Kubernetes-Jenkins插件-禁止:用户"system:anonymous"无法列出资源"pod"在API组中 [英] Kubernetes - Jenkins plugin - forbidden: User "system:anonymous" cannot list resource "pods" in API group

问题描述

我正在尝试通过(Kubernetes插件)将Jenkins连接到新的K8S集群，但是，在尝试测试时遇到以下错误.

I'm trying to connect Jenkins to a fresh K8S cluster via (Kubernetes plugin), however, I'm seeing the following error when I attempt to test.

然后我尝试将秘密文件添加到〜/.kube/config 的Jenkins凭证中，我看到此错误.

Then I have tried to add a secret file to Jenkins credentials of my ~/.kube/config I'm seeing this error.

k8s版本是1.15.4和Jenkins 2.190.1

有什么想法吗?

推荐答案

您需要对服务帐户令牌使用秘密文本"类型的凭据.按照提及的 Rodrigo Loza 创建服务帐户.示例创建了具有管理员权限的名称空间jenkins和服务帐户:

You need to use "Secret text" type of credentials with service account token. Create service account as Rodrigo Loza mentioned. Example creates namespace jenkins and service account with admin rights in it:

kubectl create namespace jenkins && kubectl create serviceaccount jenkins --namespace=jenkins && kubectl describe secret $(kubectl describe serviceaccount jenkins --namespace=jenkins | grep Token | awk '{print $2}') --namespace=jenkins && kubectl create rolebinding jenkins-admin-binding --clusterrole=admin --serviceaccount=jenkins:jenkins --namespace=jenkins

这篇关于Kubernetes-Jenkins插件-禁止:用户"system:anonymous"无法列出资源"pod"在API组中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！