我想创建一个允许oc port-forward在 OpenShift.com Online(kubectl port-forwardKubernetes 上的又名)上执行的服务帐户,但我一生都无法弄清楚我看到的众多角色中的哪一个oc get clusterrole允许这样做?(oc get role为空。)
error: error upgrading connection: pods "minecraft-storeys-maker-40-ps85h" is forbidden: User "system:serviceaccount:learn-study:oc-port-forward-container" cannot create pods/portforward in the namespace "learn-study": User "system:serviceaccount:learn-study:oc-port-forward-container" cannot create pods/portforward in project "learn-study"
因此,基于此错误消息,我尝试了“pods/portforward”,但效果不佳:
oc policy add-role-to-user pods/portforward -z oc-port-forward-container
Error from server (BadRequest): Name parameter invalid: "pods/portforward": may not contain '/'
也只是“前锋”是不好的:
oc policy add-role-to-user portforward -z oc-port-forward-container
Error from server (NotFound): rolebindings.authorization.openshift.io "portforward" not found
它适用于https://github.com/OASIS-learn-study/oc-port-forward-container。