K
Q

Kubernetes HA Kube proxy certificate issue

1/17/2020

I'm setting up kubernetes HA with external etcd cluster and a HA proxy as load balancer on bare metal. After applying kubeadm init, i m getting errors being printed in kube-proxy pod logs

E0117 18:33:58.827088 1 reflector.go:153] k8s.io/client-go/informers/factory.go:135: Failed to list *v1.Endpoints: Get https://dockers.airtel.com:6443/api/v1/endpoints?labelSelector=%21service.kubernetes.io%2Fheadless%2C%21service.kubernetes.io%2Fservice-proxy-name&limit=500&resourceVersion=0: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes") E0117 18:33:58.828979 1 reflector.go:153] k8s.io/client-go/informers/factory.go:135: Failed to list *v1.Service: Get https://dockers.airtel.com:6443/api/v1/services?labelSelector=%21service.kubernetes.io%2Fheadless%2C%21service.kubernetes.io%2Fservice-proxy-name&limit=500&resourceVersion=0: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes") E0117 18:33:59.853663 1 reflector.go:153] k8s.io/client-go/informers/factory.go:135: Failed to list *v1.Service: Get https://dockers.airtel.com:6443/api/v1/services?labelSelector=%21service.kubernetes.io%2Fheadless%2C%21service.kubernetes.io%2Fservice-proxy-name&limit=500&resourceVersion=0: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes") E0117 18:33:59.868131 1 reflector.go:153] k8s.io/client-go/informers/factory.go:135: Failed to list *v1.Endpoints: Get https://dockers.airtel.com:6443/api/v1/endpoints?labelSelector=%21service.kubernetes.io%2Fheadless%2C%21service.kubernetes.io%2Fservice-proxy-name&limit=500&resourceVersion=0: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")

Although kube-proxy pod is up and running but i'm not being able to apply the calico cni.

I have been stuck in this for two weeks now but getting no help from anywhere.

-- Deepesh Goel
kube-proxy
kubernetes
kubernetes-pod

Similar Questions

Using HTTP basic authentication for readinessProbe when using GKE Ingress
Is there a good way to go from running Docker Containers to Kubernetes Deployments?
My kubernetes pod is running on Minikube with proxy but impossible to reach it from outside
Managed Certificate in Ingress, Domain Status is FailedNotVisible

0 Answers