Misconfigured cloud-controller-manager.yml (HA deployment that uses daemonset)

Question

Misconfigured cloud-controller-manager.yml (HA deployment that uses daemonset)

jekakm opened this issue 3 years ago · 1 comments

After deploying got errors:

E1119 10:01:56.059612       1 leaderelection.go:325] error retrieving resource lock kube-system/cloud-controller-manager: leases.coordination.k8s.io "cloud-controller-manager" is forbidden: User "system:serviceaccount:kube-system:cloud-controller-manager" cannot get resource "leases" in API group "coordination.k8s.io" in the namespace "kube-system"

So need to add more permissions to make it works:

- apiGroups:
  - "coordination.k8s.io"
  resources:
  - leases
  verbs:
  - create
  - get
  - list
  - watch
  - update

Answer 1 · 2022-02-12T15:20:32.000Z

I also saw this issue, will propose a PR