- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
Hello,
Kindly note that the error below can happen because an important ClusterRoleBinding does not exist:
"eks:addon-manager" cannot patch resource "namespaces" in API group "" in the namespace "kube-system""
Execute the following command and check if you are able to see the 2 ClusterRoleBinding in your EKS Cluster :
kubectl get clusterrolebinding -o wide | grep addon
eks:addon-cluster-admin ClusterRole/cluster-admin 3d21h eks:addon-manager
eks:addon-manager ClusterRole/eks:addon-manager 3d21h eks:addon-manager
If the eks:addon-cluster-admin is missing, you can use the following yaml to create it:
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: eks:addon-cluster-admin
subjects:
- kind: User
name: eks:addon-manager
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
---
Therefore, you can apply this yaml file to your EKS Cluster:
kubectl apply -f eks-addon-cluster-admin.yaml
The eks:addon-cluster-admin ClusterRoleBinding binds the cluster-admin ClusterRole to the eks:addon-manager Kubernetes identity. The role has the necessary permissions for the eks:addon-manager identity to create Kubernetes namespaces and install add-ons into namespaces. If the eks:addon-cluster-admin ClusterRoleBinding is removed, the Amazon EKS cluster continues to function, however Amazon EKS is no longer able to manage any add-ons.[1]
[1] - https://docs.aws.amazon.com/eks/latest/userguide/eks-add-ons.html
How you create EKS cluster? Via Console?
no, from CLI, is it different?
Relevanter Inhalt
AWS OFFICIALAktualisiert vor 8 Monaten- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr
Exact solution that fixed my cluster, thank you so much
yes, I miss eks:addon-cluster-admin. Thank you