I proceeded with the work referring to the following site (I don't use EKS.I create k8s on ec2 using kops)
Getting Started with kOps on AWS
When I tried to call kubectl get service
I got the message: error: You must be logged in to the server (Unauthorized)
Here is what I did:
Setup IAM user(create user and add role)
Cluster State storage(S3)
Prepare local environment
export NAME=myfirstcluster.example.com
export KOPS_STATE_STORE=s3://prefix-example-com-state-store
Create cluster configuration
kops create cluster--zones=us-west-2a${NAME}
Build the Cluster
kops update cluster ${NAME} --yes
★success★
- When I try to access the cluster e.g.
kubectl get nodes
, I keep receiving error:You must be logged in to the server (Unauthorized)
Any idea how to fix this issue?
I tried some other way.
attach instance profile to EC2
delete
.kube/cache
kubectl apply -f aws-auth.yaml
apiVersion: v1 kind: ConfigMap metadata: name: aws-auth namespace: kube-system data: mapUsers: | - userarn: arn:aws:iam::xxxx:user/xxx username: xxx groups: - system:masters mapRoles: | - rolearn: arn:aws:iam::xxxx:role/xxx username: system:node:{{EC2PrivateDNSName}} groups: - system:bootstrappers - system:nodes
Same error: You must be logged in to the server (the server has asked for the client to provide credentials).
- Modify
.kube/config
users:
name: xxclusterNAMExxx user: exec: apiVersion: client.authentication.k8s.io/v1alpha1 command: aws-iam-authenticator args: - "token" - "-i" - "xxclusterNAMExxx" env: - name: AWS_PROFILE value: "xxxx"
All failed.