我尝试使用时收到此错误: kubectl --kubeconfig = kubeconfig记录service-76486594c6-gl2l6
我在AWS上运行EKS集群,并对其应用了角色: kubectl --kubeconfig = kubeconfig描述configmap -n kube-system aws-auth
Name: aws-auth
Namespace: kube-system
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","data":{"mapAccounts":"","mapRoles":"- rolearn: arn:aws:iam::1111:role/role\n u...
Data
====
mapUsers:
----
- userarn: arn:aws:iam::1111:user/username
username: username
groups:
- system:masters
mapAccounts:
----
mapRoles:
----
- rolearn: arn:aws:iam::1111:role/role
username: system:node:{{EC2PrivateDNSName}}
groups:
- system:bootstrappers
- system:nodes
- rolearn: arn:aws:iam::1111:role/role
username: role/1560432619067016189
groups:
- system:masters
我的deployment.yaml
apiVersion: v1
kind: Service
metadata:
name: myservice
labels:
app: myservice
spec:
ports:
- port: 80
targetPort: 5000
name: http
- port: 443
targetPort: 5000
name: https
selector:
app: myservice
type: LoadBalancer
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: myservice
spec:
replicas: 1
template:
metadata:
labels:
app: myservice
version: v1
spec:
containers:
- name: myservice
image: my_image_to_default_app
resources:
requests:
cpu: "100m"
imagePullPolicy: IfNotPresent #Always
ports:
- containerPort: 5000
我该如何解决这个问题?
我尝试使用以下方法将自签名证书上传到群集: “创建证书”,但我仍然不知道如何将其附加到现有的kubernetes服务上
答案 0 :(得分:1)
如果要在kubernetes上设置tls证书,则必须使用cert-manager设置入口和入口控制器。
通过入口和入口控制器,您可以使用cert-manager。使用cert-manager,您可以申请Lets-encrypt证书,也可以将该证书用作应用程序的tls证书。
如果要设置SSL和tls证书,可以遵循本指南并从本教程中获取帮助。来自数字海洋。