Lab 5.1 unable to finish - kubernetes-admin no longer access to api ?
curl --cert client.pem --key client-key.pem --cacert ca.pem https://10.142.0.2:6443/api/v1/pods
work well.
But:
curl --cert client.pem --key client-key.pem --cacert ca.pem -XPOST -H 'Content-Type: application/json' -d@curlpod.json https://10.142.0.2:6443/api/v1/pods
give this output:
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {
},
"status": "Failure",
"message": "the server does not allow this method on the requested resource",
"reason": "MethodNotAllowed",
"details": {
},
"code": 405
Comments
-
I was able to finish lab 5.1 just now, mostly as written. In my case, the one exception was that since I'm using minikube on Linux, I just directly used the cert/key files as shown below:
$ curl --cert .minikube/client.crt --key .minikube/client.key --cacert .minikube/ca.crt https://192.168.99.100:8443/api/v1/namespaces/default/pods -XPOST -H'Content-Type: application/json' -d@curlpod.json { "kind": "Pod", "apiVersion": "v1", "metadata": { "name": "curlpod", "namespace": "default", "selfLink": "/api/v1/namespaces/default/pods/curlpod", "uid": "56353669-0c7e-11e9-8a4e-080027d81532", "resourceVersion": "19159", "creationTimestamp": "2018-12-30T22:00:36Z", "labels": { "name": "examplepod" } }, "spec": { "volumes": [ { "name": "default-token-wc2fg", "secret": { "secretName": "default-token-wc2fg", "defaultMode": 420 } } ], "containers": [ { "name": "nginx", "image": "nginx", "ports": [ { "containerPort": 80, "protocol": "TCP" } ], "resources": { }, "volumeMounts": [ { "name": "default-token-wc2fg", "readOnly": true, "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount" } ], "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "imagePullPolicy": "Always" } ], "restartPolicy": "Always", "terminationGracePeriodSeconds": 30, "dnsPolicy": "ClusterFirst", "serviceAccountName": "default", "serviceAccount": "default", "securityContext": { }, "schedulerName": "default-scheduler", "tolerations": [ { "key": "node.kubernetes.io/not-ready", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300 }, { "key": "node.kubernetes.io/unreachable", "operator": "Exists", "effect": "NoExecute", "tolerationSeconds": 300 } ], "priority": 0 }, "status": { "phase": "Pending", "qosClass": "BestEffort" } }Here you can see that the pod was created:
$ kubectl get pods NAME READY STATUS RESTARTS AGE curlpod 1/1 Running 0 2m51s
0 -
Hi @traq ,
If step 7 worked ok for you, on step 9 did you attempt to curl to "https://10.142.0.2:6443/api/v1/namespaces/default/pods"?
That's the URL used in step 9 in the Lab manual, and it is different than the URL from step 7.
In step 7 you are just making an inquiry to the API server, to verify that you can connect via the ca, cert and key files.
In step 9 you are creating a pod, and that resource will be created and saved under ".../api/v1/namespaces/default/pods" directory.
Regards,
-Chris0 -
This:
url --cert ./client.pem --key ./client-key.pem --cacert ./ca.pem -XPOST -H 'Content-Type: application/json' -d@curlpod.json https://10.142.0.2:6443/api/v1/namespaces/default/pods
work well, and
kubectl get pod
NAME READY STATUS RESTARTS AGE
busybox 0/1 Completed 0 3d22h
curlpod 1/1 Running 0 3sSo it's good be update Lab 5.1, because:
curl --cert ./client.pem --key ./client-key.pem --cacert ./ca.pem -XPOST -H 'Content-Type: application/json' -d@curlpod.json https://10.142.0.2:6443/api/v1/pods
not working any more0 -
@traq
That is the URL in Lab 5.1 step 9.
If the URL from step 7 (.../api/v1/pods) is used with the curl command in step 9, it will not work. So in order to get a successful output in step 9, the URL has to be used as it is provided in the Lab 5.1 in step 9 (.../api/v1/namespaces/default/pods).
-Chris1
Categories
- All Categories
- 177 LFX Mentorship
- 177 LFX Mentorship: Linux Kernel
- 750 Linux Foundation IT Professional Programs
- 373 Cloud Engineer IT Professional Program
- 169 Advanced Cloud Engineer IT Professional Program
- 74 DevOps IT Professional Program - Discontinued
- 4 DevOps & GitOps IT Professional Program
- 99 Cloud Native Developer IT Professional Program
- 7.6K Training Courses & Learning Paths
- 1 AI & ML Training
- 1 Blockchain & Decentralized Identity Training
- 3 Cloud & Containers Training
- 1 Cybersecurity Training
- 2 DevOps & Site-Reliability Training
- 1 Linux Kernel Development Training
- 1 Networking Training
- 1 Open Source Best Practice Training
- 1 System Administration Training
- 1 System Engineering Training
- 1 Web & Application Development Training
- 792 Hardware
- 202 Drivers
- 68 I/O Devices
- 37 Monitors
- 95 Multimedia
- 173 Networking
- 91 Printers & Scanners
- 87 Storage
- 769 Linux Distributions
- 81 Debian
- 68 Fedora
- 22 Linux Mint
- 13 Mageia
- 24 openSUSE
- 150 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 356 Ubuntu
- 465 Linux System Administration
- 31 Cloud Computing
- 73 Command Line/Scripting
- Github systems admin projects
- 98 Linux Security
- 78 Network Management
- 101 System Management
- 46 Web Management
- 106 Mobile Computing
- 18 Android
- 73 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 392 Off Topic
- 121 Introductions
- 181 Small Talk
- 29 Study Material
- 955 Programming and Development
- 310 Kernel Development
- 627 Software Development
- 983 Software
- 375 Applications
- 182 Command Line
- 5 Compiling/Installing
- 68 Games
- 317 Installation
- Archived
- 2 LFD140 Class Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)