![](/img/trans.png)
[英]No such file or directory: /etc/ssl/certs/example-cert.pem
[英]unexpected error storing fake SSL Cert: could not create PEM certificate
-------------------------------------------------------------------------------
NGINX Ingress controller
Release: 0.26.1
Build: git-2de5a893a
Repository: https://github.com/kubernetes/ingress-nginx
nginx version: openresty/1.15.8.2
-------------------------------------------------------------------------------
W0719 06:58:01.543840 6 flags.go:243] SSL certificate chain completion is disabled (--enable-ssl-chain-completion=false)
W0719 06:58:01.544045 6 client_config.go:541] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I0719 06:58:01.544341 6 main.go:182] Creating API client for https://10.233.0.1:443
I0719 06:58:01.558257 6 main.go:226] Running in Kubernetes cluster version v1.16 (v1.16.3) - git (clean) commit b3cbbae08ec52a7fc73d334838e18d17e8512749 - platform linux/amd64
F0719 06:58:01.857260 6 ssl.go:389] unexpected error storing fake SSL Cert: could not create PEM certificate file /etc/ingress-controller/ssl/default-fake-certificate.pem: open /etc/ingress-controller/ssl/default-fake-certificate.pem: permission denied
我是中国人,我会说一点英文。欢迎帮忙解答
MountVolume.SetUp 卷“ingress-nginx-token-w8mq2”失败:无法同步秘密缓存:等待条件超时
NAME READY STATUS RESTARTS AGE
ingress-nginx-controller-7p77g 1/1 Running 0 3h19m
ingress-nginx-controller-9cwzt 0/1 CrashLoopBackOff 2 12m
ingress-nginx-controller-qbww8 1/1 Running 0 3h19m
如果我正确理解您的问题,您可以通过在 yaml 文件的SecurityContext
中添加runAsUser
指令来解决它。 看例子yaml:
securityContext:
runAsUser: 1000
runAsGroup: 3000
fsGroup: 2000
fsGroupChangePolicy: "OnRootMismatch"
在这里你可以找到关于 Kuberenetes 安全上下文的完整指南。 您需要输入有权创建证书的用户 ID。
也可以看看:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.