Kubernetes清单文件不会从YML转换为JSON

时间:2019-08-21 09:30:51

标签: docker kubernetes docker-for-mac

我已经创建了一个Kubernetes清单文件来创建服务帐户和角色。看起来是这样:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: test-service-account
  namespace: test
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: read-only-api
rules:
  - apiGroups:
      - ""
    resources: ["*"]
    verbs:
      - get
      - list
      - watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: read-only-api
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: read-only-api
subjects:
  - kind: ServiceAccount
  name: test-service-account
  namespace: test

但是,当我尝试执行和应用清单时,出现此错误。我不确定缩进或其他问题。

解析service-account.yml时出错:将YAML转换为JSON时出错:yaml:第10行:未找到预期的“-”指示符

非常感谢所有帮助。我尝试来回缩进,将“-”指示符添加到它抱怨的特定行中,但是随后我收到一条新的错误消息:

错误验证“ service-account.yml”:错误验证数据:ValidationError(ClusterRole.metadata):io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta的类型无效:得到了“数组” ,预期的“地图”;如果您选择忽略这些错误,请使用--validate = false

关闭验证

谢谢!

1 个答案:

答案 0 :(得分:1)

服务帐户yaml很好

如下所示正确的clusterrole和clusterrolebinding yaml 

apiVersion: v1
kind: ServiceAccount
metadata:
  name: test-service-account
  namespace: test
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: read-only-api
rules:
- apiGroups:
  - ""
  resources:
  - "*"
  verbs:
  - get
  - list
  - watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: read-only-api
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: read-only-api
subjects:
- kind: ServiceAccount
  name: test-service-account
  namespace: test

master $ kubectl create ns test
namespace/test created

serviceaccount/test-service-account created
clusterrole.rbac.authorization.k8s.io/read-only-api created
clusterrolebinding.rbac.authorization.k8s.io/read-only-api created
相关问题
最新问题