Ubuntu 22.04.1 LTS jammy - 添加“deb http://apt.kubernetes.io/ kubernetes-xenial main”403 禁止

tag-icon tag-icon apt package-management
Ubuntu 22.04.1 LTS jammy - 添加“deb http://apt.kubernetes.io/ kubernetes-xenial main”403 禁止

我对安装 kube 包完全束手无策,希望这里有人能给我一些启发。

我正在运行 Ubuntu Server 22.04.1 LTS Jammy

我开始$ sudo apt update && sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release

^^ 成功了

然后我就这么做了$sudo apt-get upgrade

安装了docker后一切都很顺利,直到我遇到这些包,三天都没能解决。继续阅读,我会解释的。

我们正在尝试建立一个 Kubernetes 集群。

我需要安装 kubelet kubeadm kubectl 但似乎我遵循的是旧文档或 Kubernetes 维护不善。我希望我知道。:)

所以我添加了 repo

echo "deb https://apt.kubernetes.io/ kubernetes-jammy main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

我看到的第一件事是运行 apt update 时遇到了证书问题。

然后我解决了这个问题:

curl -sS https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/cloud.google.gpg

用这个更新了我的 kubernetes.list:

echo "deb [signed-by=/usr/share/keyrings/apt-key.gpg.gpg] https://apt.kubernetes.io/ kubernetes-jammy main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

然后我收到一个禁止 403 错误,然后意识到该文件夹​​在源 URL“https://packages.cloud.google.com/apt/dists”中不存在

因此我将其更改为 Xenial,因为我看过一些指南,它显然在 jammy 上运行良好。例如:

https://www.vladimircicovic.com/2022/08/kubernetes-setup-on-ubuntu-2204-lts-jammy-jellyfish

因此删除了我的来源并创建了这个:

echo "deb [signed-by=/usr/share/keyrings/apt-key.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

但我仍然被禁止。

Err:4 https://packages.cloud.google.com/apt kubernetes-xenial InRelease
  403  Forbidden [IP: 142.250.178.14 443]

有谁知道安装 Kubernetes 集群的更简单的方法吗?

任何帮助都将不胜感激 Chadley

答案1

经过一番努力之后,我尝试了 apt update 并得到了如下输出:

Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 142.250.178.14 443]
Fetched 324 kB in 7s (44.4 kB/s)
Reading package lists... Done
W: Failed to fetch http://apt.kubernetes.io/dists/kubernetes-xenial/InRelease  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 142.250.178.14 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.

这让我认为 IP 被阻止了,实际上并不是证书错误。我们的防火墙团队将 IP 添加到机器的允许列表中,错误就消失了。问题解决了。

答案2

就我而言作品

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor | sudo dd status=none of=/usr/share/keyrings/kubernetes-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt update

相关内容