![](/img/trans.png)
[英]kubectl exec fails “cannot validate certificate because it doesn't contain any IP SANs”
[英]Cannot validate certificate for ip because it doesn't contain any IP SANs
我已經通過ansible安裝程序將OpenShift3與Docker和Kubernetes一起安裝了。 安裝后,我想在我的主服務器上創建我的docker注冊,但遇到以下錯誤(我讀到的是SSL內容,但找不到解決方案):命令(來自示例):
[root@ip-10-0-0-x centos]# export CURL_CA_BUNDLE=`pwd`/openshift.local.config/master/ca.crt
[root@ip-10-0-0-x centos]# sudo chmod a+rwX openshift.local.config/master/admin.kubeconfig
[root@ip-10-0-0-x centos]# sudo chmod +r openshift.local.config/master/openshift-registry.kubeconfig
[root@ip-10-0-0-x centos]# oadm registry --create --credentials=openshift.local.config/master/openshift-registry.kubeconfig --config=openshift.local.config/master/admin.kubeconfig
錯誤:
error: error getting client: couldn't read version from server: Get https://10.0.0.x:8443/api: x509: cannot validate certificate for 10.0.0.x because it doesn't contain any IP SANs
附加信息
[root@ip-10-0-0-x centos]# kubectl version
Client Version: version.Info{Major:"", Minor:"", GitVersion:"v1.1.0-alpha.0-1605-g44c91b1", GitCommit:"44c91b1", GitTreeState:"not a git tree"}
Server Version: version.Info{Major:"", Minor:"", GitVersion:"v1.1.0-alpha.0-1605-g44c91b1", GitCommit:"44c91b1", GitTreeState:"not a git tree"}
[root@ip-10-0-0-191 centos]# oc get services
NAME CLUSTER_IP EXTERNAL_IP PORT(S) SELECTOR AGE
kubernetes 172.30.0.1 <none> 443/TCP <none> 1d
[root@ip-10-0-0-x centos]# kubernetes apiserver
F0924 12:15:13.674745 75545 server.go:223] No --service-cluster-ip-range specified
Ansible安裝程序應為您生成證書中具有正確IP的證書。 您的本地kubeconfig文件(該oadm用於連接到服務器)應該由Ansible安裝程序生成-您可以驗證情況嗎? 該文件位於〜/ .kube / config中-它是否指向Ansible安裝程序使用的系統? 您是否將IaaS用於OpenShift,部署到本地計算機還是Vagrant?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.