问题
When I run Kubernetes in Docker for Mac, the Kube API only seems to be accessible from a secure endpoint of https://localhost:6443/
With minikube I was able to use an insecure endpoint for Kube API like http://localhost:8080/
Is there any way to use an insecure endpoint for Kube API in Kubernetes in Docker for Mac?
回答1:
You may be running an old version of Kubernetes with minikube.
The default insecure port for the kube-apiserver is 8080, but that's disabled on the latest Kubernetes versions in the kube-apiserver with the flag: --insecure-port=0.
You can always delete that line from your /etc/kubernetes/manifests/kube-apiserver.yaml file.
You also need to add this option --insecure-bind-address=0.0.0.0 as per this.
Then restart the kube-apiserver.
Tip: Docker/Kubernetes runs on xhyve VM(s) on your Mac. So to modify the Kubernetes configs you'll have to connect to your xhyve VM(s). You can do it with something like this: screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty or screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty
Adding more details: So the port 6443 is forwarded to the host using vpnkit. To make port 8080 available on the host you have to also expose that port with vpnkit. If you screen into the hyperkit vm you'll see that port mappings are defined in /var/vpnkit/port. There's a README file on that directory that you can follow to expose port 8080.
来源:https://stackoverflow.com/questions/52430091/can-i-use-an-insecure-endpoint-for-kubernetes-api-in-docker-for-mac