automation-suite
2023.10
false
UiPath logo, featuring letters U and I in white
EKS/AKS 上的 Automation Suite 安装指南
Last updated 2024年11月21日

配置 Automation Suite Robot 失败

描述

将 Azure 文件与 NFS 协议一起使用时,故障主要发生在已启用 FIPS 的节点上。

在 AKS 上安装 Automation Suite 期间,为 Automation Suite Robot asrobots-pvc-package-cache 创建 PVC 失败。

潜在问题

发生这种情况是因为 AKS 集群无法连接到 Azure 文件。

例如,可能会显示以下错误消息:

failed to provision volume with StorageClass "azurefile-csi-nfs": rpc error: code = Internal desc = update service endpoints failed with error: failed to get the subnet ci-asaks4421698 under vnet ci-asaks4421698: &{false 403 0001-01-01 00:00:00 +0000 UTC {"error":{"code":"AuthorizationFailed","message":"The client '4c200854-2a79-4893-9432-3111795beea0' with object id '4c200854-2a79-4893-9432-3111795beea0' does not have authorization to perform action 'Microsoft.Network/virtualNetworks/subnets/read' over scope '/subscriptions/64fdac10-935b-40e6-bf28-f7dc093f7f76/resourceGroups/ci-asaks4421698/providers/Microsoft.Network/virtualNetworks/ci-asaks4421698/subnets/ci-asaks4421698' or the scope is invalid. If access was recently granted, please refresh your credentials."}}}failed to provision volume with StorageClass "azurefile-csi-nfs": rpc error: code = Internal desc = update service endpoints failed with error: failed to get the subnet ci-asaks4421698 under vnet ci-asaks4421698: &{false 403 0001-01-01 00:00:00 +0000 UTC {"error":{"code":"AuthorizationFailed","message":"The client '4c200854-2a79-4893-9432-3111795beea0' with object id '4c200854-2a79-4893-9432-3111795beea0' does not have authorization to perform action 'Microsoft.Network/virtualNetworks/subnets/read' over scope '/subscriptions/64fdac10-935b-40e6-bf28-f7dc093f7f76/resourceGroups/ci-asaks4421698/providers/Microsoft.Network/virtualNetworks/ci-asaks4421698/subnets/ci-asaks4421698' or the scope is invalid. If access was recently granted, please refresh your credentials."}}}

解决方案

要解决此问题,您需要向 Automation Suite 授予对 Azure 资源的访问权限

  1. 在 Azure 中,导航到 AKS 资源组,然后打开所需的虚拟网络页面。例如,在本例中,虚拟网络为 ci-asaks4421698
  2. 从“子网”列表中,选择所需的子网。例如,在本例中,子网为 ci-asaks4421698
  3. 在子网列表顶部,单击“管理用户”。“访问控制”页面将打开。
  4. 单击“添加角色分配”
  5. 搜索“网络参与者”角色。
  6. 选择“托管身份”
  7. 切换到“成员”选项卡。
  8. 选择“托管身份”,然后选择“Kubernetes 服务”
  9. 选择 AKS 集群的名称。
  10. 单击“审核并分配”
  • 描述
  • 潜在问题
  • 解决方案

此页面有帮助吗?

获取您需要的帮助
了解 RPA - 自动化课程
UiPath Community 论坛
Uipath Logo White
信任与安全
© 2005-2024 UiPath。保留所有权利。