0

我正在尝试在 Kubernetes 中建立命名空间“沙盒”,并且已经使用了好几天没有问题。今天我收到以下错误。
我已检查以确保我拥有所有必需的配置映射。

是否有日志或其他东西我可以找到它所指的内容?

panic: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable

我确实找到了这个(MountVolume.SetUp failed for volume "kube-api-access-fcz9j" : object "default"/"kube-root-ca.crt" not registered)线程并将以下补丁应用于我的服务帐户,但我仍然遇到同样的错误。

automountServiceAccountToken: false

更新:作为对@p10l 的回答,我在裸机集群版本 1.23.0 中工作。没有地形。

我越来越近了,但仍然不在那里。

这似乎是另一个 RBAC 问题,但该错误对我来说没有意义。

我有一个用户“dma”。我正在使用上下文 dma@kubernetes 在“沙盒”命名空间中运行工作流

现在的错误是

Create request failed: workflows.argoproj.io is forbidden: User "dma" cannot create resource "workflows" in API group "argoproj.io" in the namespace "sandbox"

但该用户确实似乎具有正确的权限。

这是 kubectl get role dma -n sandbox -o yaml 的输出

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"rbac.authorization.k8s.io/v1","kind":"Role","metadata":{"annotations":{},"name":"dma","namespace":"sandbox"},"rules":[{"apiGroups":["","apps","autoscaling","batch","extensions","policy","rbac.authorization.k8s.io","argoproj.io"],"resources":["pods","configmaps","deployments","events","pods","persistentvolumes","persistentvolumeclaims","services","workflows"],"verbs":["get","list","watch","create","update","patch","delete"]}]}
  creationTimestamp: "2021-12-21T19:41:38Z"
  name: dma
  namespace: sandbox
  resourceVersion: "1055045"
  uid: 94191881-895d-4457-9764-5db9b54cdb3f
rules:
- apiGroups:
  - ""
  - apps
  - autoscaling
  - batch
  - extensions
  - policy
  - rbac.authorization.k8s.io
  - argoproj.io
  - workflows.argoproj.io
  resources:
  - pods
  - configmaps
  - deployments
  - events
  - pods
  - persistentvolumes
  - persistentvolumeclaims
  - services
  - workflows
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete

这是 kubectl get rolebinding -n sandbox dma-sandbox-rolebinding -o yaml 的输出

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"rbac.authorization.k8s.io/v1","kind":"RoleBinding","metadata":{"annotations":{},"name":"dma-sandbox-rolebinding","namespace":"sandbox"},"roleRef":{"apiGroup":"rbac.authorization.k8s.io","kind":"Role","name":"dma"},"subjects":[{"kind":"ServiceAccount","name":"dma","namespace":"sandbox"}]}
  creationTimestamp: "2021-12-21T19:56:06Z"
  name: dma-sandbox-rolebinding
  namespace: sandbox
  resourceVersion: "1050593"
  uid: d4d53855-b5fc-4f29-8dbd-17f682cc91dd
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: dma
subjects:
- kind: ServiceAccount
  name: dma
  namespace: sandbox
4

1 回答 1

0

您描述的问题是一个重复出现的问题,在此处此处描述了您的集群缺少 KUBECONFIG 环境变量的情况。

首先,echo $KUBECONFIG在所有节点上运行以查看它是否为空。如果是,请在集群中查找配置文件,然后将其复制到所有节点,然后通过运行导出此变量export KUBECONFIG=/path/to/config。该文件通常可以~/.kube/config/ or 在主节点上的 /etc/kubernetes/admin.conf` 中找到。

让我知道,如果此解决方案适用于您的情况。

于 2021-12-22T08:37:42.437 回答