我正在Kind集群中运行操作员。我的开发机器运行 Docker for Mac 以运行该 Kind 集群。我的操作员功能之一是关于在正在运行的 Pod 中执行命令 - 类似于.kubectl exec
当操作员在 Linux 主机上没有 Kind ie k3s 运行时,我可以流式传输 Pod 的日志。像这样的东西:
--- start of exec pod logs ---
/home/ubuntu
--- end of exec pod logs ---
但是当它在 Kind 集群中运行时,我再也看不到 Pod 的日志了。我所看到的只是:
--- start of exec pod logs ---
--- end of exec pod logs ---
这是我的操作员代码(Go):
import (
"sigs.k8s.io/controller-runtime/pkg/client/config"
"k8s.io/client-go/tools/remotecommand"
"k8s.io/client-go/kubernetes"
"k8s.io/api/core/v1"
)
func performExec() error {
restConfig, err := config.GetConfig()
if err != nil {
return err
}
clientset, err := kubernetes.NewForConfig(restConfig)
if err != nil {
return err
}
cmd := []string{
"sh",
"-c",
"pwd",
}
// getting a pod for exec operation (execPod) here...
execPodName := execPod.Name
log.Printf("Running exec command in pod %s ...\n", execPodName)
req := clientset.CoreV1().RESTClient().Post().Resource("pods").Name(execPodName).
Namespace("default").SubResource("exec")
option := &v1.PodExecOptions{
Command: cmd,
Stdin: true,
Stdout: true,
Stderr: true,
TTY: true,
}
req.VersionedParams(
option,
scheme.ParameterCodec,
)
exec, err := remotecommand.NewSPDYExecutor(restConfig, "POST", req.URL())
if err != nil {
return err
}
fmt.Println("--- start of exec pod logs ---")
err = exec.Stream(remotecommand.StreamOptions{
Stdin: os.Stdin,
Stdout: os.Stdout,
Stderr: os.Stderr,
})
if err != nil {
return err
}
fmt.Println("--- end of exec pod logs ---")
return nil
}
这是我应用于两个集群的 RBAC:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: manager-role
rules:
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
我错过了什么?无论它是否在 Kind 上运行,如何使其工作?