[英]How to install kubernetes / ingress-nginx using kubectl ? (not helm)
[英]Can not install nginx by using helm over kubernetes
我有kubernetes Cluster v1.10 over centos 7,裸机
helm version
Client: &version.Version{SemVer:"v2.11.0-rc.3", GitCommit:"28d295be2a94115b786ee277dffcc2b5483bde47", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.11.0-rc.3", GitCommit:"28d295be2a94115b786ee277dffcc2b5483bde47", GitTreeState:"clean"}
我正在尝试使用helm安装nginx
helm install stable/nginx-ingress --name nginx
它回来了
Error: release nginx failed:
clusterroles.rbac.authorization.k8s.io "nginx-nginx-ingress" is
forbidden: attempt to grant extra privileges:
[PolicyRule{APIGroups:[""], Resources:["configmaps"], Verbs:
["list"]} PolicyRule{APIGroups:[""], Resources:["configmaps"],
Verbs:["watch"]} PolicyRule{APIGroups:[""], Resources:
["endpoints"], Verbs:["list"]} PolicyRule{APIGroups:[""],
Resources:["endpoints"], Verbs:["watch"]} PolicyRule{APIGroups:
[""], Resources:["nodes"], Verbs:["list"]} PolicyRule{APIGroups:
[""], Resources:["nodes"], Verbs:["watch"]} PolicyRule{APIGroups:
[""], Resources:["pods"], Verbs:["list"]} PolicyRule{APIGroups:
[""], Resources:["pods"], Verbs:["watch"]} PolicyRule{APIGroups:
[""], Resources:["secrets"], Verbs:["list"]} PolicyRule{APIGroups:
[""], Resources:["secrets"], Verbs:["watch"]}
PolicyRule{APIGroups:[""], Resources:["nodes"], Verbs:["get"]}
PolicyRule{APIGroups:[""], Resources:["services"], Verbs:["get"]}
PolicyRule{APIGroups:[""], Resources:["services"], Verbs:["list"]}
PolicyRule{APIGroups:[""], Resources:["services"], Verbs:
["update"]} PolicyRule{APIGroups:[""], Resources:["services"],
Verbs:["watch"]} PolicyRule{APIGroups:["extensions"], Resources:
["ingresses"], Verbs:["get"]} PolicyRule{APIGroups:["extensions"],
Resources:["ingresses"], Verbs:["list"]} PolicyRule{APIGroups:
["extensions"], Resources:["ingresses"], Verbs:["watch"]}
PolicyRule{APIGroups:[""], Resources:["events"], Verbs:["create"]}
PolicyRule{APIGroups:[""], Resources:["events"], Verbs:["patch"]}
PolicyRule{APIGroups:["extensions"], Resources:
["ingresses/status"], Verbs:["update"]}] user=&
{system:serviceaccount:kube-system:default 8f248058-b684-11e8-
b781-daf0a0c10949 [system:serviceaccounts
system:serviceaccounts:kube-system system:authenticated] map[]}
ownerrules=[] ruleResolutionErrors=[]
我该如何解决这个问题?
谢谢你:D
由于kubectl apply -f
用于创建或更新资源,另一方面,Helm可以称为Kubernetes Package Manager。 您发布的解决方案是一个解决方法,因为问题是关于Helm而不是如何使用kubectl apply
创建资源。 添加--set rbac.create=false
表示您可能在没有RBAC支持的情况下部署了Tiller。 问题是,它是故意做的吗? 如果您没有打开RBAC授权,则可以继续使用--set rbac.create=false
; 如果您想要启用RBAC,则必须将Tiller服务帐户添加为cluster-admin
角色。
搜索后,我认为这是解决方案
helm install stable/nginx-ingress --name ingress --namespace kube-system --set rbac.create=false --set rbac.createRole=false --set rbac.createClusterRole=false
要么
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/mandatory.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/cloud-generic.yaml
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.