kubeconfig 文件
kubelet、kube-proxy 等 Node 机器上的进程与 Master 机器的 kube-apiserver 进程通信时需要认证和授权;
kubernetes 1.4 开始支持由 kube-apiserver 为客户端生成 TLS 证书的 TLS Bootstrapping 功能,这样就不需要为每个客户端生成证书了;该功能当前仅支持为 kubelet 生成证书;
创建 TLS Bootstrapping Token
Token可以是任意的包涵128 bit的字符串,可以使用安全的随机数发生器生成。
创建Token文件
[root@etcd-1 ~]# export BOOTSTRAP_TOKEN=$(head -c 16 /dev/urandom | od -An -t x | tr -d ' ')
[root@etcd-1 ~]# echo $BOOTSTRAP_TOKEN
eeaa2adfe0cb361321349c89130d69e6
[root@etcd-1 ~]# cat > token.csv <<EOF
> ${BOOTSTRAP_TOKEN},kubelet-bootstrap,10001,"system:kubelet-bootstrap"
> EOF
[root@etcd-1 ~]# cp token.csv /etc/kubernetes/
将token文件拷贝全部集群机器
安装kubectl命令
$ wget https://dl.k8s.io/v1.6.0/kubernetes-client-linux-amd64.tar.gz
$ tar -xzvf kubernetes-client-linux-amd64.tar.gz
$ cp kubernetes/client/bin/kube* /usr/bin/
$ chmod a+x /usr/bin/kube*
创建 kubelet bootstrapping kubeconfig 文件
--embed-certs 为 true 时表示将 certificate-authority 证书写入到生成的 bootstrap.kubeconfig 文件中;
设置客户端认证参数时没有指定秘钥和证书,后续由 kube-apiserver 自动生成;
$ cd /etc/kubernetes
$ export KUBE_APISERVER="https://192.168.19.101:6443"
$ # 设置集群参数
$ kubectl config set-cluster kubernetes \
--certificate-authority=/etc/kubernetes/ssl/ca.pem \
--embed-certs=true \
--server=${KUBE_APISERVER} \
--kubeconfig=bootstrap.kubeconfig
Cluster "kubernetes" set.
$ cat bootstrap.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2RENDQXFTZ0F3SUJBZ0lVVmRqV0JqNFdyRG1pSlowQ1ZtY1BhYlFlWXFvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UYzFOVEF3V2hjTk1qSXhNREV3TVRjMU5UQXdXakJrTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhFakFRQmdOVkJBTVRDWEJoYm1waUxXczRjekNDCkFTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTVBwRldjMlh6cVdEVEtaL29vdmlzQWUKWUJ0U0RtcXhXVXZ6ZmtsYW9BNHFvVW9zUFQxSXZXZVAvd0FkL2x5RS9YN056NEVPY3JYSDNscFozeVJYZlF6YgpYVitpK29XcFhoc1VlQnFKcXc4VDVjWTBNWTNzaEdwNHd5WkF4RjV1QTJ0MHJKRmFLc2cwaWtMRjRLRGYwRGV0CngwUHFSbXIxK2xmRFhzMmp4blIxNm1DY1NMTHJwblVQclpYWnVLeXdMTEtVVzB2cGdaZmVsaUdBRy8vSDZ5aVgKeU5mRDdlUWJsVmVhOWpjYnNpWWR1TUZoc3lNdVFvL1RsTUxub1hkNDJ0cFd6czh3YnVpNWRCNXhpTmx2dmhSNQpSZlNHMmwrQUE5bkdlNUNFM21IUHF0WURBT0Q5OUpEcUM1L1U1SEF0aEJJUkNuVEdvdnNrNDRyTGhDR1FURjBDCkF3RUFBYU5tTUdRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFJd0hRWUQKVlIwT0JCWUVGS0dZczBHN0ZuVVZyTXE3T1ZxaVZWZjRNVkVuTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVgpyTXE3T1ZxaVZWZjRNVkVuTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCQjErTExCWWRocm1sUFQ2anpVOGtnCm1KQk1wYU5iclFQQW5HV0p1VHBXQXRYNlJQZEJTY09DelZRTDcxT1ZNcGgwU1NSb21HazZZS1FZTjljVS9weGEKUUNCZlRWVUhXMnB5R2tXZE9LWEl5UVA2MWEwOEVaYU84aVkzN3VEZEYrb2VMVWhoRUQ0c3dHcXBXblhib3c4cwppdmh6aytDVUgwZ2NFZXFRY0dseW9FN3NVaXdJM3gwOWRkSUJUTW1JdnR2SDFkWHMyWnFhYTJ2UXBHY3MyL3huClZUbloyMlRWTlpQREtYcHJKemhCNUVpM3l6SnlaYkJJZ2xUSDUrVS9wQ2QwU0pUNHcxcW5EWGRnQ2hyY1l1aHgKTVd5c2RoWndpcjB5blcrZE9QZnhGeHlFQUhMRktDSlR6WVZPdXp1Ujlqd2UxeHlJVmNBemltZXNQb2xCNHRiegotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.19.101:6443
name: kubernetes
contexts: []
current-context: ""
kind: Config
preferences: {}
users: []
$ # 设置客户端认证参数
$ kubectl config set-credentials kubelet-bootstrap \
--token=${BOOTSTRAP_TOKEN} \
--kubeconfig=bootstrap.kubeconfig
User "kubelet-bootstrap" set.
$ cat bootstrap.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2RENDQXFTZ0F3SUJBZ0lVVmRqV0JqNFdyRG1pSlowQ1ZtY1BhYlFlWXFvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UYzFOVEF3V2hjTk1qSXhNREV3TVRjMU5UQXdXakJrTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhFakFRQmdOVkJBTVRDWEJoYm1waUxXczRjekNDCkFTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTVBwRldjMlh6cVdEVEtaL29vdmlzQWUKWUJ0U0RtcXhXVXZ6ZmtsYW9BNHFvVW9zUFQxSXZXZVAvd0FkL2x5RS9YN056NEVPY3JYSDNscFozeVJYZlF6YgpYVitpK29XcFhoc1VlQnFKcXc4VDVjWTBNWTNzaEdwNHd5WkF4RjV1QTJ0MHJKRmFLc2cwaWtMRjRLRGYwRGV0CngwUHFSbXIxK2xmRFhzMmp4blIxNm1DY1NMTHJwblVQclpYWnVLeXdMTEtVVzB2cGdaZmVsaUdBRy8vSDZ5aVgKeU5mRDdlUWJsVmVhOWpjYnNpWWR1TUZoc3lNdVFvL1RsTUxub1hkNDJ0cFd6czh3YnVpNWRCNXhpTmx2dmhSNQpSZlNHMmwrQUE5bkdlNUNFM21IUHF0WURBT0Q5OUpEcUM1L1U1SEF0aEJJUkNuVEdvdnNrNDRyTGhDR1FURjBDCkF3RUFBYU5tTUdRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFJd0hRWUQKVlIwT0JCWUVGS0dZczBHN0ZuVVZyTXE3T1ZxaVZWZjRNVkVuTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVgpyTXE3T1ZxaVZWZjRNVkVuTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCQjErTExCWWRocm1sUFQ2anpVOGtnCm1KQk1wYU5iclFQQW5HV0p1VHBXQXRYNlJQZEJTY09DelZRTDcxT1ZNcGgwU1NSb21HazZZS1FZTjljVS9weGEKUUNCZlRWVUhXMnB5R2tXZE9LWEl5UVA2MWEwOEVaYU84aVkzN3VEZEYrb2VMVWhoRUQ0c3dHcXBXblhib3c4cwppdmh6aytDVUgwZ2NFZXFRY0dseW9FN3NVaXdJM3gwOWRkSUJUTW1JdnR2SDFkWHMyWnFhYTJ2UXBHY3MyL3huClZUbloyMlRWTlpQREtYcHJKemhCNUVpM3l6SnlaYkJJZ2xUSDUrVS9wQ2QwU0pUNHcxcW5EWGRnQ2hyY1l1aHgKTVd5c2RoWndpcjB5blcrZE9QZnhGeHlFQUhMRktDSlR6WVZPdXp1Ujlqd2UxeHlJVmNBemltZXNQb2xCNHRiegotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.19.101:6443
name: kubernetes
contexts: []
current-context: ""
kind: Config
preferences: {}
users:
- name: kubelet-bootstrap
user:
as-user-extra: {}
token: eeaa2adfe0cb361321349c89130d69e6
$ # 设置上下文参数
$ kubectl config set-context default \
--cluster=kubernetes \
--user=kubelet-bootstrap \
--kubeconfig=bootstrap.kubeconfig
Context "default" created.
$ cat t bootstrap.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2RENDQXFTZ0F3SUJBZ0lVVmRqV0JqNFdyRG1pSlowQ1ZtY1BhYlFlWXFvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UYzFOVEF3V2hjTk1qSXhNREV3TVRjMU5UQXdXakJrTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhFakFRQmdOVkJBTVRDWEJoYm1waUxXczRjekNDCkFTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTVBwRldjMlh6cVdEVEtaL29vdmlzQWUKWUJ0U0RtcXhXVXZ6ZmtsYW9BNHFvVW9zUFQxSXZXZVAvd0FkL2x5RS9YN056NEVPY3JYSDNscFozeVJYZlF6YgpYVitpK29XcFhoc1VlQnFKcXc4VDVjWTBNWTNzaEdwNHd5WkF4RjV1QTJ0MHJKRmFLc2cwaWtMRjRLRGYwRGV0CngwUHFSbXIxK2xmRFhzMmp4blIxNm1DY1NMTHJwblVQclpYWnVLeXdMTEtVVzB2cGdaZmVsaUdBRy8vSDZ5aVgKeU5mRDdlUWJsVmVhOWpjYnNpWWR1TUZoc3lNdVFvL1RsTUxub1hkNDJ0cFd6czh3YnVpNWRCNXhpTmx2dmhSNQpSZlNHMmwrQUE5bkdlNUNFM21IUHF0WURBT0Q5OUpEcUM1L1U1SEF0aEJJUkNuVEdvdnNrNDRyTGhDR1FURjBDCkF3RUFBYU5tTUdRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFJd0hRWUQKVlIwT0JCWUVGS0dZczBHN0ZuVVZyTXE3T1ZxaVZWZjRNVkVuTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVgpyTXE3T1ZxaVZWZjRNVkVuTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCQjErTExCWWRocm1sUFQ2anpVOGtnCm1KQk1wYU5iclFQQW5HV0p1VHBXQXRYNlJQZEJTY09DelZRTDcxT1ZNcGgwU1NSb21HazZZS1FZTjljVS9weGEKUUNCZlRWVUhXMnB5R2tXZE9LWEl5UVA2MWEwOEVaYU84aVkzN3VEZEYrb2VMVWhoRUQ0c3dHcXBXblhib3c4cwppdmh6aytDVUgwZ2NFZXFRY0dseW9FN3NVaXdJM3gwOWRkSUJUTW1JdnR2SDFkWHMyWnFhYTJ2UXBHY3MyL3huClZUbloyMlRWTlpQREtYcHJKemhCNUVpM3l6SnlaYkJJZ2xUSDUrVS9wQ2QwU0pUNHcxcW5EWGRnQ2hyY1l1aHgKTVd5c2RoWndpcjB5blcrZE9QZnhGeHlFQUhMRktDSlR6WVZPdXp1Ujlqd2UxeHlJVmNBemltZXNQb2xCNHRiegotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.19.101:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubelet-bootstrap
name: default
current-context: ""
kind: Config
preferences: {}
users:
- name: kubelet-bootstrap
user:
as-user-extra: {}
token: eeaa2adfe0cb361321349c89130d69e6
$ # 设置默认上下文
$ kubectl config use-context default --kubeconfig=bootstrap.kubeconfig
Switched to context "default".
$ cat bootstrap.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2RENDQXFTZ0F3SUJBZ0lVVmRqV0JqNFdyRG1pSlowQ1ZtY1BhYlFlWXFvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UYzFOVEF3V2hjTk1qSXhNREV3TVRjMU5UQXdXakJrTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhFakFRQmdOVkJBTVRDWEJoYm1waUxXczRjekNDCkFTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTVBwRldjMlh6cVdEVEtaL29vdmlzQWUKWUJ0U0RtcXhXVXZ6ZmtsYW9BNHFvVW9zUFQxSXZXZVAvd0FkL2x5RS9YN056NEVPY3JYSDNscFozeVJYZlF6YgpYVitpK29XcFhoc1VlQnFKcXc4VDVjWTBNWTNzaEdwNHd5WkF4RjV1QTJ0MHJKRmFLc2cwaWtMRjRLRGYwRGV0CngwUHFSbXIxK2xmRFhzMmp4blIxNm1DY1NMTHJwblVQclpYWnVLeXdMTEtVVzB2cGdaZmVsaUdBRy8vSDZ5aVgKeU5mRDdlUWJsVmVhOWpjYnNpWWR1TUZoc3lNdVFvL1RsTUxub1hkNDJ0cFd6czh3YnVpNWRCNXhpTmx2dmhSNQpSZlNHMmwrQUE5bkdlNUNFM21IUHF0WURBT0Q5OUpEcUM1L1U1SEF0aEJJUkNuVEdvdnNrNDRyTGhDR1FURjBDCkF3RUFBYU5tTUdRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFJd0hRWUQKVlIwT0JCWUVGS0dZczBHN0ZuVVZyTXE3T1ZxaVZWZjRNVkVuTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVgpyTXE3T1ZxaVZWZjRNVkVuTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCQjErTExCWWRocm1sUFQ2anpVOGtnCm1KQk1wYU5iclFQQW5HV0p1VHBXQXRYNlJQZEJTY09DelZRTDcxT1ZNcGgwU1NSb21HazZZS1FZTjljVS9weGEKUUNCZlRWVUhXMnB5R2tXZE9LWEl5UVA2MWEwOEVaYU84aVkzN3VEZEYrb2VMVWhoRUQ0c3dHcXBXblhib3c4cwppdmh6aytDVUgwZ2NFZXFRY0dseW9FN3NVaXdJM3gwOWRkSUJUTW1JdnR2SDFkWHMyWnFhYTJ2UXBHY3MyL3huClZUbloyMlRWTlpQREtYcHJKemhCNUVpM3l6SnlaYkJJZ2xUSDUrVS9wQ2QwU0pUNHcxcW5EWGRnQ2hyY1l1aHgKTVd5c2RoWndpcjB5blcrZE9QZnhGeHlFQUhMRktDSlR6WVZPdXp1Ujlqd2UxeHlJVmNBemltZXNQb2xCNHRiegotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.19.101:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubelet-bootstrap
name: default
current-context: default
kind: Config
preferences: {}
users:
- name: kubelet-bootstrap
user:
as-user-extra: {}
token: eeaa2adfe0cb361321349c89130d69e6
创建 kubelet kube-proxy.kubeconfig 文件
设置集群参数和客户端认证参数时 --embed-certs 都为 true,这会将 certificate-authority、client-certificate 和client-key 指向的证书文件内容写入到生成的 kube-proxy.kubeconfig 文件中;
kube-proxy.pem 证书中 CN 为 system:kube-proxy,kube-apiserver 预定义的 RoleBinding cluster-admin 将Usersystem:kube-proxy 与 Role system:node-proxier 绑定,该 Role 授予了调用 kube-apiserver Proxy 相关 API 的权限;
$ # 设置集群参数
$ kubectl config set-cluster kubernetes \
--certificate-authority=/etc/kubernetes/ssl/ca.pem \
--embed-certs=true \
--server=${KUBE_APISERVER} \
--kubeconfig=kube-proxy.kubeconfig
Cluster "kubernetes" set.
$ cat kube-proxy.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2RENDQXFTZ0F3SUJBZ0lVVmRqV0JqNFdyRG1pSlowQ1ZtY1BhYlFlWXFvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UYzFOVEF3V2hjTk1qSXhNREV3TVRjMU5UQXdXakJrTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhFakFRQmdOVkJBTVRDWEJoYm1waUxXczRjekNDCkFTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTVBwRldjMlh6cVdEVEtaL29vdmlzQWUKWUJ0U0RtcXhXVXZ6ZmtsYW9BNHFvVW9zUFQxSXZXZVAvd0FkL2x5RS9YN056NEVPY3JYSDNscFozeVJYZlF6YgpYVitpK29XcFhoc1VlQnFKcXc4VDVjWTBNWTNzaEdwNHd5WkF4RjV1QTJ0MHJKRmFLc2cwaWtMRjRLRGYwRGV0CngwUHFSbXIxK2xmRFhzMmp4blIxNm1DY1NMTHJwblVQclpYWnVLeXdMTEtVVzB2cGdaZmVsaUdBRy8vSDZ5aVgKeU5mRDdlUWJsVmVhOWpjYnNpWWR1TUZoc3lNdVFvL1RsTUxub1hkNDJ0cFd6czh3YnVpNWRCNXhpTmx2dmhSNQpSZlNHMmwrQUE5bkdlNUNFM21IUHF0WURBT0Q5OUpEcUM1L1U1SEF0aEJJUkNuVEdvdnNrNDRyTGhDR1FURjBDCkF3RUFBYU5tTUdRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFJd0hRWUQKVlIwT0JCWUVGS0dZczBHN0ZuVVZyTXE3T1ZxaVZWZjRNVkVuTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVgpyTXE3T1ZxaVZWZjRNVkVuTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCQjErTExCWWRocm1sUFQ2anpVOGtnCm1KQk1wYU5iclFQQW5HV0p1VHBXQXRYNlJQZEJTY09DelZRTDcxT1ZNcGgwU1NSb21HazZZS1FZTjljVS9weGEKUUNCZlRWVUhXMnB5R2tXZE9LWEl5UVA2MWEwOEVaYU84aVkzN3VEZEYrb2VMVWhoRUQ0c3dHcXBXblhib3c4cwppdmh6aytDVUgwZ2NFZXFRY0dseW9FN3NVaXdJM3gwOWRkSUJUTW1JdnR2SDFkWHMyWnFhYTJ2UXBHY3MyL3huClZUbloyMlRWTlpQREtYcHJKemhCNUVpM3l6SnlaYkJJZ2xUSDUrVS9wQ2QwU0pUNHcxcW5EWGRnQ2hyY1l1aHgKTVd5c2RoWndpcjB5blcrZE9QZnhGeHlFQUhMRktDSlR6WVZPdXp1Ujlqd2UxeHlJVmNBemltZXNQb2xCNHRiegotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.19.101:6443
name: kubernetes
contexts: []
current-context: ""
kind: Config
preferences: {}
users: []
$ # 设置客户端认证参数
$ kubectl config set-credentials kube-proxy \
--client-certificate=/etc/kubernetes/ssl/kube-proxy.pem \
--client-key=/etc/kubernetes/ssl/kube-proxy-key.pem \
--embed-certs=true \
--kubeconfig=kube-proxy.kubeconfig
User "kube-proxy" set.
$ cat kube-proxy.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2RENDQXFTZ0F3SUJBZ0lVVmRqV0JqNFdyRG1pSlowQ1ZtY1BhYlFlWXFvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UYzFOVEF3V2hjTk1qSXhNREV3TVRjMU5UQXdXakJrTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhFakFRQmdOVkJBTVRDWEJoYm1waUxXczRjekNDCkFTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTVBwRldjMlh6cVdEVEtaL29vdmlzQWUKWUJ0U0RtcXhXVXZ6ZmtsYW9BNHFvVW9zUFQxSXZXZVAvd0FkL2x5RS9YN056NEVPY3JYSDNscFozeVJYZlF6YgpYVitpK29XcFhoc1VlQnFKcXc4VDVjWTBNWTNzaEdwNHd5WkF4RjV1QTJ0MHJKRmFLc2cwaWtMRjRLRGYwRGV0CngwUHFSbXIxK2xmRFhzMmp4blIxNm1DY1NMTHJwblVQclpYWnVLeXdMTEtVVzB2cGdaZmVsaUdBRy8vSDZ5aVgKeU5mRDdlUWJsVmVhOWpjYnNpWWR1TUZoc3lNdVFvL1RsTUxub1hkNDJ0cFd6czh3YnVpNWRCNXhpTmx2dmhSNQpSZlNHMmwrQUE5bkdlNUNFM21IUHF0WURBT0Q5OUpEcUM1L1U1SEF0aEJJUkNuVEdvdnNrNDRyTGhDR1FURjBDCkF3RUFBYU5tTUdRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFJd0hRWUQKVlIwT0JCWUVGS0dZczBHN0ZuVVZyTXE3T1ZxaVZWZjRNVkVuTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVgpyTXE3T1ZxaVZWZjRNVkVuTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCQjErTExCWWRocm1sUFQ2anpVOGtnCm1KQk1wYU5iclFQQW5HV0p1VHBXQXRYNlJQZEJTY09DelZRTDcxT1ZNcGgwU1NSb21HazZZS1FZTjljVS9weGEKUUNCZlRWVUhXMnB5R2tXZE9LWEl5UVA2MWEwOEVaYU84aVkzN3VEZEYrb2VMVWhoRUQ0c3dHcXBXblhib3c4cwppdmh6aytDVUgwZ2NFZXFRY0dseW9FN3NVaXdJM3gwOWRkSUJUTW1JdnR2SDFkWHMyWnFhYTJ2UXBHY3MyL3huClZUbloyMlRWTlpQREtYcHJKemhCNUVpM3l6SnlaYkJJZ2xUSDUrVS9wQ2QwU0pUNHcxcW5EWGRnQ2hyY1l1aHgKTVd5c2RoWndpcjB5blcrZE9QZnhGeHlFQUhMRktDSlR6WVZPdXp1Ujlqd2UxeHlJVmNBemltZXNQb2xCNHRiegotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.19.101:6443
name: kubernetes
contexts: []
current-context: ""
kind: Config
preferences: {}
users:
- name: kube-proxy
user:
as-user-extra: {}
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQzVENDQXNXZ0F3SUJBZ0lVY0xLZDVSR2ZSbmgrcS9wNjg1U1BQNmNPVUtZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UZ3lNVEF3V2hjTk1qY3hNREE1TVRneU1UQXdXakJzTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhHakFZQmdOVkJBTVRFWE41YzNSbGJUcHJkV0psCkxYQnliM2g1TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFvNWtIQ2JsSUFHd1oKVlFIeElmeWxjZUFpNFIxenllT242b041MDN6ZnUvbDFyL3lvVndzYlM2L0tSZkZ1UGg2bEM4M0xOVWxnaVFOTgpXSVpxUFNhRnJwK3pReHJrVTU0M2k2dnBvalFCdHljdmw1QjUwTWFEcFNrak9MRHVnYk4zV0V5T1A3c0tpTzN2CjYwSHhKTlptRlo0aHNnOWd6RmRLNXpPUHArd3RJZzhyQWx0Q01nNU5NMUoraWpwU2puTTBibXpGbXRqMldMVkkKVG1zdWVFNkROaGZyVXVGdC95SmhjdzNOaCttRTRNWlh2MDVLTGZKK2NDRzRSUHZnYXo1NGJjS3RwVUdacmc5ZgpWOTJuV3JrWDMvWEpTa09NQWk2T05PYWtoZlRoVXJtb0lGUWFmQWFzdUwwTUdVakkxQWdpVEk4UlZaei9La3ZvCk42MlRnWlkrSlFJREFRQUJvMzh3ZlRBT0JnTlZIUThCQWY4RUJBTUNCYUF3SFFZRFZSMGxCQll3RkFZSUt3WUIKQlFVSEF3RUdDQ3NHQVFVRkJ3TUNNQXdHQTFVZEV3RUIvd1FDTUFBd0hRWURWUjBPQkJZRUZERE9JSmdEZEJHagpMUmpTNEhSUDVxUG1YUG1nTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVnJNcTdPVnFpVlZmNE1WRW5NQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElCQVFBRzVrbkVocGRTOWJzalBKOCswN3dCOWpqSFdWUEhEU0daQWtURnRDbE0Ka29jamRES1lTbmk1SDBiTys3eE5BVkRHMG9IRnQvcDlMeVVIaXdTRG1iMlgraWVIZWFzeHhka0RrVkt3Q1hGLwpjaDNqS3VmaHlidVZoN3phSHRwRXBqaUs5Tkw3UW40Q3cvQlFxTDRXaE9UbzI2T0JHcVp3a244ZGVGOHBPS0V1CkpZNGFscm1hd242c01ZVUh5S3QzeWcya1YxQ3o0aVhhR0ltTnVCTUZHNGRzTU02czAyUWh5UXFiT1h4bzlpdloKOFNlVDRSeFd3TFlNOVk5OTduT3JkVTY3RGl0ZGJtZnhrRThTMjR5aldKUFZDN3FvYmpkcUJnUUVmS1M1dGFINgpFRTFkZFlnOW1wYlpMUlpycG82ZCtWVytCRTg4UGtLZjdkbDF4YnYraDBFagotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBbzVrSENibElBR3daVlFIeElmeWxjZUFpNFIxenllT242b041MDN6ZnUvbDFyL3lvClZ3c2JTNi9LUmZGdVBoNmxDODNMTlVsZ2lRTk5XSVpxUFNhRnJwK3pReHJrVTU0M2k2dnBvalFCdHljdmw1QjUKME1hRHBTa2pPTER1Z2JOM1dFeU9QN3NLaU8zdjYwSHhKTlptRlo0aHNnOWd6RmRLNXpPUHArd3RJZzhyQWx0QwpNZzVOTTFKK2lqcFNqbk0wYm16Rm10ajJXTFZJVG1zdWVFNkROaGZyVXVGdC95SmhjdzNOaCttRTRNWlh2MDVLCkxmSitjQ0c0UlB2Z2F6NTRiY0t0cFVHWnJnOWZWOTJuV3JrWDMvWEpTa09NQWk2T05PYWtoZlRoVXJtb0lGUWEKZkFhc3VMME1HVWpJMUFnaVRJOFJWWnovS2t2b042MlRnWlkrSlFJREFRQUJBb0lCQUhrU1JoQWZLN2NNU1E4TgpPZHdTTW9wOCtyTW83Y2tLanZsU1JiV0xJN1RrWUFGVzlXbzlrUHpKWXVPeVVnanMrdTRxWmVuUW5QMnBFUE9qCnZqbjFLVmZiWG5vYUM4SUtSRWM4ZWRJTnRQdExwNy8rTHZpZ0FVc1lqN1ZqMDQ3dk56S0VyWDFpdWVBdVhyRDMKZ3pQazYzV3lLbk94Ujh6U0NWL2pXN3hGWC8xa2wyR3U5SUpoVGl1RC81dFNwNHdWWDhOTTNuMXpmTWYrOHYwbQpCc3NkWWpxOVBGZjhvbkdHNDd4SXREM0lTaWpCajl3SmNvKy9jOGFxNUJHV2I1TmZWeHJMTEZKWWpZQlJmM0V1CmU4YjFtWS9jc2V0RGlMaTdKcDZYVHYvZzFkaTBBNDN5dllqSDRUSERwRXRrMmU3V0Y2QTQ0UWJOenZrMWhoVEsKVlhBSGhlRUNnWUVBeTZqbkFNTEVuNFh6UVBzUzNVRXVCUWtpYzNtY2NjMStXbDJjTXcyMXdrV0VTWDA1YllPMApEQ0Z0bGNnUi9Cb0V3bEZJSCtBY2ZnczkyUUpLTnZrM1dNUlJBNFNyRDJIS3RGdW1jRmFEWmJyK0o1S2FZVEJuClJPZnRBcklJRVdES1VGbDUyclhINExaTzU5ckgrUVpRc1BBZEJ5WFJ4bnFZUEcyaGlSTUNhcWtDZ1lFQXphUmgKM0NOaDVHQm91dWU2Ri82VktCWkc2Q3JkTVFTek0xRTk3bGpDdFdhZlFudGpURXJ0YnBSZ29NWDA1R1ZYcVhmVgpyOHpndkJaMlpjSVdRNnFGYzFwZEtjdHZVWVBwVmFDUE5XemtJT0ovUHltTlpLcm1US2RhMXFGZ1RwUHFFdWEwCmhlSHRjQytRdXNZdCtvTHdpUDE2QjV6U2N0SWZ1R3gzaHBHcGdSMENnWUJDSkNTQmxyK01uMUFVOW5WMTdja28KVVlNaXhZZ05YWk4vZlk5UTlVN21QUFZ0ZUlIQ0UxZlI2TGxTUDV1M3FDdUxnQ0pRVjlScEN2V1hHS3RKbHo1bQpVYnVOelBSUkZvMWliYkZzSW15aUNVeXBSVzlseVBhQTVtR08wb3JVT2Y3NmdWU1Z0eHVtMnc1ZE5peGpyNjFkCkNWNGtDQ0JNdVZ2ZnBDc2wvVXAzb1FLQmdRRElpdzZFU0YwbkFuNGdCK3dMaWxLYmpWNEkvQVJKMFhPUkVDRjkKVjBKSzlaRktuRm55QlFBWFhzdjgvaEFjekZmNUJNeDNiUzJkUDZxbkFlZ0VoVDh2aDJoalllbGxiV2NZQWtTbQpyVktzWHpZSXV0VVEzemxJZDh5Mmt4b0FoMjgyajVadEdpOGJ3TWM3M2hqb3ZOa21QMHZLTUwxckRFK3k0dFNOCmYyLzJZUUtCZ1FDZUYrSHdFZ09ReE1PV3RMQUdtOG9GRktJb3Fxc0w2U2FHMGxRclhpQW9jS2xOTmpNUE05MzAKRmFCaDF1VGdIa2hvZEFRenlISTZZYTZwUm9meEhBUFZXY2NNRmIrdU5FcURTKzVqK2x1UTZHcVYzMXFra3BQagpZaXdGclRBdmNJaXZKK204MlFYVmpUV29SK0lJLzVJcjI1dnpmV0w0cUxBTzV1ZGxHb2U4M0E9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
$ # 设置上下文参数
$ kubectl config set-context default \
--cluster=kubernetes \
--user=kube-proxy \
--kubeconfig=kube-proxy.kubeconfig
Context "default" created.
$ cat kube-proxy.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2RENDQXFTZ0F3SUJBZ0lVVmRqV0JqNFdyRG1pSlowQ1ZtY1BhYlFlWXFvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UYzFOVEF3V2hjTk1qSXhNREV3TVRjMU5UQXdXakJrTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhFakFRQmdOVkJBTVRDWEJoYm1waUxXczRjekNDCkFTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTVBwRldjMlh6cVdEVEtaL29vdmlzQWUKWUJ0U0RtcXhXVXZ6ZmtsYW9BNHFvVW9zUFQxSXZXZVAvd0FkL2x5RS9YN056NEVPY3JYSDNscFozeVJYZlF6YgpYVitpK29XcFhoc1VlQnFKcXc4VDVjWTBNWTNzaEdwNHd5WkF4RjV1QTJ0MHJKRmFLc2cwaWtMRjRLRGYwRGV0CngwUHFSbXIxK2xmRFhzMmp4blIxNm1DY1NMTHJwblVQclpYWnVLeXdMTEtVVzB2cGdaZmVsaUdBRy8vSDZ5aVgKeU5mRDdlUWJsVmVhOWpjYnNpWWR1TUZoc3lNdVFvL1RsTUxub1hkNDJ0cFd6czh3YnVpNWRCNXhpTmx2dmhSNQpSZlNHMmwrQUE5bkdlNUNFM21IUHF0WURBT0Q5OUpEcUM1L1U1SEF0aEJJUkNuVEdvdnNrNDRyTGhDR1FURjBDCkF3RUFBYU5tTUdRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFJd0hRWUQKVlIwT0JCWUVGS0dZczBHN0ZuVVZyTXE3T1ZxaVZWZjRNVkVuTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVgpyTXE3T1ZxaVZWZjRNVkVuTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCQjErTExCWWRocm1sUFQ2anpVOGtnCm1KQk1wYU5iclFQQW5HV0p1VHBXQXRYNlJQZEJTY09DelZRTDcxT1ZNcGgwU1NSb21HazZZS1FZTjljVS9weGEKUUNCZlRWVUhXMnB5R2tXZE9LWEl5UVA2MWEwOEVaYU84aVkzN3VEZEYrb2VMVWhoRUQ0c3dHcXBXblhib3c4cwppdmh6aytDVUgwZ2NFZXFRY0dseW9FN3NVaXdJM3gwOWRkSUJUTW1JdnR2SDFkWHMyWnFhYTJ2UXBHY3MyL3huClZUbloyMlRWTlpQREtYcHJKemhCNUVpM3l6SnlaYkJJZ2xUSDUrVS9wQ2QwU0pUNHcxcW5EWGRnQ2hyY1l1aHgKTVd5c2RoWndpcjB5blcrZE9QZnhGeHlFQUhMRktDSlR6WVZPdXp1Ujlqd2UxeHlJVmNBemltZXNQb2xCNHRiegotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.19.101:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kube-proxy
name: default
current-context: ""
kind: Config
preferences: {}
users:
- name: kube-proxy
user:
as-user-extra: {}
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQzVENDQXNXZ0F3SUJBZ0lVY0xLZDVSR2ZSbmgrcS9wNjg1U1BQNmNPVUtZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UZ3lNVEF3V2hjTk1qY3hNREE1TVRneU1UQXdXakJzTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhHakFZQmdOVkJBTVRFWE41YzNSbGJUcHJkV0psCkxYQnliM2g1TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFvNWtIQ2JsSUFHd1oKVlFIeElmeWxjZUFpNFIxenllT242b041MDN6ZnUvbDFyL3lvVndzYlM2L0tSZkZ1UGg2bEM4M0xOVWxnaVFOTgpXSVpxUFNhRnJwK3pReHJrVTU0M2k2dnBvalFCdHljdmw1QjUwTWFEcFNrak9MRHVnYk4zV0V5T1A3c0tpTzN2CjYwSHhKTlptRlo0aHNnOWd6RmRLNXpPUHArd3RJZzhyQWx0Q01nNU5NMUoraWpwU2puTTBibXpGbXRqMldMVkkKVG1zdWVFNkROaGZyVXVGdC95SmhjdzNOaCttRTRNWlh2MDVLTGZKK2NDRzRSUHZnYXo1NGJjS3RwVUdacmc5ZgpWOTJuV3JrWDMvWEpTa09NQWk2T05PYWtoZlRoVXJtb0lGUWFmQWFzdUwwTUdVakkxQWdpVEk4UlZaei9La3ZvCk42MlRnWlkrSlFJREFRQUJvMzh3ZlRBT0JnTlZIUThCQWY4RUJBTUNCYUF3SFFZRFZSMGxCQll3RkFZSUt3WUIKQlFVSEF3RUdDQ3NHQVFVRkJ3TUNNQXdHQTFVZEV3RUIvd1FDTUFBd0hRWURWUjBPQkJZRUZERE9JSmdEZEJHagpMUmpTNEhSUDVxUG1YUG1nTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVnJNcTdPVnFpVlZmNE1WRW5NQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElCQVFBRzVrbkVocGRTOWJzalBKOCswN3dCOWpqSFdWUEhEU0daQWtURnRDbE0Ka29jamRES1lTbmk1SDBiTys3eE5BVkRHMG9IRnQvcDlMeVVIaXdTRG1iMlgraWVIZWFzeHhka0RrVkt3Q1hGLwpjaDNqS3VmaHlidVZoN3phSHRwRXBqaUs5Tkw3UW40Q3cvQlFxTDRXaE9UbzI2T0JHcVp3a244ZGVGOHBPS0V1CkpZNGFscm1hd242c01ZVUh5S3QzeWcya1YxQ3o0aVhhR0ltTnVCTUZHNGRzTU02czAyUWh5UXFiT1h4bzlpdloKOFNlVDRSeFd3TFlNOVk5OTduT3JkVTY3RGl0ZGJtZnhrRThTMjR5aldKUFZDN3FvYmpkcUJnUUVmS1M1dGFINgpFRTFkZFlnOW1wYlpMUlpycG82ZCtWVytCRTg4UGtLZjdkbDF4YnYraDBFagotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBbzVrSENibElBR3daVlFIeElmeWxjZUFpNFIxenllT242b041MDN6ZnUvbDFyL3lvClZ3c2JTNi9LUmZGdVBoNmxDODNMTlVsZ2lRTk5XSVpxUFNhRnJwK3pReHJrVTU0M2k2dnBvalFCdHljdmw1QjUKME1hRHBTa2pPTER1Z2JOM1dFeU9QN3NLaU8zdjYwSHhKTlptRlo0aHNnOWd6RmRLNXpPUHArd3RJZzhyQWx0QwpNZzVOTTFKK2lqcFNqbk0wYm16Rm10ajJXTFZJVG1zdWVFNkROaGZyVXVGdC95SmhjdzNOaCttRTRNWlh2MDVLCkxmSitjQ0c0UlB2Z2F6NTRiY0t0cFVHWnJnOWZWOTJuV3JrWDMvWEpTa09NQWk2T05PYWtoZlRoVXJtb0lGUWEKZkFhc3VMME1HVWpJMUFnaVRJOFJWWnovS2t2b042MlRnWlkrSlFJREFRQUJBb0lCQUhrU1JoQWZLN2NNU1E4TgpPZHdTTW9wOCtyTW83Y2tLanZsU1JiV0xJN1RrWUFGVzlXbzlrUHpKWXVPeVVnanMrdTRxWmVuUW5QMnBFUE9qCnZqbjFLVmZiWG5vYUM4SUtSRWM4ZWRJTnRQdExwNy8rTHZpZ0FVc1lqN1ZqMDQ3dk56S0VyWDFpdWVBdVhyRDMKZ3pQazYzV3lLbk94Ujh6U0NWL2pXN3hGWC8xa2wyR3U5SUpoVGl1RC81dFNwNHdWWDhOTTNuMXpmTWYrOHYwbQpCc3NkWWpxOVBGZjhvbkdHNDd4SXREM0lTaWpCajl3SmNvKy9jOGFxNUJHV2I1TmZWeHJMTEZKWWpZQlJmM0V1CmU4YjFtWS9jc2V0RGlMaTdKcDZYVHYvZzFkaTBBNDN5dllqSDRUSERwRXRrMmU3V0Y2QTQ0UWJOenZrMWhoVEsKVlhBSGhlRUNnWUVBeTZqbkFNTEVuNFh6UVBzUzNVRXVCUWtpYzNtY2NjMStXbDJjTXcyMXdrV0VTWDA1YllPMApEQ0Z0bGNnUi9Cb0V3bEZJSCtBY2ZnczkyUUpLTnZrM1dNUlJBNFNyRDJIS3RGdW1jRmFEWmJyK0o1S2FZVEJuClJPZnRBcklJRVdES1VGbDUyclhINExaTzU5ckgrUVpRc1BBZEJ5WFJ4bnFZUEcyaGlSTUNhcWtDZ1lFQXphUmgKM0NOaDVHQm91dWU2Ri82VktCWkc2Q3JkTVFTek0xRTk3bGpDdFdhZlFudGpURXJ0YnBSZ29NWDA1R1ZYcVhmVgpyOHpndkJaMlpjSVdRNnFGYzFwZEtjdHZVWVBwVmFDUE5XemtJT0ovUHltTlpLcm1US2RhMXFGZ1RwUHFFdWEwCmhlSHRjQytRdXNZdCtvTHdpUDE2QjV6U2N0SWZ1R3gzaHBHcGdSMENnWUJDSkNTQmxyK01uMUFVOW5WMTdja28KVVlNaXhZZ05YWk4vZlk5UTlVN21QUFZ0ZUlIQ0UxZlI2TGxTUDV1M3FDdUxnQ0pRVjlScEN2V1hHS3RKbHo1bQpVYnVOelBSUkZvMWliYkZzSW15aUNVeXBSVzlseVBhQTVtR08wb3JVT2Y3NmdWU1Z0eHVtMnc1ZE5peGpyNjFkCkNWNGtDQ0JNdVZ2ZnBDc2wvVXAzb1FLQmdRRElpdzZFU0YwbkFuNGdCK3dMaWxLYmpWNEkvQVJKMFhPUkVDRjkKVjBKSzlaRktuRm55QlFBWFhzdjgvaEFjekZmNUJNeDNiUzJkUDZxbkFlZ0VoVDh2aDJoalllbGxiV2NZQWtTbQpyVktzWHpZSXV0VVEzemxJZDh5Mmt4b0FoMjgyajVadEdpOGJ3TWM3M2hqb3ZOa21QMHZLTUwxckRFK3k0dFNOCmYyLzJZUUtCZ1FDZUYrSHdFZ09ReE1PV3RMQUdtOG9GRktJb3Fxc0w2U2FHMGxRclhpQW9jS2xOTmpNUE05MzAKRmFCaDF1VGdIa2hvZEFRenlISTZZYTZwUm9meEhBUFZXY2NNRmIrdU5FcURTKzVqK2x1UTZHcVYzMXFra3BQagpZaXdGclRBdmNJaXZKK204MlFYVmpUV29SK0lJLzVJcjI1dnpmV0w0cUxBTzV1ZGxHb2U4M0E9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
$ # 设置默认上下文
$ kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig
Switched to context "default".
$ cat kube-proxy.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR2RENDQXFTZ0F3SUJBZ0lVVmRqV0JqNFdyRG1pSlowQ1ZtY1BhYlFlWXFvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UYzFOVEF3V2hjTk1qSXhNREV3TVRjMU5UQXdXakJrTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhFakFRQmdOVkJBTVRDWEJoYm1waUxXczRjekNDCkFTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTVBwRldjMlh6cVdEVEtaL29vdmlzQWUKWUJ0U0RtcXhXVXZ6ZmtsYW9BNHFvVW9zUFQxSXZXZVAvd0FkL2x5RS9YN056NEVPY3JYSDNscFozeVJYZlF6YgpYVitpK29XcFhoc1VlQnFKcXc4VDVjWTBNWTNzaEdwNHd5WkF4RjV1QTJ0MHJKRmFLc2cwaWtMRjRLRGYwRGV0CngwUHFSbXIxK2xmRFhzMmp4blIxNm1DY1NMTHJwblVQclpYWnVLeXdMTEtVVzB2cGdaZmVsaUdBRy8vSDZ5aVgKeU5mRDdlUWJsVmVhOWpjYnNpWWR1TUZoc3lNdVFvL1RsTUxub1hkNDJ0cFd6czh3YnVpNWRCNXhpTmx2dmhSNQpSZlNHMmwrQUE5bkdlNUNFM21IUHF0WURBT0Q5OUpEcUM1L1U1SEF0aEJJUkNuVEdvdnNrNDRyTGhDR1FURjBDCkF3RUFBYU5tTUdRd0RnWURWUjBQQVFIL0JBUURBZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFJd0hRWUQKVlIwT0JCWUVGS0dZczBHN0ZuVVZyTXE3T1ZxaVZWZjRNVkVuTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVgpyTXE3T1ZxaVZWZjRNVkVuTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElCQVFCQjErTExCWWRocm1sUFQ2anpVOGtnCm1KQk1wYU5iclFQQW5HV0p1VHBXQXRYNlJQZEJTY09DelZRTDcxT1ZNcGgwU1NSb21HazZZS1FZTjljVS9weGEKUUNCZlRWVUhXMnB5R2tXZE9LWEl5UVA2MWEwOEVaYU84aVkzN3VEZEYrb2VMVWhoRUQ0c3dHcXBXblhib3c4cwppdmh6aytDVUgwZ2NFZXFRY0dseW9FN3NVaXdJM3gwOWRkSUJUTW1JdnR2SDFkWHMyWnFhYTJ2UXBHY3MyL3huClZUbloyMlRWTlpQREtYcHJKemhCNUVpM3l6SnlaYkJJZ2xUSDUrVS9wQ2QwU0pUNHcxcW5EWGRnQ2hyY1l1aHgKTVd5c2RoWndpcjB5blcrZE9QZnhGeHlFQUhMRktDSlR6WVZPdXp1Ujlqd2UxeHlJVmNBemltZXNQb2xCNHRiegotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.19.101:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kube-proxy
name: default
current-context: default
kind: Config
preferences: {}
users:
- name: kube-proxy
user:
as-user-extra: {}
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQzVENDQXNXZ0F3SUJBZ0lVY0xLZDVSR2ZSbmgrcS9wNjg1U1BQNmNPVUtZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1pERUxNQWtHQTFVRUJoTUNRMDR4RURBT0JnTlZCQWdUQjFOcFEyaDFZVzR4RURBT0JnTlZCQWNUQjJObwpaVzVuWkhVeEREQUtCZ05WQkFvVEEyczRjekVQTUEwR0ExVUVDeE1HVTNsemRHVnRNUkl3RUFZRFZRUURFd2x3CllXNXFZaTFyT0hNd0hoY05NVGN4TURFeE1UZ3lNVEF3V2hjTk1qY3hNREE1TVRneU1UQXdXakJzTVFzd0NRWUQKVlFRR0V3SkRUakVRTUE0R0ExVUVDQk1IVTJsRGFIVmhiakVRTUE0R0ExVUVCeE1IWTJobGJtZGtkVEVNTUFvRwpBMVVFQ2hNRGF6aHpNUTh3RFFZRFZRUUxFd1pUZVhOMFpXMHhHakFZQmdOVkJBTVRFWE41YzNSbGJUcHJkV0psCkxYQnliM2g1TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFvNWtIQ2JsSUFHd1oKVlFIeElmeWxjZUFpNFIxenllT242b041MDN6ZnUvbDFyL3lvVndzYlM2L0tSZkZ1UGg2bEM4M0xOVWxnaVFOTgpXSVpxUFNhRnJwK3pReHJrVTU0M2k2dnBvalFCdHljdmw1QjUwTWFEcFNrak9MRHVnYk4zV0V5T1A3c0tpTzN2CjYwSHhKTlptRlo0aHNnOWd6RmRLNXpPUHArd3RJZzhyQWx0Q01nNU5NMUoraWpwU2puTTBibXpGbXRqMldMVkkKVG1zdWVFNkROaGZyVXVGdC95SmhjdzNOaCttRTRNWlh2MDVLTGZKK2NDRzRSUHZnYXo1NGJjS3RwVUdacmc5ZgpWOTJuV3JrWDMvWEpTa09NQWk2T05PYWtoZlRoVXJtb0lGUWFmQWFzdUwwTUdVakkxQWdpVEk4UlZaei9La3ZvCk42MlRnWlkrSlFJREFRQUJvMzh3ZlRBT0JnTlZIUThCQWY4RUJBTUNCYUF3SFFZRFZSMGxCQll3RkFZSUt3WUIKQlFVSEF3RUdDQ3NHQVFVRkJ3TUNNQXdHQTFVZEV3RUIvd1FDTUFBd0hRWURWUjBPQkJZRUZERE9JSmdEZEJHagpMUmpTNEhSUDVxUG1YUG1nTUI4R0ExVWRJd1FZTUJhQUZLR1lzMEc3Rm5VVnJNcTdPVnFpVlZmNE1WRW5NQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElCQVFBRzVrbkVocGRTOWJzalBKOCswN3dCOWpqSFdWUEhEU0daQWtURnRDbE0Ka29jamRES1lTbmk1SDBiTys3eE5BVkRHMG9IRnQvcDlMeVVIaXdTRG1iMlgraWVIZWFzeHhka0RrVkt3Q1hGLwpjaDNqS3VmaHlidVZoN3phSHRwRXBqaUs5Tkw3UW40Q3cvQlFxTDRXaE9UbzI2T0JHcVp3a244ZGVGOHBPS0V1CkpZNGFscm1hd242c01ZVUh5S3QzeWcya1YxQ3o0aVhhR0ltTnVCTUZHNGRzTU02czAyUWh5UXFiT1h4bzlpdloKOFNlVDRSeFd3TFlNOVk5OTduT3JkVTY3RGl0ZGJtZnhrRThTMjR5aldKUFZDN3FvYmpkcUJnUUVmS1M1dGFINgpFRTFkZFlnOW1wYlpMUlpycG82ZCtWVytCRTg4UGtLZjdkbDF4YnYraDBFagotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBbzVrSENibElBR3daVlFIeElmeWxjZUFpNFIxenllT242b041MDN6ZnUvbDFyL3lvClZ3c2JTNi9LUmZGdVBoNmxDODNMTlVsZ2lRTk5XSVpxUFNhRnJwK3pReHJrVTU0M2k2dnBvalFCdHljdmw1QjUKME1hRHBTa2pPTER1Z2JOM1dFeU9QN3NLaU8zdjYwSHhKTlptRlo0aHNnOWd6RmRLNXpPUHArd3RJZzhyQWx0QwpNZzVOTTFKK2lqcFNqbk0wYm16Rm10ajJXTFZJVG1zdWVFNkROaGZyVXVGdC95SmhjdzNOaCttRTRNWlh2MDVLCkxmSitjQ0c0UlB2Z2F6NTRiY0t0cFVHWnJnOWZWOTJuV3JrWDMvWEpTa09NQWk2T05PYWtoZlRoVXJtb0lGUWEKZkFhc3VMME1HVWpJMUFnaVRJOFJWWnovS2t2b042MlRnWlkrSlFJREFRQUJBb0lCQUhrU1JoQWZLN2NNU1E4TgpPZHdTTW9wOCtyTW83Y2tLanZsU1JiV0xJN1RrWUFGVzlXbzlrUHpKWXVPeVVnanMrdTRxWmVuUW5QMnBFUE9qCnZqbjFLVmZiWG5vYUM4SUtSRWM4ZWRJTnRQdExwNy8rTHZpZ0FVc1lqN1ZqMDQ3dk56S0VyWDFpdWVBdVhyRDMKZ3pQazYzV3lLbk94Ujh6U0NWL2pXN3hGWC8xa2wyR3U5SUpoVGl1RC81dFNwNHdWWDhOTTNuMXpmTWYrOHYwbQpCc3NkWWpxOVBGZjhvbkdHNDd4SXREM0lTaWpCajl3SmNvKy9jOGFxNUJHV2I1TmZWeHJMTEZKWWpZQlJmM0V1CmU4YjFtWS9jc2V0RGlMaTdKcDZYVHYvZzFkaTBBNDN5dllqSDRUSERwRXRrMmU3V0Y2QTQ0UWJOenZrMWhoVEsKVlhBSGhlRUNnWUVBeTZqbkFNTEVuNFh6UVBzUzNVRXVCUWtpYzNtY2NjMStXbDJjTXcyMXdrV0VTWDA1YllPMApEQ0Z0bGNnUi9Cb0V3bEZJSCtBY2ZnczkyUUpLTnZrM1dNUlJBNFNyRDJIS3RGdW1jRmFEWmJyK0o1S2FZVEJuClJPZnRBcklJRVdES1VGbDUyclhINExaTzU5ckgrUVpRc1BBZEJ5WFJ4bnFZUEcyaGlSTUNhcWtDZ1lFQXphUmgKM0NOaDVHQm91dWU2Ri82VktCWkc2Q3JkTVFTek0xRTk3bGpDdFdhZlFudGpURXJ0YnBSZ29NWDA1R1ZYcVhmVgpyOHpndkJaMlpjSVdRNnFGYzFwZEtjdHZVWVBwVmFDUE5XemtJT0ovUHltTlpLcm1US2RhMXFGZ1RwUHFFdWEwCmhlSHRjQytRdXNZdCtvTHdpUDE2QjV6U2N0SWZ1R3gzaHBHcGdSMENnWUJDSkNTQmxyK01uMUFVOW5WMTdja28KVVlNaXhZZ05YWk4vZlk5UTlVN21QUFZ0ZUlIQ0UxZlI2TGxTUDV1M3FDdUxnQ0pRVjlScEN2V1hHS3RKbHo1bQpVYnVOelBSUkZvMWliYkZzSW15aUNVeXBSVzlseVBhQTVtR08wb3JVT2Y3NmdWU1Z0eHVtMnc1ZE5peGpyNjFkCkNWNGtDQ0JNdVZ2ZnBDc2wvVXAzb1FLQmdRRElpdzZFU0YwbkFuNGdCK3dMaWxLYmpWNEkvQVJKMFhPUkVDRjkKVjBKSzlaRktuRm55QlFBWFhzdjgvaEFjekZmNUJNeDNiUzJkUDZxbkFlZ0VoVDh2aDJoalllbGxiV2NZQWtTbQpyVktzWHpZSXV0VVEzemxJZDh5Mmt4b0FoMjgyajVadEdpOGJ3TWM3M2hqb3ZOa21QMHZLTUwxckRFK3k0dFNOCmYyLzJZUUtCZ1FDZUYrSHdFZ09ReE1PV3RMQUdtOG9GRktJb3Fxc0w2U2FHMGxRclhpQW9jS2xOTmpNUE05MzAKRmFCaDF1VGdIa2hvZEFRenlISTZZYTZwUm9meEhBUFZXY2NNRmIrdU5FcURTKzVqK2x1UTZHcVYzMXFra3BQagpZaXdGclRBdmNJaXZKK204MlFYVmpUV29SK0lJLzVJcjI1dnpmV0w0cUxBTzV1ZGxHb2U4M0E9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=