kubernetes – tls: failed to verify certificate: x509: certificate is valid for 10.x.x.x
I want to configure Jenkins sever to execute commands into Kubernetes. I created token using:
kubectl create sa cicd
kubectl get sa,secret
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
name: cicd
spec:
serviceAccount: cicd
containers:
- image: nginx
name: cicd
EOF
kubectl exec cicd -- cat /run/secrets/kubernetes.io/serviceaccount/token && echo
kubectl create token cicd
kubectl create token cicd --duration=999999h
kubectl create clusterrole cicd --verb=get,list --resource=namespaces
kubectl create clusterrolebinding cicd --clusterrole=cicd --serviceaccount=default:cicd
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: cicd
annotations:
kubernetes.io/service-account.name: "cicd"
EOF
kubectl get sa,secret
kubectl describe secret cicd
kubectl describe sa cicd
kubectl get sa cicd -oyaml
kubectl get sa,secret
Test:
curl -k https://10.0.0.x:6443/api/v1/namespaces -H "Authorization: Bearer <.......>"
I copied this secrets file ~./kube/config
apiVersion: v1
kind: Config
preferences: {}
clusters:
- cluster:
certificate-authority-data: <.....>
server: https://10.0.0.x:6443
name: cluster.local
contexts:
- context:
cluster: cluster.local
user: grafana
name: grafana
current-context: grafana
users:
- name: grafana
user:
token: <.....>
Jenkins configuration:
pipeline {
agent any
stages {
.......
stage('helm deploy') {
steps {
script {
withKubeConfig([credentialsId: 'config_de']) {
..........
}
}
}
}
}
}
But I get error:
Error: Kubernetes cluster unreachable: Get "https://x.x.x.x:6443/version": tls: failed to verify certificate: x509: certificate is valid for 10.x.x.x, 10.x.x.x, 127.0.0.1, not x.x.x.x
Do you know how I have to configure the IP properly?
Read more here: Source link