我在 google 容器引擎上有两个 kubernetes 集群,但在不同的 google 帐户上(一个使用我公司的电子邮件,另一个使用我的个人电子邮件)。我尝试从一个集群切换到另一个集群。我这样做是通过:
使用我的其他电子邮件地址登录
$ gcloud init获取新的 kubectl 凭证
gcloud container cluster get-credentials测试是否连接到新集群
$ kubectl get po但是,我仍然无法获取集群中的kubernetes资源。我收到的错误是:
the server doesn't have a resource type "pods"发生这种情况是因为虽然我使用新凭据登录... kubectl 未使用新凭据。为了更改 kubectl 用于访问集群的登录/访问凭据,您需要运行以下命令:
gcloud auth application-default login
您将收到以下回复:
Your browser has been opened to visit:
https://accounts.google.com/o/oauth2/auth
redirect_uri=http%3A%2F%2Flocalhost%3A8085%2F&prompt=select_account&respons
e_type=code&client_id=...&
scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email
+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcloud-platform&access_type=offline
Credentials saved to file: [/Users/.../.config/gcloud/application_default_credentials.json]
These credentials will be used by any library that requests
Application Default Credentials.
然后获取集群凭证
gcloud container clusters get-credentials [cluster name/id]您现在应该能够使用 kubectl 访问集群。
TL;DR; 检查您的
~/.kube/configcurrent-context说明: 以下错误消息(表明某些核心对象不知道)通常是由于 kubectl 配置文件中缺少
current-contextthe server doesn't have a resource type "nodes"
the server doesn't have a resource type "pods"
the server doesn't have a resource type "services"
...
在这种情况下,所有上下文都会被忽略,并且 kubectl 尝试连接到 localhost:8080
如果您的计算机上的端口 8080 上本地运行任何内容,则会出现此奇怪的错误消息。
重现步骤(从工作配置):
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
(.... working access to your kubernetes cluster ...)
$ # EDIT ~/.kube/config file, and remove or comment the current-context entry
$ kubectl get nodes
The connection to the server localhost:8080 was refused - did you specify the right host or port?
$ docker run -d --name dummy_8080 -p 8080:80 nginx
(...)
$ kubectl get nodes
error: the server doesn't have a resource type "nodes"
$ # EDIT ~/.kube/config file, and restore the current-context entry
$ k get nodes
NAME STATUS ROLES AGE VERSION
(.... working access to your kubernetes cluster again ...)
$ docker rm -f dummy_8080