I have tried to run this YAML fine, but I am getting the below issue 1 master 2
nodes has been configured and I ran kubectl get nodes output looks fine
kubectl apply -f https://k8s.io/examples/application/deployment.yaml
then I have downloaded the file locally and tried, but again same error
Error
from server (Forbidden) :
deployments.extensions "nginx-deployment" is forbidden: User "system:node:master" cannot get deployments.extensions in the namespace "default" root@master:~#
Please assist me to resolve the issue
This is a RBAC restriction about which you can read on Kubernetes - Using RBAC Authorization docs.
You want to create your own ServiceAccount
then Role
and then bind them together using RoleBinding
.
ServiceAccount example
apiVersion: v1
kind: ServiceAccount
metadata:
name: some-name
namespace: my-name
Role example
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: some-name
namespace: my-name
rules:
- apiGroups: ["extensions"]
resources: ["deployments"]
verbs: ["get","list","patch","update"]
RoleBinding example
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: some-name
namespace: my-name
subjects:
- kind: ServiceAccount
name: some-name
namespace: my-name
roleRef:
kind: Role
name: some-name
apiGroup: rbac.authorization.k8s.io
There are examples online which you can find.