由于RBAC,无法在kubernetes集群上部署pachyderm
由于RBAC,无法在kubernetes集群上部署pachyderm
提问于 2018-12-28 17:49:34
我的目标是运行以下命令:
sudo pachctl deploy google ${BUCKET_NAME} ${STORAGE_SIZE} --dynamic-etcd-nodes=1我面临一个关于我拥有的权限的错误(最后发布)。因此,我想通过以下命令创建我的角色:
sudo kubectl create clusterrolebinding aviralsrivastava-cluster-admin-binding --clusterrole=cluster-admin --user=aviral@socialcops.com然而,上面的命令产生了一个错误:
Error from server (Forbidden): clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "aviral@socialcops.com" cannot create clusterrolebindings.rbac.authorization.k8s.io at the cluster scope: Required "container.clusterRoleBindings.create" permission.回答 1
Stack Overflow用户
回答已采纳
发布于 2018-12-28 18:27:36
您需要以cluster-admin的身份申请以下RBAC权限,为用户aviral@socialcops.com提供创建clusterRole和clusterRoleBinding的权限:
ClusterRole.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: prom-admin
rules:
# Just an example, feel free to change it
- apiGroups: [""]
resources: ["clusterRole", "clusterRoleBinding"]
verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]ClusterRoleBinding.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: prom-rbac
subjects:
- kind: User
name: aviral@socialcops.com
roleRef:
kind: ClusterRole
name: prom-admin
apiGroup: rbac.authorization.k8s.io页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/53956530
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号