Question

我需要在Windows Server 2016计算机上访问Azure中的Kubernetes集群。我没有创建群集，但我在Azure帐户中被指定为全局管理员。我已成功登录azure帐户，但尚未登录到服务器。我已经在机器上安装了kubectl CLI。现在我需要访问集群。

我的 C：\中有 .kube / config ， .ssh / id_rsa 和 .ssh / id_rsa.pub 用户\管理员文件夹。我尝试了ssh -i ~/.ssh/id_rsa kubectluser@ourDNSname，我能够访问它。所以我的私钥很好。但是，我不想在VM内部工作。我的工作目录应该在WinServer2016机器内部。我应该能够kubectl get nodes并且它必须返回一个3个虚拟机的表。

这是通过发生的事情（AGAIN，VM的工作原理，我可以在虚拟机内部执行kubectl命令没有问题）

az acs kubernetes get-credentials --resource-group=myRGroup --name=myClusterName

返回

Authentication failed. Traceback (most recent call last): File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\azure\cli\main.py", line 36, in main cmd_result = APPLICATION.execute(args) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\azure\cli\core\application.py", line 216, in execute result = expanded_arg.func(params) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\azure\cli\core\commands\__init__.py", line 377, in __call__ return self.handler(*args, **kwargs) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\azure\cli\core\commands\__init__.py", line 620, in _execute_command reraise(*sys.exc_info()) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\six.py", line 693, in reraise raise value File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\azure\cli\core\commands\__init__.py", line 602, in _execute_command result = op(client, **kwargs) if client else op(**kwargs) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\azure\cli\command_modules\acs\custom.py", line 776, in k8s_get_credentials _k8s_get_credentials_internal(name, acs_info, path, ssh_key_file) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\azure\cli\command_modules\acs\custom.py", line 797, in _k8s_get_credentials_internal '.kube/config', path_candidate, key_filename=ssh_key_file) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\azure\cli\command_modules\acs\acs_client.py", line 72, in secure_copy ssh.connect(host, username=user, pkey=pkey, sock=proxy) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\paramiko\client.py", line 416, in connect look_for_keys, gss_auth, gss_kex, gss_deleg_creds, t.gss_host, File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\paramiko\client.py", line 701, in _auth raise saved_exception File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\paramiko\client.py", line 678, in _auth self._transport.auth_publickey(username, key)) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\paramiko\transport.py", line 1447, in auth_publickey return self.auth_handler.wait_for_response(my_event) File "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\lib\site-packages\paramiko\auth_handler.py", line 223, in wait_for_response raise e paramiko.ssh_exception.AuthenticationException: Authentication failed.

kubectl get nodes

返回

You must be logged in to the server

因此我无法使用kubectl create或kubectl set image deployment。

我需要做什么？我需要从创建群集的人员和机器获得哪些信息？

编辑：

Answer 1

我的内容中有.kube / config，.ssh / id_rsa和.ssh / id_rsa.pub C：\ Users \ Administrator文件夹。

SSH密钥文件的默认路径是~\.ssh\id_rsa，在Windows中，我们应该指定路径，如下所示：

C:\Users\jason\.ssh>az acs kubernetes get-credentials --resource-group=jasonk8s --name jasonk8s --ssh-key-file C:\Users\jason\.ssh\k8s
Merged "jasontest321mgmt" as current context in C:\Users\jason\.kube\config
C:\Users\jason\.ssh>kubectl.exe get nodes
NAME                    STATUS    ROLES     AGE       VERSION
k8s-agent-c99b4149-0    Ready     agent     7m        v1.7.7
k8s-master-c99b4149-0   Ready     master    8m        v1.7.7

在您的方案中，请尝试使用此脚本获取凭据：

az acs kubernetes get-credentials --resource-group=myRGroup --name=myClusterName --ssh-key-file C:\Users\Administrator\.ssh\id_rsa

如何在与创建它的机器不同的机器上从Azure Linux VM（kubernetes集群）获取凭据？

1 个答案: