kiali没法登录的问题
缘由
在升配k8s集群后,发现kiali没法登录,具体为何因升配k8s集群而致使kiali没法登录,缘由暂不清楚。node
大体不能登录缘由以下图:api
上图红色字体翻译以下:app
The Kiali secret is missing. Users are prohibited from accessing Kiali until an administrator creates a valid secret. Please refer to the Kiali documentation for more details. kiali的密钥不见了,在管理员建立有效密钥以前,禁止用户访问kiali。请参阅kiali文档以获取更多详细信息。
根据翻译可知是由于kiali的密钥丢失了ide
排查
查看kiali的secretname字体
kiali-deployment.yamlui
kubectl get deployment kiali -n istio-system -o yaml --export
Flag --export has been deprecated, This flag is deprecated and will be removed in future.
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
field.cattle.io/publicEndpoints: '[{"addresses":["47.112.190.16"],"port":80,"protocol":"HTTP","serviceName":"istio-system:kiali","ingressName":"istio-system:kiali","hostname":"kiali.stage.realibox.com","path":"/","allNodes":false}]'
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"kiali","install.operator.istio.io/owning-resource":"installed-state","install.operator.istio.io/owning-resource-namespace":"istio-system","istio.io/rev":"default","operator.istio.io/component":"AddonComponents","operator.istio.io/managed":"Reconcile","operator.istio.io/version":"1.7.4","release":"istio"},"name":"kiali","namespace":"istio-system"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"kiali"}},"template":{"metadata":{"annotations":{"kiali.io/runtimes":"go,kiali","prometheus.io/port":"9090","prometheus.io/scrape":"true","sidecar.istio.io/inject":"false"},"labels":{"app":"kiali","release":"istio"},"name":"kiali"},"spec":{"affinity":{"nodeAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"preference":{"matchExpressions":[{"key":"kubernetes.io/arch","operator":"In","values":["amd64"]}]},"weight":2},{"preference":{"matchExpressions":[{"key":"kubernetes.io/arch","operator":"In","values":["ppc64le"]}]},"weight":2},{"preference":{"matchExpressions":[{"key":"kubernetes.io/arch","operator":"In","values":["s390x"]}]},"weight":2}],"requiredDuringSchedulingIgnoredDuringExecution":{"nodeSelectorTerms":[{"matchExpressions":[{"key":"kubernetes.io/arch","operator":"In","values":["amd64","ppc64le","s390x"]}]}]}}},"containers":[{"command":["/opt/kiali/kiali","-config","/kiali-configuration/config.yaml","-v","3"],"env":[{"name":"ACTIVE_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"quay.io/kiali/kiali:v1.22","livenessProbe":{"httpGet":{"path":"/kiali/healthz","port":20001,"scheme":"HTTP"},"initialDelaySeconds":5,"periodSeconds":30},"name":"kiali","readinessProbe":{"httpGet":{"path":"/kiali/healthz","port":20001,"scheme":"HTTP"},"initialDelaySeconds":5,"periodSeconds":30},"resources":{"requests":{"cpu":"10m"}},"volumeMounts":[{"mountPath":"/kiali-configuration","name":"kiali-configuration"},{"mountPath":"/kiali-cert","name":"kiali-cert"},{"mountPath":"/kiali-secret","name":"kiali-secret"}]}],"serviceAccountName":"kiali-service-account","volumes":[{"configMap":{"name":"kiali"},"name":"kiali-configuration"},{"name":"kiali-cert","secret":{"optional":true,"secretName":"istio.kiali-service-account"}},{"name":"kiali-secret","secret":{"optional":true,"secretName":"kiali"}}]}}}}
creationTimestamp: null
generation: 1
labels:
app: kiali
install.operator.istio.io/owning-resource: installed-state
install.operator.istio.io/owning-resource-namespace: istio-system
istio.io/rev: default
operator.istio.io/component: AddonComponents
operator.istio.io/managed: Reconcile
operator.istio.io/version: 1.7.4
release: istio
name: kiali
selfLink: /apis/extensions/v1beta1/namespaces/istio-system/deployments/kiali
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: kiali
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
kiali.io/runtimes: go,kiali
prometheus.io/port: "9090"
prometheus.io/scrape: "true"
sidecar.istio.io/inject: "false"
creationTimestamp: null
labels:
app: kiali
release: istio
name: kiali
spec:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
weight: 2
- preference:
matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- ppc64le
weight: 2
- preference:
matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- s390x
weight: 2
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- ppc64le
- s390x
containers:
- command:
- /opt/kiali/kiali
- -config
- /kiali-configuration/config.yaml
- -v
- "3"
env:
- name: ACTIVE_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: quay.io/kiali/kiali:v1.22
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /kiali/healthz
port: 20001
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 1
name: kiali
readinessProbe:
failureThreshold: 3
httpGet:
path: /kiali/healthz
port: 20001
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 10m
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /kiali-configuration
name: kiali-configuration
- mountPath: /kiali-cert
name: kiali-cert
- mountPath: /kiali-secret
name: kiali-secret
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: kiali-service-account
serviceAccountName: kiali-service-account
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 420
name: kiali
name: kiali-configuration
- name: kiali-cert
secret:
defaultMode: 420
optional: true
secretName: istio.kiali-service-account
- name: kiali-secret
secret:
defaultMode: 420
optional: true
secretName: kiali
status: {}
有关密钥的地方spa
- name: kiali-secret
secret:
defaultMode: 420
optional: true
secretName: kiali
查找密钥翻译
kubectl get secret -n istio-system | grep kiali 无
解决
建立密钥rest
apiVersion: v1 kind: Secret metadata: name: kiali namespace: istio-system data: ## echo -n admin | base64 #YWRtaW4= username: YWRtaW4= passphrase: YWRtaW4=
删除旧kiali pod 恢复code
相关文章
- 1. github没法登录的问题
- 2. Foxmail 帐号没法登录、没法收取邮件等问题
- 3. Oracle没有登录的问题
- 4. mysql远程可登陆,本地没法登录问题
- 5. visualStudio没法登录
- 6. mysqllocalhost没法登录
- 7. xshell没法登录
- 8. IOS safari浏览器登录时Cookie没法保存的问题
- 9. 关于一次系统没法正常登录的问题...
- 10. Mac OS上AppStore没法登录的问题
- 更多相关文章...
- • 登录MySQL数据库 - MySQL教程
- • Redis悲观锁解决高并发抢红包的问题 - 红包项目实战
- • PHP Ajax 跨域问题最佳解决方案
- • IntelliJ IDEA中SpringBoot properties文件不能自动提示问题解决
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
欢迎关注本站公众号,获取更多信息
