Proxy 代理人背后的库贝特
我已经按照说明使用minikube安装了本地Kubernetes群集 我有公司代理人。因此,我设置了http_代理和https_代理环境变量。一旦集群在Proxy 代理人背后的库贝特,proxy,kubernetes,kubectl,minikube,Proxy,Kubernetes,Kubectl,Minikube,我已经按照说明使用minikube安装了本地Kubernetes群集 我有公司代理人。因此,我设置了http_代理和https_代理环境变量。一旦集群在minikube start命令后启动,我还将minikube ip的值添加到no_proxy env变量。但是,kubectl仍然无法连接到集群 ubuntu@ros-2:~$ kubectl -v=7 get pods I0105 10:31:47.773801 17607 loader.go:354] Config loaded fro
minikube startminikube ipubuntu@ros-2:~$ kubectl -v=7 get pods
I0105 10:31:47.773801 17607 loader.go:354] Config loaded from file /home/ubuntu/.kube/config
I0105 10:31:47.775151 17607 round_trippers.go:296] GET https://192.168.42.22:8443/api
I0105 10:31:47.778533 17607 round_trippers.go:303] Request Headers:
I0105 10:31:47.778606 17607 round_trippers.go:306] Accept: application/json, */*
I0105 10:31:47.778676 17607 round_trippers.go:306] User-Agent: kubectl/v1.5.1 (linux/amd64) kubernetes/82450d0
I0105 10:31:47.783069 17607 round_trippers.go:321] Response Status: in 4 milliseconds
I0105 10:31:47.783166 17607 helpers.go:221] Connection error: Get https://192.168.42.22:8443/api: Forbidden port
F0105 10:31:47.783181 17607 helpers.go:116] Unable to connect to the server: Forbidden port
ubuntu@ros-2:~$ curl -v -k https://192.168.42.22:8443/api
* Hostname was NOT found in DNS cache
* Trying 192.168.42.22...
* Connected to 192.168.42.22 (192.168.42.22) port 8443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Request CERT (13):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: CN=minikube
* start date: 2017-01-04 16:04:47 GMT
* expire date: 2018-01-04 16:04:47 GMT
* issuer: CN=minikubeCA
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET /api HTTP/1.1
> User-Agent: curl/7.35.0
> Host: 192.168.42.22:8443
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Thu, 05 Jan 2017 10:33:45 GMT
< Content-Length: 13
<
Unauthorized
* Connection #0 to host 192.168.42.22 left intact
ubuntu@ros-2:~$curl-v-khttps://192.168.42.22:8443/api
*在DNS缓存中找不到主机名
*正在尝试192.168.42.22。。。
*连接到192.168.42.22(192.168.42.22)端口8443(#0)
*已成功设置证书验证位置:
*卡菲尔:没有
CApath:/etc/ssl/certs
*SSLv3,TLS握手,客户端hello(1):
*SSLv3,TLS握手,服务器hello(2):
*SSLv3,TLS握手,证书(11):
*SSLv3、TLS握手、服务器密钥交换(12):
*SSLv3,TLS握手,请求证书(13):
*SSLv3,TLS握手,服务器完成(14):
*SSLv3,TLS握手,证书(11):
*SSLv3、TLS握手、客户端密钥交换(16):
*SSLv3,TLS更改密码,客户端你好(1):
*SSLv3,TLS握手,完成(20):
*SSLv3,TLS更改密码,客户端你好(1):
*SSLv3,TLS握手,完成(20):
*使用ECDHE-RSA-AES128-GCM-SHA256的SSL连接
*服务器证书:
*主题:CN=minikube
*开始日期:2017-01-04 16:04:47 GMT
*到期日期:2018-01-04 16:04:47 GMT
*发行人:CN=minikubeCA
*SSL证书验证结果:无法获取本地颁发者证书(20),仍在继续。
>GET/api HTTP/1.1
>用户代理:curl/7.35.0
>主持人:192.168.42.22:8443
>接受:*/*
>
有没有办法解决这个问题?解决了这个问题。修复方法是在no_proxy中也包含no_proxy的详细信息
export NO_PROXY=$no_proxy,$(minikube ip)
。希望这对其他人有用。对于任何被困在A级糟糕的Cisco AnyConnect VPN客户端后面的人,该客户端可以帮助将所有前往
192.168.99.100no_proxy