因此,当尝试使用aws作为云提供程序安装kubernetes时,我收到此错误。我正在使用kubespray进行安装,但我将其缩小到下面的命令,我尝试在hyperkube容器内手动执行。我猜测实际错误来自没有正确的iam角色。我正在努力获得一个,但这需要一段时间。我也看到它在配置文件中没有指定区域。我不确定在哪里指定它。有人能指出我正确的方向吗?同样仅出于测试目的,我可以手动获取awa访问密钥和会话令牌。有没有办法让hyperkube使用它们?
root@15713968201f:/# /hyperkube apiserver --advertise-address=10.205.232.161 --etcd-servers=https://10.205.232.161:2379,https://10.205.235.70:2379 --etcd-quorum-read=true --etcd-cafile=/etc/ssl/etcd/ssl/ca.pem --etcd-certfile=/etc/ssl/etcd/ssl/node-ip-10-205-232-161.ec2.internal.pem --etcd-keyfile=/etc/ssl/etcd/ssl/node-ip-10-205-232-161.ec2.internal-key.pem --insecure-bind-address=127.0.0.1 --apiserver-count=2 --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota --service-cluster-ip-range=10.233.0.0/18 --service-node-port-range=30000-32767 --client-ca-file=/etc/kubernetes/ssl/ca.pem --basic-auth-file=/etc/kubernetes/users/known_users.csv --tls-cert-file=/etc/kubernetes/ssl/apiserver.pem --tls-private-key-file=/etc/kubernetes/ssl/apiserver-key.pem --token-auth-file=/etc/kubernetes/tokens/known_tokens.csv --service-account-key-file=/etc/kubernetes/ssl/apiserver-key.pem --secure-port=6443 --insecure-port=8080 --storage-backend=etcd3 --v=2 --allow-privileged=true --cloud-provider=aws --anonymous-auth=False
I0817 22:08:00.258693 134 aws.go:762] Building AWS cloudprovider
I0817 22:08:00.258810 134 aws.go:725] Zone not specified in configuration file; querying AWS metadata service
Error: error setting the external host value: "aws" cloud provider could not be initialized: could not init cloud provider "aws": error finding instance i-045f83bfff733a224: error listing AWS instances: NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors
Error: error setting the external host value: "aws" cloud provider could not be initialized: could not init cloud provider "aws": error finding instance i-045f83bfff733a224: error listing AWS instances: NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors
答案 0 :(得分:1)
https://github.com/kubernetes/kubernetes/issues/11543
我愿意打赌你的节点iam角色没有足够的访问权限。我不熟悉kubespray,但我认为上述问题可以帮助您解决问题。
这是我关注的一点:
error finding instance i-045f83bfff733a224: error listing AWS instances: NoCredentialProviders: no valid providers in chain.