无法在K8S集群中创建Prometheus [英] Not able to create Prometheus in K8S cluster
问题描述
我正在尝试在我的K8S集群上安装Prometheus
I'm trying to install Prometheus on my K8S cluster
当我运行命令
kubectl get namespaces
我有以下命名空间:
default Active 26h
kube-public Active 26h
kube-system Active 26h
monitoring Active 153m
prod Active 5h49m
现在我想通过
helm install stable/prometheus --name prom -f k8s-values.yml
我得到了错误:
错误:发布prom-demo失败:名称空间默认"被禁止: 用户"system:serviceaccount:kube-system:default"无法获取资源 名称空间默认"中的API组"中的名称空间"
Error: release prom-demo failed: namespaces "default" is forbidden: User "system:serviceaccount:kube-system:default" cannot get resource "namespaces" in API group "" in the namespace "default"
即使我切换到monitoring ns,我仍然遇到相同的错误,
even if I switch to monitoring ns I got the same error,
k8s-values.yml如下所示
the k8s-values.yml look like following
rbac:
create: false
server:
name: server
service:
nodePort: 30002
type: NodePort
您知道这里可能缺少什么吗?
Any idea what could be missing here ?
推荐答案
由于在使用RBAC时没有授予正确的权限,因此出现此错误.
You are getting this error because you are using RBAC without giving the right permissions.
授予分till权限:
取自 https://github.com/helm/helm /blob/master/docs/rbac.md
Give the tiller permissions:
taken from https://github.com/helm/helm/blob/master/docs/rbac.md
示例:具有群集管理员角色的服务帐户 在rbac-config.yaml中:
Example: Service account with cluster-admin role In rbac-config.yaml:
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
注意:cluster-admin角色默认是在Kubernetes集群中创建的,因此您不必显式定义它.
$ kubectl create -f rbac-config.yaml
serviceaccount "tiller" created
clusterrolebinding "tiller" created
$ helm init --service-account tiller
为普罗米修斯创建服务帐户:
将rbac.create的值更改为true:
rbac:
create: true
server:
name: server
service:
nodePort: 30002
type: NodePort
这篇关于无法在K8S集群中创建Prometheus的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
