Question 97211 in Nginx Question posted in
The official documentation can be found here.

Failed to create secret Post "http://localhost:8080/api/v1/namespaces/keycloak-test/secrets?fieldManager=kubectl-create&fieldValidation=Strict" – Nginx

I am new to Kubernetes. I just trying to create a tls secret using kubectl. My ultimate goal is deploy a keycloak cluster in kubernetes.

So I follow this youtube tutorial. But in this tutorial doesn’t mention how to generate my own tls key and tls cert. So to do that I use this documentation (https://www.linode.com/docs/guides/create-a-self-signed-tls-certificate/).

Then I could generate MyCertTLS.crt and MyKeyTLS.key

gayan@Gayan:/srv$ cd certs
gayan@Gayan:/srv/certs$ ls
MyCertTLS.crt  MyKeyTLS.key

To create secret key for the kubernetes, I ran this command

sudo kubectl create secret tls my-tls --key="MyKeyTLS.key" --cert="MyCertTLS.crt" -n keycloak-test

But It’s not working, I got this error,

gayan@Gayan:/srv/certs$ sudo kubectl create secret tls my-tls --key="MyKeyTLS.key" --cert="MyCertTLS.crt" -n keycloak-test
[sudo] password for gayan:                 
error: failed to create secret Post "http://localhost:8080/api/v1/namespaces/keycloak-test/secrets?fieldManager=kubectl-create&fieldValidation=Strict": dial tcp 127.0.0.1:8080: connect: connection refused

Note:
MiniKube is Running…
And Ingress Addon also enabled…
I have created a namespace called keycloak-test.

gayan@Gayan:/srv/keycloak$ kubectl get namespaces
NAME                   STATUS   AGE
default                Active   3d19h
ingress-nginx          Active   119m
keycloak-test          Active   4m12s
kube-node-lease        Active   3d19h
kube-public            Active   3d19h
kube-system            Active   3d19h
kubernetes-dashboard   Active   3d19h

I am trying to fix this error. But I have no idea why I get this, looking for a solution from the genius community.

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I figured this out! I posted this, because this may helpful for someone.

    I am getting that error,

    error: failed to create secret Post "http://localhost:8080/api/v1/namespaces/keycloak-test/secrets?fieldManager=kubectl-create&fieldValidation=Strict": dial tcp 127.0.0.1:8080: connect: connection refused

    Because my kubernetes api-server is running on a different port.

    You can view what port your kubernetes api-server is running by running this command,

    kubectl config view

    Then for example, if you can see server: localhost:40475 like that, It's mean your server running on port 40475.

    And kubernetes default port is 8443

    Then you should mention the correct port on your kubectl command to create the secret.

    So, I add --server=https://localhost:40475 to my command.

    kubectl create secret tls my-tls --key="tls.key" --cert="tls.crt" -n keycloak-test --server=https://localhost:40475

    And another thing, if you getting error like permission denied

    You have to change the ownership of your tls.key file and tls.crt file.

    I did this by running these commands,

    sudo chmod 666 tls.crt

sudo chmod 666 tls.key

    Then you should run above kubectl command, without sudo! It works !!!!!! If you run that command with sudo, It will ask username and passwords and it confused me and it did not work.

    So, by doing this way, I solved this issue! Hope this will help to someone!!! Thanks!


  2. 0

    In your examples, kubectl get namespaces works, but sudo kubectl create secret doesn’t.

    You don’t need sudo to work with Kubernetes. In particular, the connection information is stored in a $HOME/.kube/config file by default, but when you sudo kubectl ..., that changes the home directory and you can’t find the connection information.

    The standard Kubernetes assumption is that the cluster is remote, and so your local user ID doesn’t really matter to it. All that does matter is the Kubernetes-specific permissions assigned to the user that’s accessing the cluster.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search