因为那道墙，在Docker For Windows Client中启用Kubernetes，并没有想象的那么顺利

1. git clone https://github.com/AliyunContainerService/k8s-for-docker-desktop.git(我的mac机器git有问题,还重新安装了git,参考这个xcode-select –install https://blog.csdn.net/blueheart20/article/details/78767806)
2. 进入下载的目录,cd k8s-for-docker-desktop
3. git checkout v1.22.4 因为现在这个库最新就是v1.22.4
   
4. 执行./load_images.sh
5. Enable Kubernetes
6.  重启一下Docker

在终端输入KubeCtl cluster-info 会显示如下

Kubernetes control plane is running at https://kubernetes.docker.internal:6443
CoreDNS is running at https://kubernetes.docker.internal:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

 

访问 https://kubernetes.docker.internal:6443 会显示

{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "forbidden: User \"system:anonymous\" cannot get path \"/\"",
"reason": "Forbidden",
"details": {},
"code": 403
}

 证书问题 ,参考 https://blog.csdn.net/baidu_38432732/article/details/106469037,

grep 'client-certificate-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.crt

grep 'client-key-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.key

openssl pkcs12 -export -clcerts -inkey kubecfg.key -in kubecfg.crt -out kubecfg.p12 -name "kubernetes-client"

 

生成证书时要输入一个密码,然后在Finder里找到这个p12证书,双击,输入刚才的密码导入, 关闭浏览器