1

Kubernetes集群是使用阿里巴巴容器服务设置的,使用root账户访问集群没有问题,当创建一个新的命名空间并将用户添加到该命名空间时,它会抛出错误连接到服务器localhost:8080被拒绝

这是故障排除的设置

定义命名空间dev并使用 get 动词来显示所有 Kubernetes 命名空间。

root@kube-master:# kubectl get namespaces
NAME          STATUS    AGE
default       Active    14d
dev           Active    56m
kube-public   Active    14d
kube-system   Active    14d

在 Kubernetes 集群中添加了新的上下文。

kubectl config set-context dev  --namespace=dev --user=user1

将 kubectl CLI 与此配置文件一起使用时,我应该收到拒绝访问错误

root@kube-master:/home/ansible# kubectl --context=dev get pods
The connection to the server localhost:8080 was refused - did you specify the right host or port?

而不是显示与服务器 localhost:8080 的连接被拒绝

没有--context它工作得很好

root@kube-master:# kubectl get pods -n dev
NAME      READY     STATUS    RESTARTS   AGE
busybox   1/1       Running   1          1h

这是 Kubernetes 配置视图

root@kube-master:/home/ansible# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: REDACTED
    server: https://172.16.2.13:6443
  name: kubernetes
contexts:
- context:
    cluster: ""
    namespace: dev
    user: user1
  name: dev
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

root@kube-master:# kubectl config get-contexts
CURRENT   NAME                          CLUSTER      AUTHINFO           NAMESPACE
          dev                                        user1              dev
*         kubernetes-admin@kubernetes   kubernetes   kubernetes-admin
4

1 回答 1

3

我想通了,当我执行命令时我注意到了什么

kubectl config view

集群显示为空

- context:
    cluster: ""
    namespace: dev
    user: user1

为了解决这个问题,添加了--cluster 信息并修改了set-context

root@kube-master:/home/ansible# kubectl config set-context dev --cluster=kubernetes --namespace=dev --user=user1
Context "dev" modified.

并且上下文设置正确

contexts:
- context:
    cluster: kubernetes
    namespace: dev
    user: user1
  name: dev

我在查找豆荚时得到了想要的结果--context=dev

root@kube-master:/home/ansible# kubectl --context=dev get pods
No resources found.
Error from server (Forbidden): pods is forbidden: User "system:anonymous" cannot list pods in the namespace "dev"
于 2019-02-06T07:21:11.367 回答