1.19.2. 解决问题: 未选择作为受管集群的故障排除本地集群

要解决这个问题,您需要在 local-cluster 命名空间中授予 managedcluster 管理权限。完成以下步骤:

  1. 确认受管集群列表包含 local-cluster,并且放置规则的 decisions 列表不显示 local-cluster。运行以下命令并查看结果:

    % oc get managedclusters

    请参阅 local-cluster 被加入的示例输出,但它不在 PlacementRule 的 YAML 中:

    NAME            HUB ACCEPTED   MANAGED CLUSTER URLS   JOINED   AVAILABLE   AGE
    local-cluster   true                                  True     True        56d
    cluster1        true                                  True     True        16h
    apiVersion: apps.open-cluster-management.io/v1
    kind: PlacementRule
    metadata:
      name: all-ready-clusters
      namespace: default
    spec:
      clusterSelector: {}
    status:
      decisions:
      - clusterName: cluster1
        clusterNamespace: cluster1
  2. 在 YAML 文件中创建一个 Role,以便在 local-cluster 命名空间中授予 managedcluster 管理权限。请参见以下示例:

    apiVersion: rbac.authorization.k8s.io/v1
    kind: Role
    metadata:
      name: managedcluster-admin-user-zisis
      namespace: local-cluster
    rules:
    - apiGroups:
      - cluster.open-cluster-management.io
      resources:
      - managedclusters
      verbs:
      - get
  3. 创建 RoleBinding 资源,向放置规则用户授予 local-cluster 命名空间的访问权限。请参见以下示例:

    apiVersion: rbac.authorization.k8s.io/v1
    kind: RoleBinding
    metadata:
      name: managedcluster-admin-user-zisis
      namespace: local-cluster
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: Role
      name: managedcluster-admin-user-zisis
      namespace: local-cluster
    subjects:
    - kind: User
      name: zisis
      apiGroup: rbac.authorization.k8s.io