堆栈内存溢出
  简体   繁体   English

如何更新 kube 配置文件的到期日期?

[英]How can I renew the kube config file expiry date?

 原文  2022-05-02 13:52:13       amazon-web-services/ google-cloud-platform/ devops/ azure-devops-rest-api/ gcp-ai-platform-notebook

问题描述

Today I faced an issue while running my jenkins job.今天我在运行 jenkins 作业时遇到了一个问题。 I got this error:我收到此错误:

Unable to connect to the server: error executing access token command 
"/snap/google-cloud-sdk/234/bin/gcloud config config-helper --format=json": err=fork/exec /snap/google-cloud-sdk/234/bin/gcloud: 
no such file or directory output= stderr=

After when I try to run below command the issue got resolved and jenkins job will complete successfully.当我尝试在命令下运行后,问题得到解决,jenkins 作业将成功完成。

gcloud container clusters get-credentials cluster_name --region=region_name

Before run this command in my kube config file expiry date was 2022-04-25 and after running above command expiry date get changed to today (2022-05-02) only.在我的 kube 配置文件中运行此命令之前,到期日期为 2022-04-25,在运行上述命令之后,到期日期仅更改为今天 (2022-05-02)。 Here my doubt if I run my jenkins job on tomorrow (2022-05-03) my job will fail with same error right because of expiry date up to tomorrow only?在这里,我怀疑如果我在明天 (2022-05-03) 运行我的 jenkins 工作,我的工作将失败并出现同样的错误,因为到期日期只到明天?

So How can I fix this kube config file expiry date issue permanently not on daily run command?那么我该如何永久解决这个 kube 配置文件过期日期问题,而不是在日常运行命令中?

kube config file:库配置文件:

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVMVENDQXBXZ0F3SUJBZ0lSQU0rNTRkdVFYeno4NmUxQ3h1Z1YvVW93RFFZSktvWklodmNOQVFFTEJRQXcKTHpFdE1Dc0dBMVVFQXhNa1ltTTFNVGRoT0RNdE1qTmtZUzAwWXpWakxXRXpPV1F0TlRreU9XUTBOekUyTVdJMwpNQ0FYRFRJeU1ETXdPREV3TURJMU0xb1lEekl3TlRJd01qSTVNVEV3TWpVeldqQXZNUzB3S3dZRFZRUURFeVJpCll6VXhOMkU0TXkweU0yUmhMVFJqTldNdFlUTTVaQzAxT1RJNVpEUTNNVFl4WWpjd2dnR2lNQTBHQ1NxR1NJYjMKRFFFQkFRVUFBNElCandBd2dnR0tBb0lCZ1FDTFlCMFVQUkdpM05JR1N6djdGVmpTQ1hwNTBKUXRiakxjQWdJdQpQenlBekNNUDdraEg3UC91QU5XcXlxb1ZGeVc3UmhlajlKN0xVUnBFc0EwT1ZDUXkyeVdLd090TExSSFFWQmpCCnIzanczVHBiWWNCb083MExpUzJYcy9qTkxWQ3V2NWRPam1KTUxOeXVmZk1QZ0ZIZmRIRzZNa25qQVphV0FvZTcKeGc5QjU0VXNwZ2kremYrMFpqVjhUNnozZlNZTUpObko5UE0xZmdSeDBTYWJNV3hGT0doTEJ5cUVBdm1maVR4aAphcUkyYVEzZ3BiN2lDTzU1TlA3STZ0RFp5Z2JRRm9FNThtdllDMTBNb0c3MXJVcVg0dWVkVnlwTmNnb1lKRnNICmhaTTF0SUJSYmphU3pzK3czTzhHb01aT0Z0TTk5eDUvanJwS21kNG12YkVvZGZhVnBMd1U1SjBsQjBuM0VXNzYKV2I0QWRHQTBIcHF3T000WjdaQ0ZJUHRzczNaM3piSS9zbTl3TFhYb3JvUXJndGdhOWdRTmErTCtEQmRKUUJkQwpSdnROdHdSM0ZLRk5kaEwrRHNIUkMzQmJ4bGdTYTVMU2ZrbHhYMzNYT1BDREpiS05EZmJJMEN3OGtVVk8rQ0RBCmxYbndhV0liTjc3endrRncvMUtHSGExSE4wc0NBd0VBQWFOQ01FQXdEZ1lEVlIwUEFRSC9CQVFEQWdJRU1BOEcKQTFVZEV3RUIvd1FGTUFNQkFmOHdIUVlEVlIwT0JCWUVGRlRCOUx6c1E0M0ZHZE9uTW91QWM3cXdyY1IxTUEwRwpDU3FHU0liM0RRRUJDd1VBQTRJQmdRQXlVNkxiVVM2eFdYSEs4Q1pONUJvdXd2dm5yOWR2VlVpek9xV1llNENJCm9LMXVHR2c5eG1rQm9CTU1JcndpWko4VXN5NnFvSHdIMCt3WDhIeDhCRUYvKzg4a3BiK2YwQkdlekhGWDIvZUEKaVJabEdSdmFBN01aNkpLVjMraGhtZVI0dVY5Z3FzWUsvb2JQdGRkaVRyUWo0QUdUQTNGVDcwby9XVHJiY0k2Qgp1aWo3bnZUWmRTYjhNa2VORzZxWWY4OWZGNHJwRVZ3MGk5RkFENU5WcnpsZGlKRTZ2MmFKMldoVUlMQ1FPOWtzCkFFTFFWVi9IZU1TS28xVmZ4UUN2QmtTYUg4aW1UZlBXbTVsQUM4VnplbEw3SW1pbEpKVHQ4ZTRWZ1pxV0ljZ2kKakF1bDdTeGh0MVE2T3VqUlpMNTFkaFFqOUk5bE1OV3hCVFhTcnc0d1VSNXlUTFZFMGNGVjZWT1d0T0NOa2JKTAoySDczb1RmL2R0c2E3N0JrcVFoQkFrU0NtQlY4dEpNYm96YnM3TGFjVDZPeFNVRCtkZTB2cjc4L2hhUmx2S1MwClJ4K3JVcDgvREZ2UzRmbU5reXBHWVJZbFNHT2ozczl2OXY5UGx0N3ZLTW1tdWx1d0JObTJTKytTdlpwVUVwQlAKeVd0dzdodis2M1FUQ1VMZlRjdXYrdDg9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    server: https://104.198.97.158
  name: gke_oenofile_us-west1-a_oenofile-dev-cluster
contexts:
- context:
    cluster: gke_oenofile_us-west1-a_oenofile-dev-cluster
    user: gke_oenofile_us-west1-a_oenofile-dev-cluster
  name: gke_oenofile_us-west1-a_oenofile-dev-cluster
current-context: gke_oenofile_us-west1-a_oenofile-dev-cluster
kind: Config
preferences: {}
users:
- name: gke_oenofile_us-west1-a_oenofile-dev-cluster
  user:
    auth-provider:
      config:
        access-token: ya29.c.b0AXv0zTMYzxRz5DGICZ0wdd1VKT_0qkZFOZ2j69BIEMNNu3p6XDSIyH3T-eO6lJM5JBsB3vmyQ4YeVxTl8_ky3vgRupyJvaFMQRsnu8uf1LiAzC1kuYCsVAwWJNk6Y4RcQOMCue1utIEOjON_z8fO-XxQZiGrzYVIlZUBMzMrOwQn-Aq5XwpcBgqn_iciDL7-Y7IKkZ4F3Q.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
        cmd-args: config config-helper --format=json
        cmd-path: /snap/google-cloud-sdk/237/bin/gcloud
        expiry: "2022-05-02T11:54:40Z"
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp

screenshot of the above上面的截图

1 个解决方案

解决方案1
 1  2022-05-02 16:25:17

The error appears to be clear: /snap/google-cloud-sdk/234/bin/gcloud does not exist.错误似乎很清楚: /snap/google-cloud-sdk/234/bin/gcloud不存在。

You appear to be running gcloud as an (Ubuntu) Snap .您似乎正在将gcloud作为 (Ubuntu) Snap运行。 This will benefit from automatic upgrades but, you should not hard code the Snap version ( 234 ) as this folder will eventually be deleted.这将受益于自动升级,但是您不应该对 Snap 版本 ( 234 ) 进行硬编码,因为该文件夹最终将被删除。 I suspect that's what's happened.我怀疑这就是发生的事情。 You should:你应该:

#1 Reference the binary through the current folder ie /snap/google-cloud-sdk/current/bin/gcloud . #1通过current文件夹引用二进制文件,即/snap/google-cloud-sdk/current/bin/gcloud

However, since you're attempting to authenticate to the cluster using Jenkins, you should consider using a (Google Cloud Platform) Service Account (not a Kube.netes Service Account) rather than your user credentials.但是,由于您尝试使用 Jenkins 对集群进行身份验证,因此您应该考虑使用 (Google Cloud Platform) 服务帐户(而不是 Kube.netes 服务帐户)而不是您的用户凭据。

#2 See Authenticating to the Kube.netes API within GCP and external to GCP . #2请参阅在 GCP 内部外部对Kube.netes API 进行身份验证。

NOTE It's possible (??) that you could use Workload Identity Federation to federate credentials of eg Azure|AWS to GCP to authenticate to the GKE cluster.注意您可以(??)使用 工作负载身份联合将 Azure|AWS 等凭证联合到 GCP 以向 GKE 集群进行身份验证。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在 azuread 中检索企业应用程序的指纹到期日期 - How to retrieve thumbprint expiry date of enterprises application in azuread 使用 CloudFormationCreateReplaceChangeSetAction 处理 yaml 文件时如何从配置文件添加信息? - How can I add information from a config file when processing a yaml-file with CloudFormationCreateReplaceChangeSetAction? 如何从 S3 文件中获取文件元数据,例如创建日期属性? - How can I get file metadata like the date created attribute from an S3 file? 在 MWAA 上放置 kube_config.yaml 文件的合理位置在哪里? - Where is a sensible place to put kube_config.yaml files on MWAA? Flutter - 如何将 firebase 远程配置用作 stream? - Flutter - How can I use firebase remote config as a stream? 我如何在 firebase 中使用按日期排序 - How can i use order by date in firebase 如何正确地将时间添加到 Firestore 并将其与未来时间戳进行比较以确定订阅到期日期 swift - How to properly add time to Firestore & compare it to a future timestamp to determine a subscription expiry date swift 如何在 GKE 上禁用 Kube-DNS - How to disable Kube-DNS on GKE Docker 找不到 kubernetes 配置文件 - Docker Can't find kubernetes Config File 如何使用应用程序注册和 azure cli 命令获取所有 azure 应用程序注册并查看机密的到期日期? - How to get all azure app registrations and view expiry date of secrets using a app registrations and azure cli commands?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM