我收到以下错误消息:
<块引用>用户“system:serviceaccount:qserv:argo-workflow”无法在命名空间“qserv”的API组“batch”中创建资源“jobs”
这是相关的Role:
kubectl describe role argo-workflows-workflow
Name: argo-workflows-workflow
Labels: app.kubernetes.io/managed-by=Helm
Annotations: meta.helm.sh/release-name: argo-workflows
meta.helm.sh/release-namespace: qserv
PolicyRule:
Resources Non-Resource URLs Resource Names Verbs
--------- ----------------- -------------- -----
pods [] [] [get watch patch]
pods/log [] [] [get watch]
能否提供正确的 kubectl patch 命令以允许 argo-workflows-workflow 角色创建 Jobs?
答案 0 :(得分:1)
此命令完成工作并允许成功运行 argo 工作流:
kubectl patch roles.rbac.authorization.k8s.io argo-workflows-workflow --type='json' -p='[{"op": "add", "path": "/rules/-", "value": {"apiGroups": ["batch"],"resources": ["jobs"],"verbs": ["create", "get", "watch"]} }]