Lab 5.1. Configuring TLS Access

eporart

Hi,
could you help me with this error when I tried to run curl command and the encoded keys to connect to the API server

student@cp:~$ kubectl config view |grep server
server: https://k8scp:6443

student@cp:~$ curl --cert ./client.pem --key ./client-key.pem --cacert ./ca.pem https://k8scp:6443/api/v1/pods
curl: (7) Failed to connect to k8scp port 6443: Connection refused

chrispokorni

Hi @eporart,

Can you confirm that the variables client, key, and auth from steps 2, 3, and 4 respectively are generated (and are assigned string values generated by the export commands?

If successful, can you validate that the encoded key values are stored by the client.pem, client-key.pem, and ca.pem files respectively, as assigned in step 5?

How is your cluster infrastructure provisioned? Local VMs or cloud instances? Does your infrastructure allow all ingress/inbound traffic from all sources, all protocols, to all port destinations?

Regards,
-Chris

eporart

Just was stop and start kubelet... now is working!
sudo systemctl stop kubelet
sudo systemctl start kubelet

       "imageID": "docker-pullable://vish/stress@sha256:b6456a3df6db5e063e1                                                       783153627947484a3db387be99e49708c70a9a15e7177",
        "containerID": "docker://c5ba07a62ae9acb8b4c3a70a6bbe2a24e22f88f471e                                                       2c7070bff1cfe0202edb6",
        "started": true
      }
    ],
    "qosClass": "Burstable"
  }
}

]
student@cp:~$

thanks Chris