从我升级 eks terraform 脚本的版本开始。我不断收到错误。
目前我陷入了这个错误:
Error: Get http://localhost/api/v1/namespaces/kube-system/serviceaccounts/tiller: dial tcp 127.0.0.1:80: connect: connection refused
Error: Get http://localhost/apis/rbac.authorization.k8s.io/v1/clusterrolebindings/tiller: dial tcp 127.0.0.1:80: connect: connection refused
脚本工作正常,我仍然可以将它用于旧版本,但我正在尝试升级集群版本。
provider.tf
provider "aws" {
region = "${var.region}"
version = "~> 2.0"
assume_role {
role_arn = "arn:aws:iam::${var.target_account_id}:role/terraform"
}
}
provider "kubernetes" {
config_path = ".kube_config.yaml"
version = "~> 1.9"
}
provider "helm" {
service_account = "${kubernetes_service_account.tiller.metadata.0.name}"
namespace = "${kubernetes_service_account.tiller.metadata.0.namespace}"
kubernetes {
config_path = ".kube_config.yaml"
}
}
terraform {
backend "s3" {
}
}
data "terraform_remote_state" "state" {
backend = "s3"
config = {
bucket = "${var.backend_config_bucket}"
region = "${var.backend_config_bucket_region}"
key = "${var.name}/${var.backend_config_tfstate_file_key}" # var.name == CLIENT
role_arn = "${var.backend_config_role_arn}"
skip_region_validation = true
dynamodb_table = "terraform_locks"
encrypt = "true"
}
}
kubernetes.tf
resource "kubernetes_service_account" "tiller" {
#depends_on = ["module.eks"]
metadata {
name = "tiller"
namespace = "kube-system"
}
automount_service_account_token = "true"
}
resource "kubernetes_cluster_role_binding" "tiller" {
depends_on = ["module.eks"]
metadata {
name = "tiller"
}
role_ref {
api_group = "rbac.authorization.k8s.io"
kind = "ClusterRole"
name = "cluster-admin"
}
subject {
kind = "ServiceAccount"
name = "tiller"
api_group = ""
namespace = "kube-system"
}
}
地形版本:0.12.12 eks模块版本:6.0.2
最佳答案
这意味着您的 .kube_config.yml
中的 server:
条目指向错误的端口(甚至可能是错误的协议(protocol),因为正常的 kubernetes 通信通过 https
并通过双向 TLS 身份验证进行保护),或者不再有 监听 localhost:80
的代理,或者可能使用的 --insecure-port
为 80
,现在为 0
(强烈推荐)
遗憾的是,没有更多细节,没有人能够猜测正确的值是什么或应该更改为
关于kubernetes - Tiller : dial tcp 127. 0.0.1:80:连接:连接被拒绝,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58545781/