我的工作负载需要在一天中的某些时间扩大/缩小一些部署。由于负载是可预测的,我不想花太多时间来设置 HPA,因为这完全是多余的。
我正在使用此服务帐户和角色来为 cronjob 分配正确的权限,但出乎意料的是,我在流程的扩展部分而不是权限上遇到了错误。
这是 ServiceAccount/Role/Binding yamls
apiVersion: v1
kind: ServiceAccount
metadata:
name: scaling-service-account
namespace: myspace
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: scaling-cluster-role
namespace: myspace
rules:
- apiGroups: ["apps"]
resources: ["deployments/scale"]
verbs: ["patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: scaling-cluster-role-binding
subjects:
- kind: ServiceAccount
name: scaling-service-account
namespace: myspace
roleRef:
kind: ClusterRole
name: scaling-cluster-role
apiGroup: rbac.authorization.k8s.io
这是我的定时任务:
apiVersion: batch/v1
kind: CronJob
metadata:
name: scale-up-job
namespace: myspace
spec:
schedule: "40 15 * * 1-5"
concurrencyPolicy: Forbid
failedJobsHistoryLimit: 1
successfulJobsHistoryLimit: 1
jobTemplate:
spec:
backoffLimit: 0
template:
spec:
containers:
- name: kubectl
image: bitnami/kubectl:latest
imagePullPolicy: IfNotPresent
args:
- scale
- deployment
- mydeployment
- --namespace=myspace
- --replicas=3
serviceAccountName: scaling-service-account
restartPolicy: Never
但是启动后,像图像这样的 pod 点的输出没有传递正确的参数或与权限部分完全分离的东西:
error: no objects passed to scale
有什么想法吗? :(
好的,我有。 如果有人有同样的问题,配置是:
rules:
- apiGroups: ["apps"]
resources: ["deployments", "deployments/scale"]
verbs: ["get", "update", "patch"]
我也有同样的问题。您能详细说明一下您的答案吗? 像这样将
deployment
作为上面的资源 deployment/scale
并不能解决问题:
rules:
- apiGroups: ["apps"]
resources: ["deployment"]
resources: ["deployments/scale"]
verbs: ["get", "update", "patch"]
我仍然明白
error: no objects passed to scale