Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Client-Cert Error #64

Open
samsema4 opened this issue Jul 19, 2018 · 5 comments
Open

Client-Cert Error #64

samsema4 opened this issue Jul 19, 2018 · 5 comments
Labels
help wanted

Comments

@samsema4
Copy link 

  File "/usr/local/bin/kubetop", line 11, in <module>
    sys.exit(main())
  File "/usr/local/lib/python2.7/dist-packages/kubetop/_twistmain.py", line 79, in __call__
    ] + argv[1:])
  File "/usr/local/lib/python2.7/dist-packages/twisted/application/twist/_twist.py", line 124, in main
    options=options.subOptions,
  File "/usr/local/lib/python2.7/dist-packages/twisted/application/twist/_twist.py", line 62, in service
    service = plugin.makeService(options)
  File "/usr/local/lib/python2.7/dist-packages/kubetop/_twistmain.py", line 87, in _make_service
    return self.make_service(self, options)
  File "/usr/local/lib/python2.7/dist-packages/kubetop/_script.py", line 63, in makeService
    s = make_source(reactor, CONFIG, options["context"])
  File "/usr/local/lib/python2.7/dist-packages/kubetop/_topdata.py", line 32, in make_source
    kubernetes = network_kubernetes_from_context(reactor, context_name, config_path)
  File "/usr/local/lib/python2.7/dist-packages/txkube/_network.py", line 86, in network_kubernetes_from_context
    client_chain = parse(user[u"client-certificate"].bytes())
KeyError: u'client-certificate'

I already have a setup for gcloud & kube. Please explain how to generate this certificate & how to configure otherwise?
@atticlab
Copy link

Same error, on ubuntu 16.04, how to fix that ?!

@exarkun
Copy link
Contributor

exarkun commented Jul 19, 2018

Can you share the structure (but certainly not the secrets) of your kubeconfig file? What credentials do you have for accessing this cloud?

Support for this kind of credentials will probably need to be added to txkube (upon which kubetop is based).

@raybotha
Copy link

raybotha commented Apr 4, 2019
edited

I'm having the same issue with a gcloud GKE setup.

This is my redacted kubeconfig:

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: XXX=
    server: https://XXX
  name: gke_XXX
contexts:
- context:
    cluster: gke_XXX
    user: gke_XXX
  name: prod
current-context: prod
kind: Config
preferences: {}
users:
- name: gke_XXX
  user:
    auth-provider:
      config:
        access-token: XXX
        cmd-args: config config-helper --format=json
        cmd-path: /home/ray/google-cloud-sdk/bin/gcloud
        expiry: XXX
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp

@retsuca
Copy link

retsuca commented May 22, 2019

Any workaround for this problem?

@enesunal
Copy link

Had the same problem, probably it's about having RBAC enabled on the cluster.

A workaround would be using admin credentials (Note#1), but surely access tokens should be supported as well.

Note#1: Be aware that it isn't a good idea to use admin credentials against an RBAC enabled cluster.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@exarkun @retsuca @enesunal @raybotha @samsema4