证书颁发机构检索为“为您的集群创建的certificateAuthority.data ”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.