问题描述
在kubernetes升级之后,我们面临着无法对kubernetes做任何事情的问题。
起初我们得到You must be logged in to the server (Unauthorized),但是我找到了解决方法
kubeadm alpha kubeconfig user --org system:nodes --client-name system:node:$(hostname) > /etc/kubernetes/kubelet.conf
cp /etc/kubernetes/kubelet.conf ~/.kube/config
cp /etc/kubernetes/kubelet.conf /etc/kubernetes/bootstrap-kubelet.conf
systemctl restart kubelet
所以现在我们可以列出节点,所有吊舱,但不能创建名称空间,clusterroles,检查apiserver等。
[root@foo.example ~]# kubectl get roles,rolebindings,clusterroles
Error from server (Forbidden): roles.rbac.authorization.k8s.io is forbidden: User "system:node:foo.example" cannot list resource "roles" in API group "rbac.authorization.k8s.io" in the namespace "default"
Error from server (Forbidden): rolebindings.rbac.authorization.k8s.io is forbidden: User "system:node:foo.example" cannot list resource "rolebindings" in API group "rbac.authorization.k8s.io" in the namespace "default"
Error from server (Forbidden): clusterroles.rbac.authorization.k8s.io is forbidden: User "system:node:foo.example" cannot list resource "clusterroles" in API group "rbac.authorization.k8s.io" at the cluster scope
试图续订证书,但仍然出现相同的错误。我无法重新安装kubernetes集群,因为它正在生产中。我们在kubernetes上运行
Kubernetes版本:v1.17.9
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)