我正在尝试在ubutnu(裸机安装)上安装kubernetes。 我安装了一个主节点和一个节点,看起来很好。 我安装了ui插件没有问题但是当我尝试安装dns插件时,pod会不断重启。
在kube-apiserver日志中我得到:
E1218 12:56:15.298118 5 handlers.go:37] Unable to authenticate the request due to an error: crypto/rsa: verification error
I1218 12:56:15.298220 5 handlers.go:131] GET /api/v1/services: (534.467µs) 401 [[kube2sky/v0.20.2 (linux/amd64) kubernetes/unknown] 172.27.35.39:33013]
E1218 12:56:15.298396 5 handlers.go:37] Unable to authenticate the request due to an error: crypto/rsa: verification error
I1218 12:56:15.298469 5 handlers.go:131] GET /api/v1/endpoints: (493.5µs) 401 [[kube2sky/v0.20.2 (linux/amd64) kubernetes/unknown] 172.27.35.39:33014]
I1218 12:56:16.001321 5 handlers.go:131] GET /healthz: (83.326µs) 0 [[Go 1.1 package http] 127.0.0.1:42096]
E1218 12:56:16.303274 5 handlers.go:37] Unable to authenticate the request due to an error: crypto/rsa: verification error
E1218 12:56:16.303274 5 handlers.go:37] Unable to authenticate the request due to an error: crypto/rsa: verification error
在kube2sky容器日志中,我收到以下错误:
E1218 12:57:51.713651 1 reflector.go:136] Failed to list *api.Service: the server has asked for the client to provide credentials (get services)
E1218 12:57:51.713850 1 reflector.go:136] Failed to list *api.Endpoints: the server has asked for the client to provide credentials (get endpoints)
我觉得我的服务帐户和令牌有问题,但我查看了kube2sky实例,我看到我在/tmp/secrets/kubernetes.io/serviceaccount目录中有一个令牌,而ca.crt是正确的集群ca
我正在使用: ubuntu 14.04 kubernetes 1.1.2 添加我尝试从kubernetes 1.1.2
的addon目录创建dns插件答案 0 :(得分:6)
更新api-server的证书和密钥后,我遇到了同样的问题。我删除了秘密后修复了DNS服务:
# Search the secret name
kubectl get pod --namespace=kube-system -l k8s-app=kube-dns -o yaml | grep -A1 serviceaccount
# Delete the current secret
kubectl delete secret/<name-of-the-secret> --namespace=kube-system
我还需要重新启动整个POD,不知道是否有更好的方法:
kubectl delete svc/kube-dns rc/kube-dns-v9 --namespace=kube-system
kubectl create -f dns-addon.yaml
答案 1 :(得分:0)
我发现这不是skydns的问题,而是与Kubernetes本身有关。如果我将这个rc / service放在任何不同的命名空间中,它就可以完美运行。我在1.1.4 Kubernetes中遇到了这个问题