Kubernetes 清单文件不会从 YML 转换为 JSON

Kubernetes Manifest file won't convert from YML to JSON

我已经创建了一个 Kubernetes 清单文件来创建服务帐户和角色。它是这样的:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: test-service-account
  namespace: test
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: read-only-api
rules:
  - apiGroups:
      - ""
    resources: ["*"]
    verbs:
      - get
      - list
      - watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: read-only-api
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: read-only-api
subjects:
  - kind: ServiceAccount
  name: test-service-account
  namespace: test

但是,当我尝试执行和应用清单时,出现此错误。我不确定我是否遇到缩进问题或其他问题。

error parsing service-account.yml: error converting YAML to JSON: yaml: line 10: did not find expected '-' indicator

非常感谢所有帮助。我试过来回缩进它,将“-”指示符添加到它抱怨的特定行 - 但随后我收到一条新的错误消息:

错误验证 "service-account.yml":错误验证数据:ValidationError(ClusterRole.metadata):io 类型无效。k8s.apimachinery.pkg.apis.meta。v1.ObjectMeta:得到 "array",预计 "map";如果您选择忽略这些错误,请使用 --validate=false

关闭验证

谢谢!

服务帐户 yaml 没问题

正确的 clusterrole 和 clusterrolebinding yaml 如下

apiVersion: v1
kind: ServiceAccount
metadata:
  name: test-service-account
  namespace: test
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: read-only-api
rules:
- apiGroups:
  - ""
  resources:
  - "*"
  verbs:
  - get
  - list
  - watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: read-only-api
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: read-only-api
subjects:
- kind: ServiceAccount
  name: test-service-account
  namespace: test
master $ kubectl create ns test
namespace/test created

serviceaccount/test-service-account created
clusterrole.rbac.authorization.k8s.io/read-only-api created
clusterrolebinding.rbac.authorization.k8s.io/read-only-api created