Connecting to kubernetes cluster from different kubectl clients

0
votes

I have installed kubernetes cluster using kops.

From the node where kops install kubectl all works perfect (lets say node A).

I'm trying connect to kubernetes cluster from another server with installed kubectl on it (node B). I have copied ~/.kube from node A to B. But when I'm trying execute basic command like:

kubectl get pods

I'm getting:

Unable to connect to the server: x509: certificate signed by unknown authority

My config file is:

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSU.........
    server: https://api.kub.domain.com
  name: kub.domain.com
contexts:
- context:
    cluster: kub.domain.com
    user: kub.domain.com
  name: kub.domain.com
current-context: kub.domain.com
kind: Config
preferences: {}
users:
- name: kub.domain.com
  user:
    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0F..........
    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVk..........
    password: r4ho3rNbYrjqZOhjnu8SJYXXXXXXXXXXX
    username: admin
- name: kub.domain.com-basic-auth
  user:
    password: r4ho3rNbYrjqZOhjnu8SJYXXXXXXXXXXX
    username: admin

Appreciate any help

1
kuberneteskubectlkops
the steps you followed worked for me. one more time compare ~/.kube/config on both servers. check and see Node B has this variable KUBECONFIG set. what version of kubernetes cluster your running?sfgroups
Hi, thank you for reply, kubernetes version is v1.6.2, nether A nor B have not this variable....Moved once again .kube via SCP, the same result...time is the same on both serversYevgeniy Ovsyannikov

1 Answers

0
votes

Lets try to trobuleshoot these two.

Unable to connect to the server:

Check and see you have any firewall rules. Is your node running in virtual machine?

x509: certificate signed by unknown authority

can you compare the certificates on both servers getting the same certificates?

curl -v -k $(grep 'server:' ~/.kube/config|sed 's/server://')