stackoom
  简体   繁体   中英

Azure CLI on Linux and Mac: certificate trouble

 原文  2016-07-05 19:44:47       linux/ macos/ azure/ kubernetes/ azure-cli

Question

I'm trying to follow this official tutorial on Kubernetes with Azure. I tried it both on Mac and Linux.

I can successfully login from CLI with my corporate account, but when I run ./create-kubernetes-cluster.js in the end of the output I see 

info:    Executing command network vnet create
info:    Using default address space cidr: 12
info:    Using default subnet start IP: 172.16.0.0
info:    Using default subnet cidr: 15
+ Looking up network configuration
error:   The server failed to authenticate the request. Verify that the certificate is valid and is associated with this subscription.
info:    Error information has been recorded to /home/dds/.azure/azure.err
error:   network vnet create command failed

What certificate this is about? Where it come from?

Here is azure.err : 

[Error: The server failed to authenticate the request. Verify that the certificate is valid and is associated with this subscription.]
  stack: [Getter/Setter],
  code: 'ForbiddenError',
  statusCode: 403,
  __frame:
   { name: 'get__3',
     line: 47,
     file: '/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/lib/commands/asm/network/networkConfig.js',
     prev:
      { name: 'create__1',
        line: 34,
        file: '/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/lib/commands/asm/network/virtualNetwork.js',
        prev: [Object],
        calls: 1,
        active: false,
        offset: 4,
        col: 43 },
     calls: 0,
     active: false,
     offset: 4,
     col: 59 },
  rawStack: [Getter] }
Error: The server failed to authenticate the request. Verify that the certificate is valid and is associated with this subscription.
  <<< async stack >>>
  at get__3 (/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/lib/commands/asm/network/networkConfig.js:51:60)
  at create__1 (/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/lib/commands/asm/network/virtualNetwork.js:38:44)
  at __6 (/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/lib/commands/asm/network/network.js:125:22)
  <<< raw stack >>>
    at Function.ServiceClient._normalizeError (/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/node_modules/azure-common/lib/services/serviceclient.js:815:23)
    at /home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/node_modules/azure-common/lib/services/filters/errorhandlingfilter.js:44:29
    at Request._callback (/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/node_modules/azure-common/lib/http/request-pipeline.js:109:14)
    at Request.self.callback (/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/node_modules/azure-common/node_modules/request/request.js:199:22)
    at emitTwo (events.js:87:13)
    at Request.emit (events.js:172:7)
    at Request.<anonymous> (/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/node_modules/azure-common/node_modules/request/request.js:1160:14)
    at emitOne (events.js:82:20)
    at Request.emit (events.js:169:7)
    at IncomingMessage.<anonymous> (/home/dds/k8s/src/kubernetes/docs/getting-started-guides/coreos/azure/node_modules/azure-cli/node_modules/azure-common/node_modules/request/request.js:1111:12)

Could you tell me how can I fix this?

Update

I created a ticket for Azure support and they told me:

I see most of the Resource Providers are not registered for your subscription. Deployments (first time) done via portal register resource providers automatically, however if its via PowerShell or CLI we have these have to be registered (one time activity)
https://azure.microsoft.com/en-in/documentation/articles/azure-cli-arm-commands/

Please run these cmdlets to register the providers & then retry the deployment 

azure provider register –namespace Microsoft.Network
azure provider register –namespace Microsoft.Compute 
azure provider register –namespace Microsoft.ContainerService 
azure provider register –namespace Microsoft.ResourceHealth 
azure provider register –namespace Microsoft.Storage

I executed these commands successfully, but the result is still the same.

1 answers

solution1
 0 ACCPTED  2016-07-07 21:19:33

The solution is that you need to add the azure account as co admin in the azure subscription.

Here are some useful links how to do it:

How to add or change Azure administrator roles

Changing Service Administrator and Co-Administrator when logged-in with an organizational account

Assigning administrator roles in Azure Active Directory

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Authenticate to Azure with certificate from Linux Error installing Azure CLI on Linux Mint? Unable to publish Azure Function to Linux using CLI PowerShell 7 on Linux, using Certificate to Authenticate to Azure Azure - Linux WebApp - Root certificate for chain Trouble executing C++ makefile in Linux (works fine on mac) ADLS connectivity from Linux server using Azure CLI SSL Certificate is not found in /var/lib/waagent/ for Linux Azure VM Is there a code snippet can run Azure CLI command in MacOs, Linux and windows? Loading a TLS certificate uploaded to the Azure portal into a Linux app service container
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM