如何解决hes ls失败,超时/上下文截止时间已超过
$ helm2 version --debug
Client: &version.Version{SemVer:"v2.16.10",GitCommit:"bceca24a91639f045f22ab0f41e47589a932cf5e",GitTreeState:"clean"}
[debug] Created tunnel using local port: '34073'
[debug] SERVER: "127.0.0.1:34073"
Kubernetes: &version.Info{Major:"1",Minor:"15+",GitVersion:"v1.15.11-eks-14f01f",GitCommit:"14f01fe8f04411d5e187b220034ca2117d79f7de",GitTreeState:"clean",BuildDate:"2020-05-23T21:32:47Z",GoVersion:"go1.12.17",Compiler:"gc",Platform:"linux/amd64"}
127.0.0.1:34073[debug] context deadline exceeded
Error: cannot connect to Tiller
helm3也会提供空列表
$ helm ls -a
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
(⎈ |arn:aws:eks:eu-central-1:xxx:cluster/xxx:default)
code on master [!?]
➜ k get pods -n kube-system | grep tiller
tiller-deploy-69849bbd9-9lw6z 1/1 Running 0 31d
(⎈ |arn:aws:eks:eu-central-1:xxx:cluster/xxx:default)
code on master [!?]
➜ k get deployments -n kube-system | grep tiller
tiller-deploy 1/1 1 1 402d
(⎈ |arn:aws:eks:eu-central-1:xxx:cluster/xxx:default)
code on master [!?]
➜ k get sa -n kube-system | grep tiller
tiller 1 402d
(⎈ |arn:aws:eks:eu-central-1:xxx:cluster/xxx:default)
code on master [!?]
➜ k get clusterrole -n kube-system | grep tiller
(⎈ |arn:aws:eks:eu-central-1:xxx:cluster/xxx:default)
code on master [!?]
➜ k get clusterrolebinding -n kube-system | grep tiller
tiller 402d
(⎈ |arn:aws:eks:eu-central-1:xxx:cluster/xxx:default)
code on master [!?]
➜ k get service -n kube-system | grep tiller
tiller-deploy ClusterIP 10.100.23.25 <none> 44134/TCP 402d
解决方法
解决方案
结果证明分till已部署有您需要通过的SSL证书。
~/Development/tools/helm-2.14.2/helm list \
--tiller-connection-timeout 30 \
--tls \
--tls-ca-cert ssl/tiller/tiller-ca.crt \
--tls-cert ssl/tiller/tiller.crt \
--tls-key ssl/tiller/tiller.key \
--all \
--tiller-namespace kube-system
要获取证书,您必须执行以下操作:
export TILLER_NAMESPACE="kube-system"
kubectl get secrets/tiller-secret -n "$TILLER_NAMESPACE" -o "jsonpath={.data['ca\.crt']}" | base64 --decode > ssl/tiller/tiller-ca.crt
kubectl get secrets/tiller-secret -n "$TILLER_NAMESPACE" -o "jsonpath={.data['tls\.crt']}" | base64 --decode > ssl/tiller/tiller.crt
kubectl get secrets/tiller-secret -n "$TILLER_NAMESPACE" -o "jsonpath={.data['tls\.key']}" | base64 --decode > ssl/tiller/tiller.key
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。