我正在尝试使用 Helm Chart 安装 Sentry - https://github.com/sentry-kubernetes/charts/tree/develop/charts/sentry 我收到此错误 -
[]$ helm install sentry sentry/sentry -f values.yaml
coalesce.go:175: warning: skipped value for kafka.config: Not a table.
Error: INSTALLATION FAILED: rendered manifests contain a resource that already exists. Unable to continue with install: could not get information about the resource NetworkPolicy "sentry-kafka" in namespace "gopikab": networkpolicies.networking.k8s.io "sentry-kafka" is forbidden: User "system:serviceaccount:kube-system:gopikab" cannot get resource "networkpolicies" in API group "networking.k8s.io" in the namespace "gopikab"
我对图表进行模板化并获取输出。基于 helm 模板,我如何确定我需要哪些权限以及哪些角色和 api 组。
当我模板化图表时 - 这些是提到的角色和角色绑定 -
# Source: sentry/charts/rabbitmq/templates/role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: sentry-rabbitmq-endpoint-reader
namespace: "gopikab"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-11.16.2
app.kubernetes.io/instance: sentry
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: "3.11.18"
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create"]
---
# Source: sentry/charts/rabbitmq/templates/rolebinding.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: sentry-rabbitmq-endpoint-reader
namespace: "gopikab"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-11.16.2
app.kubernetes.io/instance: sentry
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: "3.11.18"
subjects:
- kind: ServiceAccount
name: sentry-rabbitmq
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: sentry-rabbitmq-endpoint-reader
---
也许您只需要访问权限即可查看网络策略。