本文介绍了kOps 1.19报告错误“未经授权".与AWS集群接口时的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在按照kOps教程在AWS上设置集群.我可以使用

I'm following the kOps tutorial to set up a cluster on AWS. I am able to create a cluster with

kops create cluster
kops update cluster --yes

但是,当验证我的集群是否正确设置时

However, when validating whether my cluster is set up correctly with

kops validate cluster

我陷入了错误:

unexpected error during validation: error listing nodes: Unauthorized

在许多其他kOps操作中也会发生相同的错误.

The same error happens in many other kOps operations.

我检查了我的kOps/K8s版本,它是1.19:

I checked my kOps/K8s version and it is 1.19:

> kops version
Version 1.19.1 (git-8589b4d157a9cb05c54e320c77b0724c4dd094b2)

> kubectl version
Client Version: version.Info{Major:"1", Minor:"20" ...
Server Version: version.Info{Major:"1", Minor:"19" ...

我该如何解决?

推荐答案

从kOps 1.19开始,有两个原因会导致您突然收到此错误:

As of kOps 1.19 there are two reasons you will suddenly get this error:

  1. 如果删除并重新配置群集,则不会从kubeconfig中删除您的旧管理员,并且kOps/kubectl会尝试重用它.
  2. 默认情况下,新证书的TTL为18h,因此您需要每天大约重新配置一次.

通过运行 kops export kubecfg --admin ,可以解决上述两个问题.

Both issues above are fixed by running kops export kubecfg --admin.

请注意,建议不要使用默认的TLS凭据.考虑使用诸如OIDC提供程序之类的方法.

Note that using the default TLS credentials is discouraged. Consider things like using an OIDC provider instead.

这篇关于kOps 1.19报告错误“未经授权".与AWS集群接口时的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

05-29 13:03