我正在努力用kubernetes提供程序创建名称空间。
这是我正在使用的简单terraform代码:
provider "kubernetes" {
host = "https://ocp-test-1.srv.xxxx.it:8443"
username = "admin"
password = "admin"
load_config_file = "false" # when you wish not to load the local config file
}
resource "kubernetes_namespace" "gfexample" {
metadata {
annotations = {
name = "exampleannotation"
}
labels = {
mylabel = "labelvalue"
}
name = "terraformspace"
}
}
这是错误:
kubernetes_namespace.gfexample: Creating...
Error: namespaces is forbidden: User "system:anonymous" cannot create namespaces at the cluster scope: no RBAC policy matched
on create_nm.tf line 14, in resource "kubernetes_namespace" "gfexample":
14: resource "kubernetes_namespace" "gfexample" {
任何建议都会受到欢迎。
吉安·菲利波
最后我找到了解决方法:
client_certificate = file(“ / terraform / certificates / admin.crt”) client_key = file(“ / terraform / certificates / admin.key”) cluster_ca_certificate = file(“ / terraform / certificates / ca.crt”)
这很好。我在/ etc / origin / master下找到了上面提到的证书(我正在运行Openshift 3.11)