Kubernetes不创建证书 [英] Kubernetes doesnt create certificates
问题描述
我已经创建了证书cfssl,但是当我使用cfssl生成的文件生成Kubernetes证书时,我的Kubernetes返回以下错误:
I've created my certificate cfssl but when I generate my Kubernetes certificates with the file generated by cfssl, my Kubernetes returns the following error:
Error from server (BadRequest): error when creating "certificado.yml": CertificateSigningRequest in version "v1beta1" cannot be handled as a CertificateSigningRequest: v1beta1.CertificateSigningRequest.Spec: v1beta1.CertificateSigningRequestSpec.Usages: []v1beta1.KeyUsage: Request: decode base64: illegal base64 data at input byte 3, error found in #10 byte of ...| -d '\\n'","usages":|..., bigger context ...|,"request":"cat server.csr | base64 | tr -d '\\n'","usages":["digital signature","key encipherment",|...
我尝试在请求字段中不添加$(),但是它返回了相同的错误.
I've tried without $() in the request field but it returned the same error.
我的证书.yml:
apiVersion: certificates.k8s.io/v1beta1
kind: CertificateSigningRequest
metadata:
name: rasa-service.default
spec:
groups:
- system:authenticated
request: $(cat server.csr | base64 | tr -d '\n')
usages:
- digital signature
- key encipherment
- server auth
推荐答案
问题是以下几行:
request: $(cat server.csr | base64 | tr -d '\n')
此行包含一个不应该存在的 Bash命令替换因为kubectl无法解释bash代码.
This line contains a Bash command substitution that shouldn't be there since kubectl cannot interpret bash code.
I suspect instead of executing the command of the example you followed, you copied the contents into a file.
删除该文件,运行示例中的cat命令,您会很好的,因为该命令将执行替换并在request字段中填充正确的值.
Delete that file, run the cat command from the example and you will be fine, because the command will execute the substitution and fill the correct value in the request field.
结果应如下所示:
apiVersion: certificates.k8s.io/v1beta1
kind: CertificateSigningRequest
metadata:
name: rasa-service.default
spec:
groups:
- system:authenticated
request: authUlRGTQpSVEZNClJURk0KUlRGTQpSVEZNClJURk0KUlRGTQpSVEZNClJURk0KUlRGTQpSVEZNClJURk0=
usages:
- digital signature
- key encipherment
- server
这篇关于Kubernetes不创建证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
