Azure devops “的Azure Devops kubernetes服务连接”;“kubeconfig”;选项似乎不适用于AAD openidconnect集成AKS群集
使用“kubeconfig”选项时,单击“验证连接”时出现错误 我粘贴的kubeconfig并从中选择了正确的上下文,它是我的~/.kube./config文件中内容的直接复制粘贴,使用kubectl可以很好地工作Azure devops “的Azure Devops kubernetes服务连接”;“kubeconfig”;选项似乎不适用于AAD openidconnect集成AKS群集,azure-devops,azure-aks,Azure Devops,Azure Aks,使用“kubeconfig”选项时,单击“验证连接”时出现错误 我粘贴的kubeconfig并从中选择了正确的上下文,它是我的~/.kube./config文件中内容的直接复制粘贴,使用kubectl可以很好地工作 apiVersion: v1 clusters: - cluster: certificate-authority-data: xxxxx server: https://aks-my-stage-cluster-xxxxx.hcp.eastus.azmk8s.io:
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: xxxxx
server: https://aks-my-stage-cluster-xxxxx.hcp.eastus.azmk8s.io:443
name: aks-my-stage-cluster-xxxxx
contexts:
- context:
cluster: aks-my-stage-cluster-xxxxx
user: clusterUser_aks-my-stage-cluster-xxxxx_aks-my-stage-cluster-xxxxx
name: aks-my-stage-cluster-xxxxx
current-context: aks-my-stage-cluster-xxxxx
kind: Config
preferences: {}
users:
- name: clusterUser_aks-my-stage-cluster-xxxxx_aks-my-stage-cluster-xxxxx
user:
auth-provider:
config:
access-token: xxxxx.xxx.xx-xx-xx-xx-xx
apiserver-id: xxxx
client-id: xxxxx
environment: AzurePublicCloud
expires-in: "3599"
expires-on: "1572377338"
refresh-token: xxxx
tenant-id: xxxxx
name: azure
您可以尝试运行下面的命令来获取KubeConfig。然后将~/.kube/config文件的内容复制到服务连接以重试
az aks get-credentials --resource-group myResourceGroup --name myAKSCluster
您也可以参考这些步骤。这对我不起作用。我得到了与OP相同的TFS错误。我认为当您使用azure ad connect auth选项w/aks(即基于openidconnect jwt令牌的auth)时,服务连接根本不起作用
az aks get-credentials --resource-group myResourceGroup --name myAKSCluster