Helm 3: x509 error when connecting to local Kubernetes - kubernetes

I'm a perfect noob with K8s. I installed microk8s and Helm using snap to experiment locally. I wonder whether my current issue comes from the use of snap (purpose of which is encapsulation, from what I understood)
Environment
Ubuntu 20.04LTS
helm version
version.BuildInfo{Version:"v3.2.4", GitCommit:"0ad800ef43d3b826f31a5ad8dfbb4fe05d143688", GitTreeState:"clean", GoVersion:"go1.13.12"}
kubectl version
Client Version: version.Info{Major:"1", Minor:"18+", GitVersion:"v1.18.4-1+6f17be3f1fd54a", GitCommit:"6f17be3f1fd54a88681869d1cf8bedd5a2174504", GitTreeState:"clean", BuildDate:"2020-06-23T21:16:24Z", GoVersion:"go1.14.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"18+", GitVersion:"v1.18.4-1+6f17be3f1fd54a", GitCommit:"6f17be3f1fd54a88681869d1cf8bedd5a2174504", GitTreeState:"clean", BuildDate:"2020-06-23T21:17:52Z", GoVersion:"go1.14.4", Compiler:"gc", Platform:"linux/amd64"}
kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* microk8s microk8s-cluster admin
Post install set up
microk8s enable helm3
Kubernetes is up and running
kubectl cluster-info
Kubernetes master is running at https://127.0.0.1:16443
CoreDNS is running at https://127.0.0.1:16443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Problem while connecting helm to microk8s
helm ls --kube-token ~/token --kube-apiserver https://127.0.0.1:16443
Error: Kubernetes cluster unreachable: Get https://127.0.0.1:16443/version?timeout=32s: x509: certificate signed by unknown authority
How can I tell helm
to trust microk8s certs or
to ignore this verification step
From what I read, I may overcome this issue by pointing to kube's config using --kubeconfig.
helm ls --kube-token ~/token --kube-apiserver https://127.0.0.1:16443 --kubeconfig /path/to/kubernetes/config
In the context of microk8s installed with snap, I am not quite sure what this conf file is nor where to find it.
/snap/microk8s/1503 ?
/var/snap/microk8s/1503 ?

Helm looks for kubeconfig at this path $HOME/.kube/config.
Please run this command
microk8s.kubectl config view --raw > $HOME/.kube/config
This will save the config at required path in your directory and shall work
Reference Link here

Please try exporting kubeconfig file using following command:
export KUBECONFIG=/var/snap/microk8s/current/credentials/client.config

If you happen to be using WSL with docker desktop with k8s running in docker desktop but helm running in WSL a very similar command as provided by Tarun will also work.
Assuming you are running the Windows version of kubectl
➜ which kubectl.exe
➜ /mnt/c/Program Files/Docker/Docker/resources/bin/kubectl.exe
➜ which kubectl
➜ kubectl: aliased to /mnt/c/Program\ Files/Docker/Docker/resources/bin/kubectl.exe
➜ kubectl config view --raw > $HOME/.kube/config

Related

Can't connect to K8S cluster from kubectl

I am running kubectl from Mac OS M1 laptop. There is a K8S cluster deployed to gcp and I have logged in from cli gcloud auth login. Then I run below command to authenticate GKS credential
> gcloud container clusters get-credentials gcp-test --zone australia-southeast2-a
Fetching cluster endpoint and auth data.
kubeconfig entry generated for gcp-test.
it looks ok but I got below error when run get pods
> kubectl get pods
Unable to connect to the server: EOF
The version of kubectl I am using is
> kubectl version
Client Version: version.Info{Major:"1", Minor:"23+", GitVersion:"v1.23.13-eks-fb459a0", GitCommit:"55bd5d5cb7d32bc35e4e050f536181196fb8c6f7", GitTreeState:"clean", BuildDate:"2022-10-24T20:38:50Z", GoVersion:"go1.17.13", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"23+", GitVersion:"v1.23.13-eks-fb459a0", GitCommit:"55bd5d5cb7d32bc35e4e050f536181196fb8c6f7", GitTreeState:"clean", BuildDate:"2022-10-24T20:35:40Z", GoVersion:"go1.17.13", Compiler:"gc", Platform:"linux/amd64"}
The K8S cluster version in GCP is 1.24.5-gke.600. Does anyone know why I get Unable to connect to the server: EOF error? It seems like not able to connect to the server.
It looks like you have already a config for an EKS cluster. Maybe gcloud added a new context to your kubeconfig file, but the old one is still the active one.
Use
kubectl config get-contexts
to check if there are multiple contexts.
Use
kubectl config use-context <context-name>
to set the active context.
You could also examine your kubeconfig file. The default location is
~/.kube/config
but can be overridden by KUBECONFIG environment variable. To find that out, execute
echo $KUBECONFIG
Could also be that gcloud added the context to the default kubeconfig file but you have a different on set with the KUBECONFIG env variable that contains the EKS context.

How to modify the minikube start parameter setting apiserver from 8443 to 6443

I'm using minikube to test the kompose.
I installed k8s using the following minikube command
# minikube start --driver=none --kubernetes-version v1.16.0
minikube v1.9.2 on Ubuntu 18.04
✨ Using the none driver based on user configuration
👍 Starting control plane node in cluster minikube
🤹 Running on localhost (CPUs=XX, Memory=XXXXXMB, Disk=XXXXXMB) ...
ℹ️ OS release is Ubuntu 18.04.3 LTS
🐳 Preparing Kubernetes v1.16.0 on Docker 18.09.7 ...
▪ kubelet.resolv-conf=/run/systemd/resolve/resolv.conf
❗ This bare metal machine is having trouble accessing https://k8s.gcr.io
💡 To pull new external images, you may need to configure a proxy: https://minikube.sigs.k8s.io/docs/reference/networking/proxy/
🌟 Enabling addons: default-storageclass, storage-provisioner
🤹 Configuring local host environment ...
❗ The 'none' driver is designed for experts who need to integrate with an existing VM
💡 Most users should use the newer 'docker' driver instead, which does not require root!
📘 For more information, see: https://minikube.sigs.k8s.io/docs/reference/drivers/none/
❗ kubectl and minikube configuration will be stored in /root
❗ To use kubectl or minikube commands as your own user, you may need to relocate them. For example, to overwrite your own settings, run:
▪ sudo mv /root/.kube /root/.minikube $HOME
▪ sudo chown -R $USER $HOME/.kube $HOME/.minikube
💡 This can also be done automatically by setting the env var CHANGE_MINIKUBE_NONE_USER=true
🏄 Done! kubectl is now configured to use "minikube"
💡 For best results, install kubectl: https://kubernetes.io/docs/tasks/tools/install-kubectl/
and curl, chmod, mv install kubectl
# kubectl versionClient Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.0", GitCommit:"2bd9643cee5b3b3a5ecbd3af49d09018f0773c77", GitTreeState:"clean", BuildDate:"2019-09-18T14:36:53Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.0", GitCommit:"2bd9643cee5b3b3a5ecbd3af49d09018f0773c77", GitTreeState:"clean", BuildDate:"2019-09-18T14:27:17Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}
But when I use the kompose up command, it shows connection rejection
kompose -f docker-compose.yaml up
INFO We are going to create Kubernetes Deployments, Services and PersistentVolumeClaims for your Dockerized application. If you need different kind of resources, use the 'kompose convert' and 'kubectl create -f' commands instead.
FATA Error while deploying application: Get https://127.0.0.1:6443/api: dial tcp 127.0.0.1:6443: connect: connection refused
Querying the kubectl configuration found that its port was 8443, different from the 6443 connected by kompose up
# kubectl cluster-info
Kubernetes master is running at https://172.26.90.122:8443
KubeDNS is running at https://172.26.90.122:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
I think that's the problem, but I don't know how to fix it to make the ports match, right.
I would appreciate it if you could tell me how to solve it?
You add this flag in the start command
--apiserver-port=6443

Kubernetes - Kubectl version command returns error

MacOs
I just install kubectl via: https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl-on-macos
MacBook-Air:~ admin$ kubectl version
Client Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.0", GitCommit:"70132b0f130acc0bed193d9ba59dd186f0e634cf", GitTreeState:"clean", BuildDate:"2019-12-07T21:20:10Z", GoVersion:"go1.13.4", Compiler:"gc", Platform:"darwin/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?
what could be the problem, Any ideas?
kubectl version prints out both the client version and server version. To fetch the server version, it connects to kubernetes api server. You either do not have the cluster installed or have not configured your kubectl properly to communicate with the remote cluster. So it is only printing client version and throwing an error for server version.
Sample output:
# kubectl version
Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.5", GitCommit:"2166946f41b36dea2c4626f90a77706f426cdea2", GitTreeState:"clean", BuildDate:"2019-03-25T15:26:52Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.5", GitCommit:"2166946f41b36dea2c4626f90a77706f426cdea2", GitTreeState:"clean", BuildDate:"2019-03-25T15:19:22Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
You can use kubectl version --client to get only client version.
# kubectl version --client
Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.5", GitCommit:"2166946f41b36dea2c4626f90a77706f426cdea2", GitTreeState:"clean", BuildDate:"2019-03-25T15:26:52Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
As you mentioned you have installed kubectl - command-line tool, which allows you to run commands against Kubernetes clusters. You can use kubectl to deploy applications, inspect and manage cluster resources, and view logs.
However to kubectl could run any command you need to have a cluster.
The most common is Minikube. However, you will need a hypervisor as Virtualbox or Hyperkit.
You also should read about Docker Desktop on Mac.
If you will search for more information you can find that people also using Kubeadm but its not supported on MacOS.
It was mentioned in another StackOverflow question, you can find it here.
Note : kubectl is a command-line tool tool that allows you to run commands against Kubernetes clusters
In order for kubectl to find and access a given kubernetes cluster, it needs kubeconfig file for a given K8s cluster you want to connect with (if you dont have one you can install a local cluster to play with using something like K8s Minikube which will then give you this file to connect to minikube)
If you already have a cluster then check that kubectl is properly configured use kubectl cluster-info command , if it is not you will receive below error log.
$ kubectl cluster-info
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
The connection to the server localhost:8080 was refused - did you specify the right host or port?
So to connect to a cluster you want work toward using kubectl you need to find kubeconfig file and configure the environment variable to point to it. Meaning if your $HOME/.kube/config file is not already listed in your KUBECONFIG environment variable, fix your KUBECONFIG environment variable by export KUBECONFIG=$KUBECONFIG:$HOME/.kube/config to point to correct kubeconfig file to be used.
Once you have right kubeconfig exported cluster-info command should load the details as below
$ kubectl cluster-info
Kubernetes master is running at https://xx.xx.xx.xx:6443
KubeDNS is running at https://xx.xx.xx.xx:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

How to fix issue of 'Unable to connect to the server: EOF' Kubernetes - Kubectl

When I try any kubectl command, it always returns:
Unable to connect to the server: EOF
I followed these tutorials:
https://kubernetes.io/docs/tasks/tools/install-kubectl/
https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/
But they have not helped me. According to the first link, by default, kubectl configuration is located at
~/.kube/config
But in that path I don't have anything. I don't know if this is causing the issue.
Other thing is when I try to check the kubectl configuration:
M:.kube candres$ kubectl cluster-info
Kubernetes master is running at http://localhost:8080
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
Unable to connect to the server: EOF
M:.kube candres$ kubectl cluster-info dump
Unable to connect to the server: EOF
The versions I have installed are:
Kubernetes - kubectl
M:.kube candres$ kubectl version
Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.3", GitCommit:"X", GitTreeState:"clean", BuildDate:"2018-02-09T21:51:06Z", GoVersion:"go1.9.4", Compiler:"gc", Platform:"darwin/amd64"}
Unable to connect to the server: EOF
Minikube
M:.kube candres$ minikube version
minikube version: v0.25.0
Docker:
M:.kube candres$ docker version
Client:
Version: 17.12.0-ce
API version: 1.35
Go version: go1.9.2
Git commit: X
Built: Wed Dec 27 20:03:51 2017
OS/Arch: darwin/amd64
Server:
Engine:
Version: 17.12.0-ce
API version: 1.35 (minimum version 1.12)
Go version: go1.9.2
Git commit: X
Built: Wed Dec 27 20:12:29 2017
OS/Arch: linux/amd64
Experimental: true
Does anyone know how to resolve this?
After Minikube is started, kubectl is configured automatically.
minikube start
Starting local Kubernetes cluster...
Kubernetes is available at https://192.168.99.100:8443.
Kubectl is now configured to use the cluster.
You can verify and validate the cluster and context with following commands.
kubectl config view
I also had this issue. Be sure to check your config file that is generated by minikube. This file can most likely be found ~/.kube/config. Make sure that you are referencing the right cluster name in the current context you are using. You can see what context you are currently using by: kubectl get current-context. The important thing is that you understand why you are getting this error and as #Suresh Vishnoi stated, kubectl doesn't know about k8s api-server.
here the steps to my solution
Install minikube:
brew install minikube
Start minikube
minikube start
check again and ✅
kubectl version --short
Client Version: v1.16.6-beta.0
Server Version: v1.22.2
Here is all I had to run:
minikube delete
minikube start
Just updating Kubectl version to latest version resolve my problem.
If you get a message like this:
You appear to be using a proxy, but your NO_PROXY environment does not
include the minikube IP (www.xxx.yyy.zzz).
Then set your environment variable NO_PROXY to the address given before running kubectl. This is probably configurable somewhere, but that's a short quick solution.
reset kubeadm via force
reset kubeadm -f
and then
copy config file again
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
at last
kubectl init
I'm using wsl. So it helps me to synchronize time between
windows and linux console.
sudo hwclock --hctosys
Check your VPN security as well as your anti virus internet security. in case it is ON then we have to make it off. and it worked for me after that.
Try it out this also.
VPN should solve it, if not, then also try unsetting local env proxy settings.

Creating a Kubernetes cluster with Vagrant

I need some help in creating my first Kubernetes cluster with Vagrant. I have installed Kubernetes, Vagrant and libvirt. My kubectl status displays:
[root#localhost ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"0", GitVersion:"v1.0.6", GitCommit:"388061f00f0d9e4d641f9ed4971c775e1654579d", GitTreeState:"clean"}
Server Version: version.Info{Major:"1", Minor:"0", GitVersion:"v1.0.6", GitCommit:"388061f00f0d9e4d641f9ed4971c775e1654579d", GitTreeState:"clean"}
From the documentation I can read that the cluster can be started with:
export KUBERNETES_PROVIDER=vagrant ./cluster/kube-up.sh
However no "cluster" folder has been created by installing kubernetes, nor the "kube-up.sh" command is available. I can see only the following ones:
kube-apiserver kube-controller-manager kubectl kubelet kube-proxy kube-scheduler kube-version-change
Am I missing some steps ? Thanks
From the documentation I can read that the cluster can be started with:
export KUBERNETES_PROVIDER=vagrant ./cluster/kube-up.sh
This documentation assumes that you have downloaded a kubernetes release. You can grab the latest release (1.1.7) from the github releases page. Once you unpack kubernetes.tar.gz you should see a cluster directory with kube-up.sh inside of it that you can execute it as suggested by the documentation.