这是一个创建于 2498 天前的主题,其中的信息可能已经有所发展或是发生改变。
[root@centos7-node01 cfg]# /opt/kubernetes/bin/kubelet --logtostderr=true --v=4 --address=192.168.248.129 --hostname-override=192.168.248.129 --kubecOnfig=/opt/kubernetes/cfg/kubelet.kubeconfig --experimental-bootstrap-kubecOnfig=/opt/kubernetes/cfg/bootstrap.kubeconfig --cert-dir=/opt/kubernetes/ssl --allow-privileged=true --fail-swap-on=false --cluster-dns=10.10.10.2 --cluster-domain=cluster.local --pod-infra-container-image=registry.cn-hangzhou.aliyuncs/google_containers/pause-amd64:3.0 报错信息
I0129 05:41:06.946579 6235 bootstrap.go:58] Using bootstrap kubeconfig to generate TLS client cert, key and kubeconfig file error: failed to run Kubelet: cannot create certificate signing request: certificatesigningrequests.certificates.k8s.io is forbidden: User "kubelet-bootstrap" cannot create certificatesigningrequests.certificates.k8s.io at the cluster scope: clusterrole.rbac.authorization.k8s.io "system:node-bootstrap" not found master 上创建角色权限
[root@centos7-master .kube]# kubectl create clusterrolebinding kubelet-bootstrap --clusterrole=system:node-bootstrapper --user=kubelet-bootstrap Error from server (AlreadyExists): clusterrolebindings.rbac.authorization.k8s.io "kubelet-bootstrap" already exists [root@centos7-master .kube]# kubectl describe clusterrolebinding kubelet-bootstrap Name: kubelet-bootstrap Namespace: Labels: <none> Events: <none> 这个权限之前估计创建有误,但kubelet-bootstrap已占用,不知怎么修改的clusterrole这个值。
目前尚无回复
Select Language