The installation script shows "Unable to connect to the server: Forbidden” | kubectl commands, in general, are failing with “Forbidden”

Modified on Fri, 17 Nov, 2023 at 2:15 PM

Usually, the “forbidden” response means a communication issue between the kubectl and Kubernetes API. There are two possibilities:

Kubectl is not configured:

Verify if the /etc/kubernetes/admin.conf file is present
Copy it to the default configuration location:

sudo su # Login as root user

mkdir -p /root/.kube # Default kubectl configuration directory
cp -i /etc/kubernetes/admin.conf /root/.kube/config # Copy the config file created by the installation script
export KUBECONFIG="" # Removes possible config file path override

Proxy issues. After testing the following configurations, make sure to make them permanent by using your favorite method to manage environment properties:

Identify your Kubernetes cluster IP:

$ cat /etc/kubernetes/admin.conf
clusters:
- cluster:    
    certificate-authority-data: LS0tLS1CRUdJTi(...)
    server: https://10.32.32.253:6443  
  name: kubernetes

Include the server IP and its subnets in the no_proxy and NO_PROXY variables:

sudo su
export no_proxy=$no_proxy,10.32.32.253,10.32.0.0/20
export NO_PROXY=$NO_PROXY,10.32.32.253,10.32.0.0/20

As an alternative to the no_proxy option, remove all the proxy configurations:

export http_proxy=""
export https_proxy=""
export HTTP_PROXY=""
export HTTPS_PROXY=""

Was this article helpful?