Ubuntu kubectl-访问GKE Clustor时接收协议_错误

我在WSL中使用Ubuntu20.04，并从Ubuntu运行gcloud和kubectl连接到GKE集群。当我尝试列出POD或任何其他操作时，我收到以下群集信息错误：

$kubectl cluster-info dump
I0530 23:58:41.719004    1446 log.go:184] protocol error: received *http2.GoAwayFrame before a SETTINGS frame
Unable to connect to the server: connection error: PROTOCOL_ERROR

$ kubectl version
I0531 00:04:52.960264    1503 log.go:172] protocol error: received *http2.GoAwayFrame before a SETTINGS frame
I0531 00:04:53.139292    1503 log.go:172] protocol error: received *http2.GoAwayFrame before a SETTINGS frame
Client Version: version.Info{Major:"1", Minor:"17+", GitVersion:"v1.17.17-dispatcher", GitCommit:"a39a896b5018d0c800124a36757433c660fd0880", GitTreeState:"clean", BuildDate:"2021-01-28T21:47:26Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
Unable to connect to the server: connection error: PROTOCOL_ERROR

以下是操作系统发布输出：

$ cat /etc/os-release
NAME="Ubuntu"
VERSION="20.04.2 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.2 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

GKE版本：1.17.17-GKE.4900

我可以使用IP从群集下载证书，但无法连接到群集。我尝试连接不同版本的kubectl，还尝试运行docker容器与google sdk和kubectl连接，但也出现了相同的错误

有什么问题吗。我以前曾连接到集群，但它停止工作。Windows是否存在此问题或任何设置问题？非常感谢您的帮助

更新： 我尝试使用kubectl使用的curl命令。这是输出

$ curl -k -v -XGET  -H "Accept: application/json, */*" -H "User-Agent: kubectl/v1.17.17 (linux/amd64) kubernetes/a39a89                                  [1/2466]> 6" 'https://CLUSTER_IP:443/version?timeout=32s'
Note: Unnecessary use of -X or --request, GET is already inferred.
* Uses proxy env variable no_proxy == ',*.docker.internal'
*   Trying CLUSTER_IP:443...
* TCP_NODELAY set
* Connected to CLUSTER_IP (CLUSTER_IP) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=CLUSTER_IP
*  start date: Apr 26 22:11:53 2021 GMT
*  expire date: Apr 25 22:11:53 2026 GMT
*  issuer: CN=Untrusted CA - Dont Trust
*  SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fffca298820)
> GET /version?timeout=32s HTTP/2
> Host: CLUSTER_IP
> accept: application/json, */*
> user-agent: kubectl/v1.17.17 (linux/amd64) kubernetes/a39a89
> 6
>
* http2 error: Remote peer returned unexpected data while we expected SETTINGS frame.  Perhaps, peer does not support HTTP/2 properly.
* Connection #0 to host CLUSTER_IP left intact
curl: (16) Error in the HTTP2 framing layer

---

找到失败的原因： 是VPN导致了这个问题。

---

VPN被设置为解密流量，并在深入检查后拒绝http2请求。

Hello@SharanPiddanagoudra。您能告诉我们您是如何建立与GKE群集的连接的吗？您好@WytrzymałyWiktor，我使用$gcloud auth login登录，gcloud容器群集获取凭据CLUSTERNAME--region region--project project_NAME