# kubectl logs --tail=100 -f jerry-proxy-****
Error from server (InternalError): Internal error occurred: Authorization error (user=kube-apiserver, verb=get, resource=nodes, subresource=proxy)
上面的错误突然出现。
升级过程中添加了集群角色system:kubelet-api-admin,因此需要为kubelet-api用户添加集群角色绑定,以便通过kubectl日志访问日志。
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubelet-api-admin
subjects:
- kind: User
name: kubelet-api
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: ClusterRole
name: system:kubelet-api-admin
apiGroup: rbac.authorization.k8s.io
更多信息请参考此链接