K
Q

Error message when trying to connect to cluster endpoint

1/18/2019

When I try to connect to my Kubernetes cluster endpoint IP, I get this message. Does anybody knows where this comes from and would could be the problem here?

{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {

  },
  "status": "Failure",
  "message": "forbidden: User \"system:anonymous\" cannot get path \"/\": No policy matched.",
  "reason": "Forbidden",
  "details": {

  },
  "code": 403
}
-- user9468014
dns
google-cloud-platform
kubernetes
nginx

Similar Questions

Kubernetes wait that apiVersion and kind exists before trying to apply resource using those
Running Firecracker inside Docker
Kubernetes and Docker: how to let two service to communicate correctly
Horizontal Pod Autoscale unable to read metrics

1 Answer

1/18/2019

You did not provide to many information on what you want to achieve. But as Konstantin already mentioned, this error is visible only when you try to access the API as unauthorized (anonymous) user. You have probably tried to curl the API server as an anonymous user.

You can find exact steps on how to explore the API server in this great article.

To interact with the Kubernetes API you need a ServiceAccount with the correct permissions, obtained through a (Cluster)Role and a RoleBinding. Authenticate by using the ServiceAccount’s token. Since all communication is over TLS you also need the self-signed certificate. Alternatively, allow insecure connections, but this is not recommended.

More about Kubernetes API and how to access it here.

-- aurelius
Source: StackOverflow