boz/kail

Namespaced deployment

Closed this issue · 2 comments

Hi.

i just trying to use this tool inside a k8spin.cloud namespace to collect all logs in my namespace.

I mean, i have a scenario where i have (almost full) permissions in my namespace but i have not cluster permissions.

As i understand if i pass --current-ns flag and/or -n flag to kail it will query for logs in my namespace.

But i see the following logs:

time="2019-10-07T13:55:25Z" level=error msg="client list: pods is forbidden: User \"system:serviceaccount:angelbarrerasanchez-gmail-com-registry:angelbarrerasanchez-gmail-com-registry\" cannot list resource \"pods\" in API group \"\" at the cluster scope" cmp=lister
time="2019-10-07T13:55:25Z" level=error msg="lister error: client list: pods is forbidden: User \"system:serviceaccount:angelbarrerasanchez-gmail-com-registry:angelbarrerasanchez-gmail-com-registry\" cannot list resource \"pods\" in API group \"\" at the cluster scope" cmp=controller

This makes me think that kail does not support namespaced deployment. Am i right?

This is the pod.yaml i am using:

apiVersion: v1
kind: Pod
metadata:
  labels:
    kail.ignore: "true"
  name: kail
  namespace: angelbarrerasanchez-gmail-com-registry
spec:
  serviceAccountName: angelbarrerasanchez-gmail-com-registry
  containers:
  - args:
    - --current-ns
    - -n
    - angelbarrerasanchez-gmail-com-registry
    - --log-level
    - debug
    image: abozanich/kail
    imagePullPolicy: Always
    name: kail
    resources:
      limits:
        cpu: 20m
        memory: 64Mi
      requests:
        cpu: 20m
        memory: 64Mi

Let me know if i can try anything different

Seems to be related to: #12

Fixed with #42