我在CentOS 7上使用最新版本的Kubernetes运行双节点群集。设置后似乎无能为力......
这是我想要从主服务器创建部署时遇到的错误:
Error from server (Forbidden): error when retrieving current configuration of:
&{0xc4204bc6c0 0xc420098150 default nginx-deployment https://k8s.io/docs/tasks/run-application/deployment.yaml 0xc423138760 false}
from server for: "https://k8s.io/docs/tasks/run-application/deployment.yaml": deployments.apps "nginx-deployment" is forbidden: User "system:node:workhorse1" cannot get deployments.apps in the namespace "default"
还试图弄乱用户创建和角色绑定,并发生此错误:
Error from server (Forbidden): clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "system:node:workhorse1" cannot create clusterrolebindings.rbac.authorization.k8s.io at the cluster scope
有什么想法吗?
答案 0 :(得分:0)
检查system:node:workhorse1的角色,并获取它的详细信息,我认为它不允许该节点访问deploy.apps资源。或者您可能使用Node Authorizatin来授权节点,Node只授权节点访问pod而不是部署。并且节点不会访问有关rbac的信息,因此您需要具有admin角色的用户来处理rbac规则。