I'm new in Kubernetes and I have a code error 403 trying the access.
kubectl cluster info
Kubernetes master is running at https://x.x.x.x:6443
KubeDNS is running at https://x.x.x.x:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
"status": "Failure",
"message": "namespaces is forbidden: User \"system:anonymous\" cannot list namespaces at the cluster scope",
"reason": "Forbidden",
"details": {
"kind": "namespaces"
},
"code": 403
kubectl get pods --all-namespaces
kube-system calico-etcd-6629s 1/1 Running 0 10h
kube-system calico-kube-controllers-675684d4bb-5h28d 1/1 Running 0 10h
kube-system calico-node-r75wv 2/2 Running 0 10h
kube-system etcd-sp2013a.... 1/1 Running 0 10h
kube-system kube-apiserver-sp2013a ... 1/1 Running 0 10h
kube-system kube-controller-manager-sp2013a.... 1/1 Running 0 10h
kube-system kube-dns-6f4....df-fcqvt 3/3 Running 0 10h
kube-system kube-proxy-mpf2j 1/1 Running 0 10h
kube-system kube-scheduler-sp2013a...... 1/1 Running 0 10heverything is running..
That sounds like you're being blocked by the cluster's RBAC policies. The system:anonymous user is being prevented from listing the namespaces in the cluster. (Along the lines of kubectl get namespaces)
Running kubectl create clusterrolebinding cluster-system-anonymous --clusterrole=cluster-admin --user=system:anonymous would create a clusterrolebinding that adds the system:anonymous user to the cluster-admin role.
Blindly elevating accounts to cluster-admin is not recommended in a production cluster but since you are new, this should get you up and running.
All clusters need some form of authorization before accessing the API-server (accessing kubectl) like certificate authentication. RBAC is a way to limit the actions that users (both human users and service accounts) can take in the cluster.
A great RBAC primer from the CNCF can be found here and the official docs are great too! Good Luck!