真题环境模拟2

创建 namespace

kubectl create ns monitoring

创建 ServiceAccount

kubectl create sa test-sa-3 -n monitoring

创建 Role

# vim role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: monitoring
  name: web-role
rules:
- apiGroups: ["apps"] # "" 标明 core API 组
  resources: ["deployments"]
  verbs: ["create"]
  
kubectl create -f role.yaml

创建 RoleBinding

kubectl create rolebinding web-role-binding \
  --role=web-role \
  --serviceaccount=monitoring:test-sa-3 \
  -n monitoring

创建 Deployment 所需 yaml

kubectl create deploy nginx --image=nginx --dry-run=client -n monitoring -o yaml > nginx-deploy.yaml

编辑 nginx-deploy.yaml

# vim nginx-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: nginx
  name: nginx
  namespace: monitoring
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx
    spec:
      serviceAccountName: test-sa-3  # 添加此项
      containers:
      - image: nginx
        name: nginx
        resources: {}
status: {}

创建 Deployment

kubectl create -f nginx-deploy.yaml

Previous真题解析2 Next真题解析

Last updated 1 year ago