spring cloud kubernetes之serviceaccount permisson报错

spring boot项目引用spring-cloud-starter-kubernetes

        <dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-kubernetes</artifactId>
<version>1.0.0.RELEASE</version>
</dependency>

在访问this.discoveryClient.getServices()时,报错:Are you missing serviceaccount permission? 如下图:

spring cloud kubernetes之serviceaccount permisson报错

查看报错详细信息:Forbidden! configured service account doesn't have access. Service account may have been revoked pod *** is forbidden: User ""  cannt get pods in the namespace "default"

意思就是说这个kubernetes 的这个serviceaccount没有权限,怎么给serviceaccount赋权限呢?
这个叫涉及到了kubernetes这个clusterrolebing了,通过clusterrolebing 把serviceaccount和cluseterRole绑定,clusterRole里面和和具体来定义权限,不过这个工作应该交交运维来做,不属于开发的范围,

我们只需要在deployment的yaml中指定serviceaccount即可,如没有指定serviceaccount则是default:default,指的是default空间下的default这个serviceaccount.

注意serviceaccount与container同级。

参考:https://*.com/questions/47973570/kubernetes-log-user-systemserviceaccountdefaultdefault-cannot-get-services

上一篇:iOS- <项目笔记>iOS6 & iOS7屏幕图片适配


下一篇:【spring cloud】spring cloud打包最外层项目报错:'packaging' with value 'jar' is invalid. Aggregator projects require 'pom' as packaging. @ line 9, column 13