kubernetes EKS无法创建永久卷

ve7v8dk2  于 2023-10-17  发布在  Kubernetes
关注(0)|答案(3)|浏览(115)

我正在部署prometheus,它需要持久卷(我也尝试过其他statefulset),但持久卷没有创建,持久卷clam在kubectl describe -n {namespace} {pvc-name}后显示流错误。

Type: Warning 

Reason: ProvisioningFailed

From: persistentvolume-controller

Message: (combined from similar events): Failed to provision volume with StorageClass "gp2": error querying for all zones: error listing AWS instances: "UnauthorizedOperation: You are not authorized to perform this operation.\n\tstatus code: 403, request id: d502ce90-8af0-4292-b872-ca04900d41dc"
kubectl get sc
NAME            PROVISIONER             AGE
gp2 (default)   kubernetes.io/aws-ebs   7d17h
kubectl describe sc gp2

Name:            gp2
IsDefaultClass:  Yes
Annotations:     kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"storage.k8s.io/v1","kind":"StorageClass","metadata":{"annotations":{"storageclass.kubernetes.io/is-default-class":"true"},"name":"gp2"},"parameters":{"fsType":"ext4","type":"gp2"},"provisioner":"kubernetes.io/aws-ebs","volumeBindingMode":"WaitForFirstConsumer"}
,storageclass.kubernetes.io/is-default-class=true
Provisioner:           kubernetes.io/aws-ebs
Parameters:            fsType=ext4,type=gp2
AllowVolumeExpansion:  <unset>
MountOptions:          <none>
ReclaimPolicy:         Delete
VolumeBindingMode:     WaitForFirstConsumer
Events:                <none>

K8s版本(aws eks):

Client Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.2", GitCommit:"c97fe5036ef3df2967d086711e6c0c405941e14b", GitTreeState:"clean", BuildDate:"2019-10-15T23:41:55Z", GoVersion:"go1.12.10", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"14+", GitVersion:"v1.14.8-eks-b7174d", GitCommit:"b7174db5ee0e30c94a0b9899c20ac980c0850fc8", GitTreeState:"clean", BuildDate:"2019-10-18T17:56:01Z", GoVersion:"go1.12.10", Compiler:"gc", Platform:"linux/amd64"}

舵式

version.BuildInfo{Version:"v3.0.0", GitCommit:"e29ce2a54e96cd02ccfce88bee4f58bb6e2a28b6", GitTreeState:"clean", GoVersion:"go1.13.4"}
uxh89sit

uxh89sit1#

我通过将AmazonEKSClusterPolicyAmazonEKSServicePolicy添加到eks集群角色解决了这个问题。

vnzz0bqm

vnzz0bqm2#

检查您的IAM策略,并确保您使用正确的访问密钥。还要检查IAM角色是否有权调配动态存储

uxhixvfz

uxhixvfz3#

截至2023年,有一个关于如何安装驱动程序作为附加组件的指南
https://docs.aws.amazon.com/eks/latest/userguide/managing-ebs-csi.html
我必须在EKS动态调配存储之前完成此操作。

相关问题