Failed to get NodeFeature object
Opened this issue · 0 comments
What happened:
I installed the operator as documented in https://kubernetes-sigs.github.io/node-feature-discovery/master/deployment/operator.html#deployment
nfd-worker pods crashloop with the error:
E0722 15:19:28.024292 1 main.go:93] "error while running" err="failed to advertise features (via CRD API): failed to get NodeFeature object: nodefeatures.nfd.k8s-sigs.io \"ip-172-16-212-61.eu-west-1.compute.internal\" is forbidd │
│ en: User \"system:serviceaccount:nfd:nfd-worker\" cannot get resource \"nodefeatures\" in API group \"nfd.k8s-sigs.io\" in the namespace \"nfd\""
no errors in the nfd-controller-manager pod.
I've had to separately create a role/rolebinding to fix it. I was expecting this to be managed by the operator somehow. Maybe that's by design?
What you expected to happen:
nfd-worker not crashing or needing a separate role/rolebinding
How to reproduce it (as minimally and precisely as possible):
Install the operator as documented in https://kubernetes-sigs.github.io/node-feature-discovery/master/deployment/operator.html#deployment on EKS
Anything else we need to know?:
Environment:
- Kubernetes version (use
kubectl version): v1.28.9-eks-036c24b - Cloud provider or hardware configuration: EKS
- OS (e.g:
cat /etc/os-release): Amazon Linux 2 - Kernel (e.g.
uname -a): - Install tools:
- Network plugin and version (if this is a network-related bug):
- Others: