我正在使用Python 并希望能够使用以下方法检查广告连播的状态:
kubernetes.client.CoreV1Api().read_namespaced_pod_status(name=name, namespace='default')
但这给了我一个禁止的403响应, 同时:
kubernetes.client.CoreV1Api().list_pod_for_all_namespaces()
工作正常。 我在ClusterRole中设置的权限如下所示:
rules:
- apiGroups: ["", "extensions"]
resources: ["pods", "services", "ingresses"]
verbs: ["get", "watch", "list", "create", "delete"]
那我需要做些什么修改才能使其正常工作?
答案 0 :(得分:1)
Pod的状态是[“ pod”]资源的子资源,因此必须为ClusterRole定义它,如下所示:
rules:
- apiGroups: ["", "extensions"]
resources: ["pods","pods/status" "services", "ingresses"]
verbs: ["get", "watch", "list", "create", "delete"]