我正在创建一个角色,为具有
"v1" as apiversion.我已经创建了以下角色,但是当我将此角色与用户绑定时,该用户仍然没有运行权限
kubectl get noapiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: my-role
rules:
- apiGroups:
- "v1"
resources:
- "*"
verbs:
- "*"
请告诉我
apiGroups根据官方文档,从Kubernetes 1.8开始,可以使用
rbac.authorization.k8s.io/v1rbac.authorization.k8s.io/v1beta1如果您使用 Helm 图表组织项目服务,您可以考虑添加以下模板条件语句:
测试/模板/_helpers.tpl
{{/*
Return the appropriate apiVersion for rbac.
*/}}
{{- define "test.rbac.apiVersion" -}}
{{- if semverCompare "<1.8" .Capabilities.KubeVersion.GitVersion -}}
{{- print "rbac.authorization.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "rbac.authorization.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
测试/模板/rbac.yaml
apiVersion: {{ template "test.rbac.apiVersion" . }}
kind: ClusterRole
metadata:
creationTimestamp: null
name: my-role
rules:
- apiGroups:
- "v1"
resources:
- "*"
verbs:
- "*"