![](/img/trans.png)
[英]Unable to access the Kubernetes Dashboard on Google Cloud Platform
[英]Unable to initiate Kubernetes Federation in Google Cloud Platform
我正在嘗試設置kubernetes聯盟。 當我運行以下命令時,我得到一個錯誤:
# Set the project and domain name
export PROJECT=abc-9102-1sf
export DNS_ZONE=echo.examplefed.com.
# Create the clusters
gcloud container clusters create west-cluster --zone us-west1-c --scopes "cloud-platform,storage-ro,logging-write,monitoring-write,service-control,service-management,https://www.googleapis.com/auth/ndev.clouddns.readwrite" --preemptible &
gcloud container clusters create east-cluster --zone us-east1-b --scopes "cloud-platform,storage-ro,logging-write,monitoring-write,service-control,service-management,https://www.googleapis.com/auth/ndev.clouddns.readwrite" --preemptible &
# Workaround for RBAC error
# https://github.com/kubernetes/kubernetes/issues/42559
gcloud config set container/use_client_certificate True
export CLOUDSDK_CONTAINER_USE_CLIENT_CERTIFICATE=True
# Get credentials
gcloud container clusters get-credentials west-cluster --zone=us-west1-c
gcloud container clusters get-credentials east-cluster --zone=us-east1-b
# Aliases
kubectl config set-context east --cluster=gke_${PROJECT}_us-east1-b_east-cluster --user=gke_${PROJECT}_us-east1-b_east-cluster
kubectl config set-context west --cluster=gke_${PROJECT}_us-west1-c_west-cluster --user=gke_${PROJECT}_us-west1-c_west-cluster
# Initiate Federation. After this step I get the error.
kubefed init kfed --host-cluster-context=east --dns-zone-name=${DNS_ZONE} --dns-provider=google-clouddns
正在為聯邦系統組件創建名稱空間聯合系統...服務器錯誤(禁止):名稱空間被禁止:用戶“客戶端”無法在集群范圍內創建名稱空間:未知用戶“客戶端”。
kubefed和kubectl的版本是1.8.8:
gcp@user:~$ kubectl version
Client Version: version.Info{Major:"1", Minor:"8", GitVersion:"v1.8.8", GitCommit:"2f73858c9e6ede659d6828fe5a1862a48034a0fd", GitTreeState:"clean", BuildDate:"2018-02-09T21:30:57Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"8+", GitVersion:"v1.8.8-gke.0", GitCommit:"6e5b33a290a99c067003632e0fd6be0ead48b233", GitTreeState:"clean", BuildDate:"2018-02-16T18:26:58Z", GoVersion:"go1.8.3b4", Compiler:"gc", Platform:"linux/amd64"}
gcp@user:~$ kubefed version
Client Version: version.Info{Major:"1", Minor:"8", GitVersion:"v1.8.8", GitCommit:"2f73858c9e6ede659d6828fe5a1862a48034a0fd", GitTreeState:"clean", BuildDate:"2018-02-09T21:30:57Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"8+", GitVersion:"v1.8.8-gke.0", GitCommit:"6e5b33a290a99c067003632e0fd6be0ead48b233", GitTreeState:"clean", BuildDate:"2018-02-16T18:26:58Z", GoVersion:"go1.8.3b4", Compiler:"gc", Platform:"linux/amd64"}
在花了幾個小時之后,我設法使用以下命令對其進行了修復。 請注意,必須針對您擁有的每個上下文執行該操作:
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin --user $(gcloud config get-value account) --context east
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin --user $(gcloud config get-value account) --context west
並且不要運行此:
# Workaround for RBAC error
# https://github.com/kubernetes/kubernetes/issues/42559
gcloud config set container/use_client_certificate True
export CLOUDSDK_CONTAINER_USE_CLIENT_CERTIFICATE=True
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.