kubernetes localhost:8080 被上下文拒绝

kubernetes localhost:8080 was refused with context

Kubernets 集群是使用阿里巴巴容器服务设置的,使用 root 帐户访问集群没有问题,当创建新的命名空间并将用户添加到该命名空间时,它会抛出错误 与服务器的连接 localhost:8080 被拒绝

这是故障排除的设置

定义命名空间 dev 并使用 get verb 显示所有 kubernetes 命名空间。

root@kube-master:# kubectl get namespaces
NAME          STATUS    AGE
default       Active    14d
dev           Active    56m
kube-public   Active    14d
kube-system   Active    14d

在 Kubernetes 集群中添加了新上下文。

kubectl config set-context dev  --namespace=dev --user=user1

当使用带有此配置文件的 kubectl CLI 时,我应该得到一个 访问被拒绝的错误

root@kube-master:/home/ansible# kubectl --context=dev get pods
The connection to the server localhost:8080 was refused - did you specify the right host or port?

而不是显示 与服务器的连接 localhost:8080 被拒绝

没有 --context 它工作得很好

root@kube-master:# kubectl get pods -n dev
NAME      READY     STATUS    RESTARTS   AGE
busybox   1/1       Running   1          1h

这是 kubernetes 配置视图

root@kube-master:/home/ansible# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: REDACTED
    server: https://172.16.2.13:6443
  name: kubernetes
contexts:
- context:
    cluster: ""
    namespace: dev
    user: user1
  name: dev
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

root@kube-master:# kubectl config get-contexts
CURRENT   NAME                          CLUSTER      AUTHINFO           NAMESPACE
          dev                                        user1              dev
*         kubernetes-admin@kubernetes   kubernetes   kubernetes-admin   

我明白了,当我执行命令时我注意到了什么

kubectl config view

集群显示为空

- context:
    cluster: ""
    namespace: dev
    user: user1

要解决此问题,添加了 --cluster 信息并修改了 set-context

root@kube-master:/home/ansible# kubectl config set-context dev --cluster=kubernetes --namespace=dev --user=user1
Context "dev" modified.

并且上下文设置正确

contexts:
- context:
    cluster: kubernetes
    namespace: dev
    user: user1
  name: dev

并且在使用 --context=dev

查找 pods 时我得到了想要的结果
root@kube-master:/home/ansible# kubectl --context=dev get pods
No resources found.
Error from server (Forbidden): pods is forbidden: User "system:anonymous" cannot list pods in the namespace "dev"