Kubernetes显示错误"用户"系统:匿名"无法进入集群范围。"

时间:2017-06-13 13:22:32

标签: amazon-web-services amazon-ec2 kubernetes kubectl kubeadm

我使用kubeadm在AWS EC2上创建了kubernetes集群, 我可以看到所有连接的节点,我的部署和服务也工作。即使我暴露我的部署,我也可以从集群外部访问它,但是当我尝试从外部或本地访问kubernetes api时,我收到错误

"用户"系统:匿名"无法进入群集范围。"

我的群集信息显示:

Kubernetes master is running at https://172.31.25.217:6443 
KubeDNS is running at https://172.31.25.217:6443/api/v1/proxy/namespaces/kube-system/services/kube-dns

172.31.25.217是群集的本地IP

我使用的是最新版本的kubectl和kubeadm

kubectl version
Client Version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.4", GitCommit:"d6f433224538d4f9ca2f7ae19b252e6fcb66a3ae", GitTreeState:"clean", BuildDate:"2017-05-19T18:44:27Z", GoVersion:"go1.7.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.4", GitCommit:"d6f433224538d4f9ca2f7ae19b252e6fcb66a3ae", GitTreeState:"clean", BuildDate:"2017-05-19T18:33:17Z", GoVersion:"go1.7.5", Compiler:"gc", Platform:"linux/amd64"}
ubuntu@ip-172-31-25-217:/etc/kubernetes/manifests$ kubeadm version
kubeadm version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.4", GitCommit:"d6f433224538d4f9ca2f7ae19b252e6fcb66a3ae", GitTreeState:"clean", BuildDate:"2017-05-19T18:33:17Z", GoVersion:"go1.7.5", Compiler:"gc", Platform:"linux/amd64"}

即使我尝试运行kubectl代理并从IP上的群集外部访问仪表板:http://MASTER_IP:8001/ui,我也无法执行此操作并显示连接被拒绝。

我错过了什么诀窍?任何人都可以帮助我吗?

Kubectl配置视图:`



kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: REDACTED
    server: https://172.31.17.145:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED




`

1 个答案:

答案 0 :(得分:0)

我能够使用以下命令解决我无法从外部群集访问仪表板的问题:

kubectl proxy --address='0.0.0.0' --port=8001 --accept-hosts='^*$'