一次k8s部署reids集群服务动态申请PV的错误记录

admin
2021-05-12 / 0 评论 / 123 阅读 / 正在检测是否收录...

通过Operator部署redis集群

通过使用动态申请PV,发现PVC状态为Pending,PV没有申请成功。

查看nfs-client-provisioner日志,发现rbac没有访问集群的权限

E0511 09:34:45.573101       1 reflector.go:205] github.com/kubernetes-incubator/external-storage/lib/controller/controller.go:668: Failed to list *v1.StorageClass: storageclasses.storage.k8s.io is forbidden: User "system:serviceaccount:default:nfs-client-provisioner" cannot list resource "storageclasses" in API group "storage.k8s.io" at the cluster scope

重新apply下nfs-rbac配置清单,发现在某个地方少了个ns的字段导致

[11:15:11root@k8s-master1 ~/redis/redis-cluster-operator]#kubectl apply -f deploy/cluster/nfs-rbac.yaml 
serviceaccount/nfs-client-provisioner unchanged
clusterrole.rbac.authorization.k8s.io/nfs-client-provisioner-runner unchanged
role.rbac.authorization.k8s.io/leader-locking-nfs-client-provisioner unchanged
rolebinding.rbac.authorization.k8s.io/leader-locking-nfs-client-provisioner unchanged
The ClusterRoleBinding "run-nfs-client-provisioner" is invalid: subjects[0].namespace: Required value

进行添加后,重新apply,再次观察集群,发现恢复正常

83920-za9toq2u5d.png

查看nfs存储服务器里的目录文件

22090-vzmxci0esdm.png

1

评论 (0)

取消