kops incapazes de implementar o elb para o controlador de entrada

Question

kops incapazes de implementar o elb para o controlador de entrada

#1 resposta do (1 votos)

1

Não consigo implantar o ingresso nginx no kops 1.9 em aws com este

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/mandatory.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/aws/service-l4.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/aws/patch-configmap-l4.yaml

# kubectl describe svc  ingress-nginx -n ingress-nginx



Warning  CreatingLoadBalancerFailed  2s                service-controller  Error creating load balancer (will retry): failed to ensure load balancer for service ingress-nginx/ingress-nginx: AccessDenied: User: arn:aws:sts::605051368824:assumed-role/masters.play.domain.org/i-0372932f001403e37 is not authorized to perform: iam:CreateServiceLinkedRole on resource: arn:aws:iam::605051368824:role/aws-service-role/elasticloadbalancing.amazonaws.com/AWSServiceRoleForElasticLoadBalancing
           status code: 403, request id: b41a558a-9668-11e8-9265-3b1bdc7d9e74

aws kubernetes aws-elb

por Mohd 02.08.2018 / 17:33

1 resposta

Tags aws kubernetes aws-elb

SystemCallFilter aparentemente não foi levado em consideração Como dar a um tty um modo diferente de 640 e tê-lo persistindo durante a reinicialização

score 1 · Answer 1

Adicione isto à sua configuração de cluster:

spec:
  additionalPolicies:
    master: |
      [
        {
          "Effect": "Allow",
          "Action": "iam:CreateServiceLinkedRole",
          "Resource": "arn:aws:iam::*:role/aws-service-role/*"
         },
         {
           "Effect": "Allow",
           "Action": [
             "ec2:DescribeAccountAttributes",
             "ec2:DescribeInternetGateways"
            ],
           "Resource": "*"
         }
      ]