I've been attempting to follow the instructions listed in:
but the apiServer won't stay up, it exits with code 255 almost immediately, the last thing in the logs for the container is:
F0222 21:45:10.776761 1 server.go:319] Invalid Authentication Config: open /srv/kubernetes/ca.crt: no such file or directory
I've tried both 1.2.0-alpha.7 and 1.1.2 version of the docker container with:
sudo docker run \ --volume=/:/rootfs:ro \ --volume=/sys:/sys:ro \ --volume=/var/lib/docker/:/var/lib/docker:rw \ --volume=/var/lib/kubelet/:/var/lib/kubelet:rw \ --volume=/var/run:/var/run:rw \ --net=host \ --privileged=true \ --pid=host \ -d \ gcr.io/google_containers/hyperkube-amd64:v1.1.2 \ /hyperkube kubelet \ --allow-privileged=true \ --api-servers=http://localhost:8080 \ --v=2 \ --address=0.0.0.0 \ --enable-server \ --hostname-override=127.0.0.1 \ --config=/etc/kubernetes/manifests-multi \ --containerized \ --cluster-dns=10.0.0.10 \ --cluster-domain=cluster.local
Only thing I can find, suggested openssl as a dependency, but I've installed that and I'm still getting the error. It seems to suggest I'm missing a certificate, but I cant find any documentation on it - any pointers would be appreciated.
Probably this doc is not 100% and some default variables still require certificates. Try to generate certificates manually.
I have also met this problem, you can docker inspect api server, check /srv/kebernetes mount folder, then create ca.key as
openssl genrsa -out ca.key 2048
openssl req -x509 -new -nodes -key ca.key -subj "/CN=${MASTER_IP}" -days 10000 -out ca.crtand I have also create two empty files: basic_auth.csv and known_tokens.csv then api server docker start success.