kubernetes nginx 入口控制器错误
[英]kubernetes nginx ingress controller error
问题描述
I'm using google kubenretes engine.
我正在使用谷歌 kubenretes 引擎。 My cluster node version is 1.7.我的集群节点版本是 1.7。 Since that version became unsupported by Google cloud for creating new cluster, I need to use 1.8 or 1.9.由于 Google Cloud 不支持该版本来创建新集群,因此我需要使用 1.8 或 1.9。 I'm having issues implimenting my nginx-ingress-controller yaml file at the new versioned cluster but I keep getting this error :我在新版本化集群中使用 nginx-ingress-controller yaml 文件时遇到问题,但我不断收到此错误:
Using build: https://github.com/bprashanth/contrib.git - git-92b2bac when using gcr.io/google_containers/nginx-ingress-controller:0.8.3
and this error when using quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0使用 quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 时出现此错误
It seems the cluster it is running with Authorization enabled (like RBAC) and there is no permissions for the ingress controller. Please check the configuration
here is my my nginx-ingress-controller file这是我的 nginx-ingress-controller 文件
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
labels:
k8s-app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
protocol: TCP
name: http
selector:
k8s-app: default-http-backend
---
apiVersion: v1
kind: ReplicationController
metadata:
name: default-http-backend
spec:
replicas: 1
selector:
k8s-app: default-http-backend
template:
metadata:
labels:
k8s-app: default-http-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
# Any image is permissable as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: gcr.io/google_containers/defaultbackend:1.0
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
apiVersion: v1
kind: ReplicationController
metadata:
name: nginx-ingress-controller
labels:
k8s-app: nginx-ingress-lb
spec:
replicas: 1
selector:
k8s-app: nginx-ingress-lb
template:
metadata:
labels:
k8s-app: nginx-ingress-lb
name: nginx-ingress-lb
spec:
terminationGracePeriodSeconds: 60
containers:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb
imagePullPolicy: Always
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 1
# use downward API
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: 80
hostPort: 80
- containerPort: 443
hostPort: 443
# we expose 18080 to access nginx stats in url /nginx-status
# this is optional
- containerPort: 18080
hostPort: 18080
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
- --nginx-configmap=$(POD_NAMESPACE)/nginx-ingress-cfg
- --watch-namespace=production
1 个解决方案
解决方案1
0 2020-10-19 11:37:21
When running on GKE (Google Kubernetes Engine), you may encounter a 'permission denied' error when creating some of these resources.在 GKE (Google Kubernetes Engine) 上运行时,您可能会在创建其中一些资源时遇到“权限被拒绝”错误。 This is a nuance of the way GKE handles RBAC and IAM permissions, and as such you should 'elevate' your own privileges to that of a 'cluster-admin' before running the above command.这是 GKE 处理 RBAC 和 IAM 权限方式的细微差别,因此您应该在运行上述命令之前将自己的权限“提升”为“集群管理员”的权限。 If you have already run the above command, you should run them again after elevating your permissions.如果你已经运行了上面的命令,你应该在提升你的权限后再次运行它们。
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole=cluster-admin \
--user=$(gcloud config get-value core/account)
try hitting this command and then apply the files尝试点击此命令,然后应用文件
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.