I have an error while running jobs with GItLab CI/CD kubernetes executor within the cluster
Question
错误:作业失败(系统故障):禁止 pods:用户“system:serviceaccount:gitlab:gitlab-admin”无法在命名空间“gitlab”中的 API 组“”中创建资源“pods”
1 answers
solution1
2 2020-02-27 14:40:01
From the looks of it, because you did not provided enough information I would say that your RBAC is incorrectly configure. I would advice to read following Kubernetes documentation regarding Managing Service Accounts and Configure Service Accounts for Pods .
If I'm not mistaken this command should fix it:
kubectl create clusterrolebinding gitlab-cluster-admin --clusterrole=cluster-admin --group=system:serviceaccounts --namespace=gitlab
If not then you will need to edit your Role and ClusterRole with something like the following:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: gitlab
name: gitlab-admin
rules:
- apiGroups: [""] # "" indicates the core API group
resources: ["pods"]
verbs: ["create", "get", "watch", "list"]
This is an example and you should make changes to better suit your needs.
If you provide more details I'll try to help you further.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.