Welcome to the Linux Foundation Forum!

Lab 5.1. Configuring TLS Access


could you help me with this error when I tried to run curl command and the encoded keys to connect to the API server

student@cp:~$ kubectl config view |grep server
server: https://k8scp:6443

student@cp:~$ curl --cert ./client.pem --key ./client-key.pem --cacert ./ca.pem https://k8scp:6443/api/v1/pods
curl: (7) Failed to connect to k8scp port 6443: Connection refused


  • chrispokorni
    chrispokorni Posts: 2,165

    Hi @eporart,

    Can you confirm that the variables client, key, and auth from steps 2, 3, and 4 respectively are generated (and are assigned string values generated by the export commands?

    If successful, can you validate that the encoded key values are stored by the client.pem, client-key.pem, and ca.pem files respectively, as assigned in step 5?

    How is your cluster infrastructure provisioned? Local VMs or cloud instances? Does your infrastructure allow all ingress/inbound traffic from all sources, all protocols, to all port destinations?


  • eporart
    eporart Posts: 26

    Just was stop and start kubelet... now is working!
    sudo systemctl stop kubelet
    sudo systemctl start kubelet

           "imageID": "docker-pullable://vish/stress@sha256:b6456a3df6db5e063e1                                                       783153627947484a3db387be99e49708c70a9a15e7177",
            "containerID": "docker://c5ba07a62ae9acb8b4c3a70a6bbe2a24e22f88f471e                                                       2c7070bff1cfe0202edb6",
            "started": true
        "qosClass": "Burstable"


    thanks Chris


Upcoming Training