我最近使用eksctl在EKS上创建了一个集群。 kubectl logs -f mypod-0陷入授权错误:
Error from server (InternalError): Internal error occurred: Authorization error (user=kube-apiserver-kubelet-client, verb=get, resource=nodes, subresource=proxy)
感谢任何建议和见解
您需要创建一个ClusterRoleBinding,其角色指向用户:kube-apiserver-kubelet-client
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubelet-api-admin
subjects:
- kind: User
name: kube-apiserver-kubelet-client
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: ClusterRole
name: system:kubelet-api-admin
apiGroup: rbac.authorization.k8s.io
kubelet-api-admin通常是具有必要权限的角色,但您可以使用apt角色替换它。