现象:level=error ts=2022-06-15T02:35:42.621Z caller=klog.go:96 component=k8s_client_runtime func=ErrorDepth msg="pkg/mod/k8s.io/client-go@v0.20.5/tools/cache/reflector.go:167: Failed to watch *v1.Pod: failed to list *v1.Pod: pods is forbidden: User \"system:serviceaccount:monitoring:prometheus-k8s\" cannot list resource \"pods\" in API group \"\" in the namespace \"ingress-apisix\""
分析: 是由于集群权限问题导致,绑定集群角色(创建clusterrole,clusterrolebinding 不区分名称空间)
解决方法:
kubectl create clusterrolebinding system:serviceaccount:monitoring:prometheus-k8s --clusterrole=cluster-admin --user=system:serviceaccount:monitoring:prometheus-k8s