Azure devops “的Azure Devops kubernetes服务连接”;“kubeconfig”;选项似乎不适用于AAD openidconnect集成AKS群集

Azure devops “的Azure Devops kubernetes服务连接”;“kubeconfig”;选项似乎不适用于AAD openidconnect集成AKS群集,azure-devops,azure-aks,Azure Devops,Azure Aks,使用“kubeconfig”选项时,单击“验证连接”时出现错误 我粘贴的kubeconfig并从中选择了正确的上下文,它是我的~/.kube./config文件中内容的直接复制粘贴,使用kubectl可以很好地工作 apiVersion: v1 clusters: - cluster: certificate-authority-data: xxxxx server: https://aks-my-stage-cluster-xxxxx.hcp.eastus.azmk8s.io:

使用“kubeconfig”选项时,单击“验证连接”时出现错误

我粘贴的kubeconfig并从中选择了正确的上下文,它是我的~/.kube./config文件中内容的直接复制粘贴,使用kubectl可以很好地工作

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: xxxxx
    server: https://aks-my-stage-cluster-xxxxx.hcp.eastus.azmk8s.io:443
  name: aks-my-stage-cluster-xxxxx
contexts:
- context:
    cluster: aks-my-stage-cluster-xxxxx
    user: clusterUser_aks-my-stage-cluster-xxxxx_aks-my-stage-cluster-xxxxx
  name: aks-my-stage-cluster-xxxxx
current-context: aks-my-stage-cluster-xxxxx
kind: Config
preferences: {}
users:
- name: clusterUser_aks-my-stage-cluster-xxxxx_aks-my-stage-cluster-xxxxx
  user:
    auth-provider:
      config:
        access-token: xxxxx.xxx.xx-xx-xx-xx-xx
        apiserver-id: xxxx
        client-id: xxxxx
        environment: AzurePublicCloud
        expires-in: "3599"
        expires-on: "1572377338"
        refresh-token: xxxx
        tenant-id: xxxxx
      name: azure

您可以尝试运行下面的命令来获取KubeConfig。然后将~/.kube/config文件的内容复制到服务连接以重试

az aks get-credentials --resource-group myResourceGroup --name myAKSCluster
运行上述命令后,从本地计算机上的~/.kube/config复制配置。我使用kubeconfig选项成功添加了kubernetes连接


您也可以参考这些步骤。

这对我不起作用。我得到了与OP相同的TFS错误。我认为当您使用azure ad connect auth选项w/aks(即基于openidconnect jwt令牌的auth)时,服务连接根本不起作用
az aks get-credentials --resource-group myResourceGroup --name myAKSCluster