无法在Kubernetes环境中创建ALBIngressController
我正在Kubernetes环境中创建一个应用程序负载平衡器(AWSALBIngressController-v1.1.6)。在创建时,由于某种原因,我得到了以下错误- E1111 06:02:13.117566 1 controller.go:217]kubebuilder/controller“msg”=“对账器错误”“错误”=“未能对账LB托管安全组:未能对账托管负载平衡器安全组:NoCredentialProviders:链中没有有效的提供程序。已弃用。\n\t有关详细消息,请参阅aws.Config.CredentialsChainVerboseErrors”“控制器”=“alb入口控制器”“请求”={“命名空间”:“sampleNamespace”,“名称”:“alb入口”} 以下是供参考的ALB配置文件- ALB控制器部署文件-无法在Kubernetes环境中创建ALBIngressController,kubernetes,kubectl,aws-application-load-balancer,Kubernetes,Kubectl,Aws Application Load Balancer,我正在Kubernetes环境中创建一个应用程序负载平衡器(AWSALBIngressController-v1.1.6)。在创建时,由于某种原因,我得到了以下错误- E1111 06:02:13.117566 1 controller.go:217]kubebuilder/controller“msg”=“对账器错误”“错误”=“未能对账LB托管安全组:未能对账托管负载平衡器安全组:NoCredentialProviders:链中没有有效的提供程序。已弃用。\n\t有关详细消息,请参阅aws.
---
# Application Load Balancer (ALB) Ingress Controller Deployment Manifest.
# This manifest details sensible defaults for deploying an ALB Ingress Controller.
# GitHub: https://github.com/kubernetes-sigs/aws-alb-ingress-controller
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/name: alb-ingress-controller
name: alb-ingress-controller
# Namespace the ALB Ingress Controller should run in. Does not impact which
# namespaces it's able to resolve ingress resource for. For limiting ingress
# namespace scope, see --watch-namespace.
namespace: kube-system
spec:
selector:
matchLabels:
app.kubernetes.io/name: alb-ingress-controller
template:
metadata:
labels:
app.kubernetes.io/name: alb-ingress-controller
spec:
containers:
- name: alb-ingress-controller
args:
- --ingress-class=alb
- --watch-namespace=sampleNamespace
- --cluster-name=ckuster-xl
- --aws-vpc-id=vpc-3d53e783
- --aws-region=us-east-1
- --default-tags=Name=tag1-xl-ALB,mgr=mgrname
# newer version (v1.1.7) of the alb-ingress-controller image requires iam permission to wafv2
# even when no wafv2 annotation is used
image: docker.io/amazon/aws-alb-ingress-controller:v1.1.6
resources:
requests:
cpu: 100m
memory: 90Mi
limits:
cpu: 200m
memory: 200Mi
serviceAccountName: alb-ingress-controller
RBAC yaml文件-
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: alb-ingress-controller
name: alb-ingress-controller
rules:
- apiGroups:
- ""
- extensions
resources:
- configmaps
- endpoints
- events
- ingresses
- ingresses/status
- services
verbs:
- create
- get
- list
- update
- watch
- patch
- apiGroups:
- ""
- extensions
resources:
- nodes
- pods
- secrets
- services
- namespaces
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: alb-ingress-controller
name: alb-ingress-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: alb-ingress-controller
subjects:
- kind: ServiceAccount
name: alb-ingress-controller
namespace: kube-system
我尝试了一些解决方案,比如在ALB部署文件中添加参数--aws api debug、--aws区域参数,以及在kiam服务器yaml文件中添加--auto discover base arn、--auto discover default role,但没有成功