我在gce中有一个mongo数据库.(配置见下文)
当我将它部署到1.7.12-gke.1时 一切正常.这意味着边车解析了吊舱和链接
现在,当我将相同的配置部署到1.8.7-gke.1时,缺少列表pod的权限,请参见下文.
我不明白发生了什么变化.我假设我需要为用户帐户分配特定权限是吗?
我错过了什么?
错误日志
message: 'pods is forbidden: User "system:serviceaccount:default:default" cannot list pods at the cluster scope: Unknown user "system:serviceaccount:default:default"',
mongo-sidecar | Feb 28, 2018, 11:04:19 AM | status: 'Failure',
mongo-sidecar | Feb 28, 2018, 11:04:19 AM | metadata: {},
mongo-sidecar | Feb 28, 2018, 11:04:19 AM | apiVersion: 'v1',
mongo-sidecar | Feb 28, 2018, 11:04:19 AM | { kind: 'Status',
mongo-sidecar | Feb 28, 2018, 11:04:19 AM | message:
mongo-sidecar | Feb 28, …kubernetes google-kubernetes-engine kubernetes-security kubernetes-mongodb-sidecar
kubernetes ×1