Cluster computing Kubernetes:./hack/local-up-cluster.sh需要身份验证_Cluster Computing_Kubernetes

Cluster computing Kubernetes:./hack/local-up-cluster.sh需要身份验证

cluster-computing kubernetes

Cluster computing Kubernetes:./hack/local-up-cluster.sh需要身份验证,cluster-computing,kubernetes,Cluster Computing,Kubernetes,我已将我的本地版本从主版本（2016年12月）更新为v1.5.3 我使用hack/local up cluster.sh启动本地集群： sudo KUBE_ENABLE_CLUSTER_DNS=true \ SERVICE_CLUSTER_IP_RANGE="10.100.0.0/16" \ API_HOST_IP=0.0.0.0 \ hack/local-up-cluster.sh 更新后，我出现以下错误： Creating kube-system namespace

我已将我的本地版本从

主版本

（2016年12月）更新为

v1.5.3

我使用

hack/local up cluster.sh

启动本地集群：

sudo KUBE_ENABLE_CLUSTER_DNS=true \
    SERVICE_CLUSTER_IP_RANGE="10.100.0.0/16" \
    API_HOST_IP=0.0.0.0 \
    hack/local-up-cluster.sh

更新后，我出现以下错误：

Creating kube-system namespace
Cluster "local" set.
Context "local" set.
Switched to context "local".
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Error from server (AlreadyExists): error when creating "namespace.yaml": namespaces "kube-system" already exists
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
deployment "kube-dns" created
Please enter Username:

我怎样才能修好它

完整日志：

0.0 hack/local-up-cluster.sh
[sudo] password for dmitry: 
make: Entering directory '/opt/kubernetes'
make[1]: Entering directory '/opt/kubernetes'
can't load package: package .: no buildable Go source files in /opt/kubernetes
can't load package: package .: no buildable Go source files in /opt/kubernetes
can't load package: package .: no buildable Go source files in /opt/kubernetes
can't load package: package .: no buildable Go source files in /opt/kubernetes
make[1]: Leaving directory '/opt/kubernetes'
+++ [0227 19:34:34] Building the toolchain targets:
    k8s.io/kubernetes/hack/cmd/teststale
    k8s.io/kubernetes/vendor/github.com/jteeuwen/go-bindata/go-bindata
+++ [0227 19:34:34] Generating bindata:
    test/e2e/framework/gobindata_util.go
+++ [0227 19:34:35] Building go targets for linux/amd64:
    cmd/kubectl
    cmd/hyperkube
make: Leaving directory '/opt/kubernetes'
API SERVER insecure port is free, proceeding...
API SERVER secure port is free, proceeding...
Detected host and ready to start services.  Doing some housekeeping first...
Using GO_OUT /opt/kubernetes/_output/local/bin/linux/amd64
Starting services now!
Starting etcd
etcd --advertise-client-urls http://127.0.0.1:2379 --data-dir /tmp/tmp.FhAud4KuG4 --listen-client-urls http://127.0.0.1:2379 --debug > "/dev/null" 2>/dev/null
Waiting for etcd to come up.
+++ [0227 19:34:38] On try 2, etcd: : http://127.0.0.1:2379
{"action":"set","node":{"key":"/_test","value":"","modifiedIndex":4,"createdIndex":4}}
Waiting for apiserver to come up
+++ [0227 19:34:39] On try 2, apiserver: : {
  "major": "1",
  "minor": "5",
  "gitVersion": "v1.5.3",
  "gitCommit": "029c3a408176b55c30846f0faedf56aae5992e9b",
  "gitTreeState": "clean",
  "buildDate": "2017-02-27T11:05:22Z",
  "goVersion": "go1.7.4",
  "compiler": "gc",
  "platform": "linux/amd64"
}
Creating kube-system namespace
Cluster "local" set.
Context "local" set.
Switched to context "local".
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Error from server (AlreadyExists): error when creating "namespace.yaml": namespaces "kube-system" already exists
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
Please enter Username: admin
Please enter Password: ********
deployment "kube-dns" created
Please enter Username:

kubectl配置视图：

apiVersion: v1
clusters:
- cluster:
    certificate-authority: /var/run/kubernetes/apiserver.crt
    server: https://localhost:6443
  name: local
contexts:
- context:
    cluster: local
    user: ""
  name: local
current-context: local
kind: Config
preferences: {}
users: []

kubectl配置获取本地上下文

：

CURRENT   NAME      CLUSTER   AUTHINFO   NAMESPACE
*         local     local

您的

local

上下文在没有用户的情况下进行了配置，但您的群集似乎配置为使用CA。如果您的群集使用CA，则您需要一个具有有效证书、由上述CA签名的用户或有效的用户令牌的用户，以便通过TLS进行通信

对于您提到的在客户端完成后应如何配置客户端的脚本，请尝试执行以下步骤：

cluster/kubectl.sh config set-credentials myself --username=admin --password=admin
cluster/kubectl.sh config set-context local --cluster=local --user=myself
cluster/kubectl.sh config use-context local

另一个选项是以通过不安全端口（默认为8080）进行通信的方式更改本地配置。您可以使用以下命令来实现这一点：

kubectl config set-cluster local --server=http://localhost:8080

参考资料：

当提示出现时，您是否可以发布

kubectl config view

输出的相关部分？在

/var/run/kubernetes/apiserver.crt中是否确实有CA证书？您的API服务器是用--ca cert file
标志启动的吗？我运行的唯一命令是hack/local up cluster.sh
。它在更新之前工作。我没有安装任何证书（但该文件存在）。似乎TLS支持是相当新的，请检查此提交：我没有在hack/local up cluster.sh
中找到禁用此类身份验证的方法。此外，我不运行任何其他命令。这个hack/local up cluster.sh
设置并运行集群本身。谢谢。我必须先运行cluster/kubectl.sh
，然后才能hack/local up cluster.sh