即使在“get-credentials”之后，kubectl 查询也会导致 GCP 集群“未经授权”

Question

I get You must be logged in to the server (Unauthorized) for commands like kubectl get pods -A even after having followed many steps by step guides and tried various solutions. He is more detail on what I did and what works / does not work:

gcloud container clusters create <cluster_name> --zone <zone> --project <project_name>
minikube start
kubectl proxy --port=8080 &
gcloud container clusters get-credentials <cluster_name> --zone <zone> --project <project_name>
gcloud auth login

Do login in browser

Checking:

-> % kubectl config current-context
gke_<project_name>_<zone>_<cluster_name>
-> % curl http://localhost:8080/api/
{
  "kind": "APIVersions",
  "versions": [
    "v1"
  ],
  "serverAddressByClientCIDRs": [
    {
      "clientCIDR": "0.0.0.0/0",
      "serverAddress": "xxx.xxx.x.x:8443"
    }
  ]
}%
-> % kubectl cluster-info     
Kubernetes control plane is running at https://xx.xxx.xxx.xxx
GLBCDefaultBackend is running at https://xx.xxx.xxx.xxx/api/v1/namespaces/kube-system/services/default-http-backend:http/proxy
KubeDNS is running at https://xx.xxx.xxx.xxx/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Metrics-server is running at https://xx.xxx.xxx.xxx/api/v1/namespaces/kube-system/services/https:metrics-server:/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

So this works. But what does not work:

-> % kubectl get pods -A
error: You must be logged in to the server (Unauthorized)

What gives?

I spent hours now trying to find a solution. The solutions I found reference /etc/kubernetes/admin.conf

I don't have the directory /etc/kubernetes . (I do run Linux)

Any ideas?

Answer 1

I think the answer is: I was using kubectl as an alias for minikube kubectl but after removing the alias which kubectl shows /home/<user>/google-cloud-sdk/bin/kubectl . Now everything seems to work.