error: You must be logged in to the server - the server has asked for the client to provide credentials - “kubectl logs” command gives error

后端 未结 4 1905
借酒劲吻你
借酒劲吻你 2021-02-15 02:07

We had setup kubernetes 1.10.1 on CoreOS with three nodes. Setup is successfull

NAME                STATUS    ROLES     AGE       VERSION
node1.example.com   Rea         


        
相关标签:
4条回答
  • 2021-02-15 02:35

    In general, many different .kube/config file errors will trigger this error message. In my case it was that I simply specified the wrong cluster name in my config file (and spent MANY hours trying to debug it).

    When I specified the wrong cluster name, I received 2 requests for MFA token codes, followed by the error: You must be logged in to the server (the server has asked for the client to provide credentials) message.

    Example:

    # kubectl create -f scripts/aws-auth-cm.yaml
    Assume Role MFA token code: 123456
    Assume Role MFA token code: 123456
    could not get token: AccessDenied: MultiFactorAuthentication failed with invalid MFA one time pass code.
    
    0 讨论(0)
  • 2021-02-15 02:40

    For me the issue was related to mis-configuration in the ~/.kube/config file , after restoring the configurations using kubectl config view --raw >~/.kube/config it was resolved

    0 讨论(0)
  • 2021-02-15 02:44

    In my case, I experienced multiple errors while trying to run different kubectl commands like unauthorized, server has asked client to provide credentials, etc. After spending a few hours, I deduced that the sync to my cluster on cloud somehow gets messed up. So I run the following commands to refresh the configuration and it starts to work again:

    1. Unset users:

      kubectl config unset users.<full-user-name-as-found-in: kubectl config view>

    2. Remove cluster:

      kubectl config delete-cluster <full-cluster-name-as-found-in: kubectl config view>

    3. Remove context:

      kubectl config delete-context <full-context-name-as-found-in: kubectl config view>

    4. Default context:

      kubectl config use-context contexts

    5. Get fresh cluster config from cloud:

      ibmcloud cs cluster config --cluster <cluster-name>

    Note: I am using ibmcloud for my cluster so last command could be different in your case

    0 讨论(0)
  • 2021-02-15 02:48

    Looks like you misconfigured kublet:

    You missed the --client-ca-file flag in your Kubelet Service File

    That’s why you can get some general information from master, but can’t get access to nodes.

    This flag is responsible for certificate; without this flag, you can not get access to the nodes.

    0 讨论(0)
提交回复
热议问题