K
Q

Connecting to kubernetes cluster from different kubectl clients

7/22/2017

I have installed kubernetes cluster using kops.

From the node where kops install kubectl all works perfect (lets say node A).

I'm trying connect to kubernetes cluster from another server with installed kubectl on it (node B). I have copied ~/.kube from node A to B. But when I'm trying execute basic command like:

kubectl get pods

I'm getting:

Unable to connect to the server: x509: certificate signed by unknown authority

My config file is:

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSU.........
    server: https://api.kub.domain.com
  name: kub.domain.com
contexts:
- context:
    cluster: kub.domain.com
    user: kub.domain.com
  name: kub.domain.com
current-context: kub.domain.com
kind: Config
preferences: {}
users:
- name: kub.domain.com
  user:
    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0F..........
    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVk..........
    password: r4ho3rNbYrjqZOhjnu8SJYXXXXXXXXXXX
    username: admin
- name: kub.domain.com-basic-auth
  user:
    password: r4ho3rNbYrjqZOhjnu8SJYXXXXXXXXXXX
    username: admin

Appreciate any help

-- Yevgeniy Ovsyannikov
kops
kubectl
kubernetes

Similar Questions

Share VPC networks with Google Container Engine
what approach I should use for external access to Cassandra running inside kubernetes
Login attempts to Nexus OSS Docker repo throwing 404
What is the point of nginx when I have Kubernetes?

1 Answer

7/22/2017

Lets try to trobuleshoot these two.

Unable to connect to the server:

Check and see you have any firewall rules. Is your node running in virtual machine?

x509: certificate signed by unknown authority

can you compare the certificates on both servers getting the same certificates?

curl -v -k $(grep 'server:' ~/.kube/config|sed 's/server://')
-- sfgroups
Source: StackOverflow