我正在使用Google容器引擎并尝试添加本指南中的日志 http://kubernetes.io/docs/getting-started-guides/logging/
日志记录控制台中没有日志, 但在流利的pod日志中有很多这样的消息
- > kubectl logs -f --tail = 5 fluentd-cloud-logging-gke-we-production-da3a3de4-node-s285 --namespace = kube-system 2016-06-14 17:51:21 +0000 [warn]:压制相同的堆栈跟踪 2016-06-14 17:51:28 +0000 [warn]:暂时无法刷新缓冲区。 next_retry = 2016-06-14 17:51:58 +0000 error_class =" Google :: APIClient :: ClientError" 错误="来电者没有权限" plugin_id ="对象:f9a9ac"
它想要的权限是什么?请帮助我,我真的坚持了它
答案 0 :(得分:0)
听起来流利的pod无法写入google云记录api端点。要写入日志,VM必须在VM的默认服务帐户上具有https://www.googleapis.com/auth/logging.write范围。
答案 1 :(得分:0)
我现在有类似的问题。
从Gcloud命令控制台。
$ gcloud projects get-iam-policy [项目名称] --format json
gcloud项目add-iam-policy-binding [PROJECT-NAME] --member = user:[登录电子邮件ID] --role = roles / viewer
gcloud projects add-iam-policy-binding [PROJECT-NAME] --member=user:[Login-email-ID] --role=roles/logging.viewer gcloud projects add-iam-policy-binding [PROJECT-NAME] --member=user:[Login-email-ID] --role=roles/logging.logWriter gcloud projects add-iam-policy-binding [PROJECT-NAME] --member=user:[Login-email-ID] --role=roles/logging.configWriter gcloud projects add-iam-policy-binding [PROJECT-NAME] --member=user:[Login-email-ID] --role=roles/logging.bucketWriter gcloud projects add-iam-policy-binding [PROJECT-NAME] --member=user:[Login-email-ID] --role=roles/logging.viewAccessor gcloud projects add-iam-policy-binding [PROJECT-NAME] --member=user:[Login-email-ID] --role=roles/logging.admin