urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='192.168.31.188', port=6443): Max retries exceeded with url: /apis/apps/v1/deployments (Caused by SSLError
(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')))
1. Token获得
kubectl create serviceaccount dashboard-admin -n kube-system
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
绿框中除了红框以外内容:
2. 报错原因
很明显这里报错是因为ssl安全原有.
解决方法有2种.
2.1 方法1
加上
configuration.verify_ssl = False
此时已经可以获得正确返回了,但还是会有一行提示信息.
InsecureRequestWarning: Unverified HTTPS request is being made to host '192.168.31.188'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
warnings.warn(
2.2 方法2
下载ca.crt
一般这个文件会在/etc/kubernetes/pki/
find / -name ca.crt
sz xxxx
并上传到同级目录下
加入
ca_file = os.path.join(os.path.join(os.getcwd(), "ca.crt"))
configuration.ssl_ca_cert = ca_file
configuration.verify_ssl = True
再次执行,报错消失
