将kubernetes yaml转换为kubectl cli命令
[英]convert kubernetes yaml to kubectl cli command
问题描述
kubectl I am looking for a single command or maybe combination of commands for the following yaml file 
kubectl我要寻找一个单一的命令或也许命令组合的以下YAML文件
---
#
# Create a role, `pod-reader`, that can list pods and
# bind the default service account in the `mynamespace` namespace
# to that role.
#
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: pod-reader
namespace: mynamespace
rules:
- apiGroups: [""] # "" indicates the core API group
resources: ["pods"]
verbs: ["get", "watch", "list"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: read-pods
namespace: mynamespace
subjects:
- kind: Group
name: system:serviceaccounts:mynamespace
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: Role
name: pod-reader
apiGroup: rbac.authorization.k8s.io
So pretty much create a namespace that can get, watch and list pods 因此,几乎可以创建一个可以获取,监视和列出Pod的命名空间。
1 个解决方案
解决方案1
4 已采纳 2018-04-23 09:32:27
This assumes the namespace and service account are already created: 假设已经创建了名称空间和服务帐户:
$ kubectl create namespace mynamespace
$ kubectl create serviceaccount mysa -n mynamespace
Create the role with: 使用以下方法创建角色:
$ kubectl create role pod-reader --namespace=mynamespace \
--verb=get,list,watch \
--resource=pods \
Create the rolebinding with: 使用以下方法创建角色绑定:
$ kubectl create rolebinding read-pods --namespace=mynamespace \
--role=pod-reader \
--group=system:serviceaccounts:mynamespace
Tip: if you want to preview the generated YAML rather than actually creating the resource, append --dry-run=true -o=yaml to the commands. 提示:如果要预览生成的YAML而不是实际创建资源,请在命令后附加--dry-run=true -o=yaml 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.