在没有rbac问题的情况下在aks中部署nginx-ingress

时间:2018-05-12 17:36:24

标签: azure docker nginx kubernetes kubernetes-helm

我是Kubernetes的新手,并且正在尝试使用Helm在Aks群集中部署nginx-ingress。

使用az-cli创建集群后,尝试使用此命令部署nginx-ingress:

helm install stable/nginx-ingress -n nginx-ingress --namespace kube-system --set rbac.create=false

但是我在命令行中遇到以下错误:

Error: release nginx-ingress failed: clusterroles.rbac.authorization.k8s.io "nginx-ingress" is forbidden: attempt to grant extra privileges: [PolicyRule{Resources:["configmaps"], APIGroups:[""], Verbs:["list"]} PolicyRule{Resources:["configmaps"], APIGroups:[""], Verbs:["watch"]} PolicyRule{Resources:["endpoints"], APIGroups:[""], Verbs:["list"]} PolicyRule{Resources:["endpoints"], APIGroups:[""], Verbs:["watch"]} PolicyRule{Resources:["nodes"], APIGroups:[""], Verbs:["list"]} PolicyRule{Resources:["nodes"], APIGroups:[""], Verbs:["watch"]} PolicyRule{Resources:["pods"], APIGroups:[""], Verbs:["list"]} PolicyRule{Resources:["pods"], APIGroups:[""], Verbs:["watch"]} PolicyRule{Resources:["secrets"], APIGroups:[""], Verbs:["list"]} PolicyRule{Resources:["secrets"], APIGroups:[""], Verbs:["watch"]} PolicyRule{Resources:["nodes"], APIGroups:[""], Verbs:["get"]} PolicyRule{Resources:["services"], APIGroups:[""], Verbs:["get"]} PolicyRule{Resources:["services"], APIGroups:[""], Verbs:["list"]} PolicyRule{Resources:["services"], APIGroups:[""], Verbs:["update"]} PolicyRule{Resources:["services"], APIGroups:[""], Verbs:["watch"]} PolicyRule{Resources:["ingresses"], APIGroups:["extensions"], Verbs:["get"]} PolicyRule{Resources:["ingresses"], APIGroups:["extensions"], Verbs:["list"]} PolicyRule{Resources:["ingresses"], APIGroups:["extensions"], Verbs:["watch"]} PolicyRule{Resources:["events"], APIGroups:[""], Verbs:["create"]} PolicyRule{Resources:["events"], APIGroups:[""], Verbs:["patch"]} PolicyRule{Resources:["ingresses/status"], APIGroups:["extensions"], Verbs:["update"]}] user=&{system:serviceaccount:kube-system:default 5ddc4e18-5607-11e8-b434-0a58ac1f0fc5 [system:serviceaccounts system:serviceaccounts:kube-system system:authenticated] map[]} ownerrules=[] ruleResolutionErrors=[]

我正在使用最新的az cli,Helm和Ubuntu 16.04(Xenial Xerus)。

1 个答案:

答案 0 :(得分:6)

我刚刚克服了这一点。在我看来,现在可以在AKS上启用RBAC,但只是部分启用?我刚刚在5/11/18创建了我的集群。

我从这两个问题中取得了成果...... https://github.com/kubernetes/helm/issues/3985
https://github.com/jenkins-x/jx/issues/485 

10\.1\.41\.16(|[0-9])\b
相关问题
最新问题