Welcome to the Linux Foundation Forum!

Chapter 6 - Discovering API Groups


There is a typo in chapter 6 - Discovering API Groups:

We can take a closer look at the output of the request for current APIs. Each of the name values can be appended to the URL to see details of that group. For example, you could drill down to find included objects at this URL:

The URL is missing a dot:

Using the setup from the labs, the following URL will also work:

When using a web browser or curl, the result is ultimately this:

kind    "Status"
apiVersion  "v1"
metadata    {}
status  "Failure"
message "forbidden: User \"system:anonymous\" cannot get path \"/apis/apiregistrationk8s.io/v1beta1\""
reason  "Forbidden"
details {}
code    403

This is expected when I don't use authentication. As demonstrated in the previous lab, we can use curl when we supply the keys:
curl --cert client.pem --key client-key.pem --cacert ca.pem https://k8smaster:6443/apis/apiregistration.k8s.io/v1beta1

Copying these .pem keys to other machines allows remote access. I'm still looking for a way to include these keys so the browser (Firefox) will use them.


Upcoming Training