1.15.2. 解决这个问题:未选择本地集群的故障排除

要解决这个问题,您需要在 local-cluster 命名空间中授予可部署的管理权限。完成以下步骤:

  1. 确认受管集群列表包含 local-cluster,且放置规则的 decisions 列表不显示本地集群。运行以下命令并查看结果:

    % oc get managedclusters
    NAME            HUB ACCEPTED   MANAGED CLUSTER URLS   JOINED   AVAILABLE   AGE
    local-cluster   true                                  True     True        56d
    cluster1        true                                  True     True        16h
    apiVersion: apps.open-cluster-management.io/v1
    kind: PlacementRule
    metadata:
      name: all-ready-clusters
      namespace: default
    spec:
      clusterSelector: {}
    status:
      decisions:
      - clusterName: cluster1
        clusterNamespace: cluster1
  2. .yaml 文件中创建一个 Role,以便在 local-cluster 命名空间中授予可部署资源的管理权限。请参见以下示例:

    apiVersion: rbac.authorization.k8s.io/v1
    kind: Role
    metadata:
      name: deployables-admin-user-zisis
      namespace: local-cluster
    rules:
    - apiGroups:
      - apps.open-cluster-management.io
      resources:
      - deployables
      verbs:
      - '*'
  3. 创建 RoleBinding 资源,向放置规则用户授予 local-cluster 命名空间的访问权限。请参见以下示例:

    apiVersion: rbac.authorization.k8s.io/v1
    kind: RoleBinding
    metadata:
      name: deployables-admin-user-zisis
      namespace: local-cluster
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: Role
      name: deployables-admin-user-zisis
      namespace: local-cluster
    subjects:
    - kind: User
      name: zisis
      apiGroup: rbac.authorization.k8s.io