Kubernetes master is returning 401 Unauthorized error
minikube doesn't start with basic-auth. So there is not username & password for apiserver by default. To access apiserver, you need to use apiserver certificates. That`s how you will be authorized.
curl https://192.168.99.100:8443 --cert ~/.minikube/apiserver.crt --key ~/.minikube/apiserver.key --cacert ~/.minikube/ca.crt
See details:
Get your minikube IP address
$ minikube ip
192.168.99.100
The API server runs on 8443 by default
Now try to connect apiserver using this
$ curl https://192.168.99.100:8443
curl: (60) SSL certificate problem: unable to get local issuer certificate
Need to provide CA certificate
$ curl https://192.168.99.100:8443 --cacert ~/.minikube/ca.crt
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {
},
"status": "Failure",
"message": "Unauthorized",
"reason": "Unauthorized",
"code": 401
}⏎
Now you need to provide apiserver SSL certificate and key
curl https://192.168.99.100:8443 --cert ~/.minikube/apiserver.crt --key ~/.minikube/apiserver.key --cacert ~/.minikube/ca.crt
{
"paths": [
"/api",
"/api/v1",
....
"/ui",
"/ui/",
"/version"
]
}⏎
Note: You can proxy apiserver too
$ kubectl proxy --port=8433
$ curl 127.0.0.1:8433
Now you do not need to provide any certificates. And you are authorized
Rajkumar Natarajan
Updated on June 07, 2022Comments
-
Rajkumar Natarajan almost 2 years
I have installed minikube, kubectl in my laptop.
When I run
kubectl cluster-infoin get the belowKubernetes master is running at https://10.168.99.10:8443when I connect to https://10.168.99.10:8443 I get the below response.
{ "kind": "Status", "apiVersion": "v1", "metadata": { }, "status": "Failure", "message": "Unauthorized", "reason": "Unauthorized", "code": 401 }When installed kubectl/minikube didn't prompt for user/password. What is the default user/password to connect.
-
Shahriar about 6 yearsIf you use browser, search how to add certificate in browser. It will work
