Client-Go 链接Api-Server报509错误
卫学真
如果使用client-go连接api-server 报x509的错误如下
85178 reflector.go:123] pkg/mod/k8s.io/client-go@v0.16.6/tools/cache/reflector.go:96: Failed to list *v1.Pod: Get https://ip:port/api/v1/namespaces/default/pods?limit=500&resourceVersion=0: x509: certificate signed by unknown authority解决方案:
查看创建的rest.config 里面是否有配置TSLClientConfig 如下
restClientConfig := &rest.Config{}
restClientConfig.Host = config.ApiServer.Host
restClientConfig.BearerToken = config.BearerToken
restClientConfig.Burst = 1e6
restClientConfig.QPS = 1e6
restClientConfig.ContentType = "application/vnd.kubernetes.protobuf"
//如果是直连api-server.别忘了配置这里
restClientConfig.TLSClientConfig = rest.TLSClientConfig{
Insecure:true,
}restClientConfig.TLSCliengConfig = rest.TLSCliengConfig{ Insecure:true }
这行代码很重要。可以添加了试试一下。
类似资料: