我可以在Docker for Mac中为Kubernetes API使用不安全的端点吗?

本文介绍了我可以在Docker for Mac中为Kubernetes API使用不安全的端点吗?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

当我在Mac上的Docker中运行Kubernetes时，似乎只能从 https://的安全端点访问Kube API.本地主机:6443/

When I run Kubernetes in Docker for Mac, the Kube API only seems to be accessible from a secure endpoint of https://localhost:6443/

借助minikube，我能够为Kube API使用不安全的终结点，例如 http://localhost:8080/

With minikube I was able to use an insecure endpoint for Kube API like http://localhost:8080/

在Mac版Docker的Kubernetes中，是否可以对Kube API使用不安全的端点?

Is there any way to use an insecure endpoint for Kube API in Kubernetes in Docker for Mac?

推荐答案

您可能正在使用minikube运行旧版本的Kubernetes.

You may be running an old version of Kubernetes with minikube.

kube-apiserver的默认不安全端口为8080，但在kube-apiserver中最新的Kubernetes版本中已禁用该端口，并带有以下标志:-insecure-port = 0 .

The default insecure port for the kube-apiserver is 8080, but that's disabled on the latest Kubernetes versions in the kube-apiserver with the flag: --insecure-port=0.

您始终可以从/etc/kubernetes/manifests/kube-apiserver.yaml 文件中删除该行.

You can always delete that line from your /etc/kubernetes/manifests/kube-apiserver.yaml file.

您还需要根据此.

然后重新启动kube-apiserver.

Then restart the kube-apiserver.

提示:Docker/Kubernetes在Mac上的 xhyve VM上运行.因此，要修改Kubernetes配置，您必须连接到 xhyve VM.您可以使用以下代码来做到这一点: screen〜/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty 或 screen〜/Library/容器/com.docker.docker/数据/vms/0/tty

Tip: Docker/Kubernetes runs on xhyve VM(s) on your Mac. So to modify the Kubernetes configs you'll have to connect to your xhyve VM(s). You can do it with something like this: screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty or screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty

添加更多详细信息:因此，使用 vpnkit 将端口6443转发到主机.要使端口8080在主机上可用，您还必须使用vpnkit公开该端口.如果您进入hyperkit虚拟机，您会看到端口映射是在/var/vpnkit/port 中定义的.该目录上有一个 README 文件，您可以跟踪该文件以显示端口8080.

Adding more details: So the port 6443 is forwarded to the host using vpnkit. To make port 8080 available on the host you have to also expose that port with vpnkit. If you screen into the hyperkit vm you'll see that port mappings are defined in /var/vpnkit/port. There's a README file on that directory that you can follow to expose port 8080.

这篇关于我可以在Docker for Mac中为Kubernetes API使用不安全的端点吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！