真题环境模拟

创建 namespace

kubectl create ns monitoring

创建 ServiceAccount

kubectl create sa service-account-web -n monitoring

创建 Role

# vim role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: monitoring
  name: web-role
rules:
- apiGroups: [""] # "" 标明 core API 组
  resources: ["pods"]
  verbs: ["get", "watch", "list"]
  
kubectl create -f role.yaml

创建 RoleBinding

kubectl create rolebinding pod-get-binding \
  --role=web-role \
  --serviceaccount=monitoring:service-account-web \
  -n monitoring

创建 Pod 所需 yaml

kubectl run dev-pod --image=nginx --dry-run=client -n monitoring -o yaml > dev-pod.yaml

编辑 dev-pod.yaml

# vim dev-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: dev-pod
  name: dev-pod
  namespace: monitoring
spec:
  serviceAccountName:service-account-web  # 添加此项配置
  containers:
  - image: nginx
    name: dev-pod
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}

创建 Pod

kubectl create -f dev-pod.yaml

Previous真题解析 Next真题解析2

Last updated 1 year ago

hashtag创建 namespace

hashtag创建 ServiceAccount

hashtag创建 Role

hashtag创建 RoleBinding

hashtag创建 Pod 所需 yaml

hashtag编辑 dev-pod.yaml

hashtag创建 Pod

创建 namespace

创建 ServiceAccount

创建 Role

创建 RoleBinding

创建 Pod 所需 yaml

编辑 dev-pod.yaml

创建 Pod