Fatal编程技术网
  • kubernetes/
  • 无法在Kubernetes环境中创建ALBIngressController

无法在Kubernetes环境中创建ALBIngressController

kubernetes

无法在Kubernetes环境中创建ALBIngressController,kubernetes,kubectl,aws-application-load-balancer,Kubernetes,Kubectl,Aws Application Load Balancer,我正在Kubernetes环境中创建一个应用程序负载平衡器(AWSALBIngressController-v1.1.6)。在创建时,由于某种原因,我得到了以下错误- E1111 06:02:13.117566 1 controller.go:217]kubebuilder/controller“msg”=“对账器错误”“错误”=“未能对账LB托管安全组:未能对账托管负载平衡器安全组:NoCredentialProviders:链中没有有效的提供程序。已弃用。\n\t有关详细消息,请参阅aws.

我正在Kubernetes环境中创建一个应用程序负载平衡器(AWSALBIngressController-v1.1.6)。在创建时,由于某种原因,我得到了以下错误-

E1111 06:02:13.117566 1 controller.go:217]kubebuilder/controller“msg”=“对账器错误”“错误”=“未能对账LB托管安全组:未能对账托管负载平衡器安全组:NoCredentialProviders:链中没有有效的提供程序。已弃用。\n\t有关详细消息,请参阅aws.Config.CredentialsChainVerboseErrors”“控制器”=“alb入口控制器”“请求”={“命名空间”:“sampleNamespace”,“名称”:“alb入口”}

以下是供参考的ALB配置文件-

ALB控制器部署文件-

---
# Application Load Balancer (ALB) Ingress Controller Deployment Manifest.
# This manifest details sensible defaults for deploying an ALB Ingress Controller.
# GitHub: https://github.com/kubernetes-sigs/aws-alb-ingress-controller
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/name: alb-ingress-controller
  name: alb-ingress-controller
  # Namespace the ALB Ingress Controller should run in. Does not impact which
  # namespaces it's able to resolve ingress resource for. For limiting ingress
  # namespace scope, see --watch-namespace.
  namespace: kube-system
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: alb-ingress-controller
  template:
    metadata:
      labels:
        app.kubernetes.io/name: alb-ingress-controller
    spec:
      containers:
        - name: alb-ingress-controller
          args:
            - --ingress-class=alb
            - --watch-namespace=sampleNamespace
            - --cluster-name=ckuster-xl
            - --aws-vpc-id=vpc-3d53e783
            - --aws-region=us-east-1
            - --default-tags=Name=tag1-xl-ALB,mgr=mgrname
          # newer version (v1.1.7) of the alb-ingress-controller image requires iam permission to wafv2
          # even when no wafv2 annotation is used
          image: docker.io/amazon/aws-alb-ingress-controller:v1.1.6
          resources:
            requests:

              cpu: 100m
              memory: 90Mi
            limits:
              cpu: 200m
              memory: 200Mi
      serviceAccountName: alb-ingress-controller
RBAC yaml文件-

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/name: alb-ingress-controller
  name: alb-ingress-controller
rules:
  - apiGroups:
      - ""
      - extensions
    resources:
      - configmaps
      - endpoints
      - events
      - ingresses
      - ingresses/status
      - services
    verbs:
      - create
      - get
      - list
      - update
      - watch
      - patch
  - apiGroups:
      - ""
      - extensions
    resources:
      - nodes
      - pods
      - secrets
      - services
      - namespaces
    verbs:
      - get
      - list
      - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    app.kubernetes.io/name: alb-ingress-controller
  name: alb-ingress-controller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: alb-ingress-controller
subjects:
  - kind: ServiceAccount
    name: alb-ingress-controller
    namespace: kube-system
我尝试了一些解决方案,比如在ALB部署文件中添加参数--aws api debug、--aws区域参数,以及在kiam服务器yaml文件中添加--auto discover base arn、--auto discover default role,但没有成功