Error in Kubernetes when not use helm-chart or operator
Tob1as opened this issue ยท 2 comments
Hello,
i only want deploy VerneMQ in kubernetes with simple deployment without helm-chart or operator (with serviceaccount and something).
But i get an error on startup:
Permission error: Cannot access URL apis/apps/v1/namespaces/MY-NAMESPACE/statefulsets/null: "Forbidden"
403
"statefulsets.apps \"null\" is forbidden: User \"system:serviceaccount:MY-NAMESPACE:MY-NAMESPACE\" cannot get resource \"statefulsets\" in API group \"apps\" in the namespace \"MY-NAMESPACE\""
I think the "problem" begin with this line:
if [ -d "${SECRETS_KUBERNETES_DIR}" ] ; then # SECRETS_KUBERNETES_DIR="/var/run/secrets/kubernetes.io/serviceaccount"in File: https://github.com/vernemq/docker-vernemq/blob/1.13.0/bin/vernemq.sh#L264-L287
With a workarround in my deployment it start:
args: ["/bin/sh", "-c", "cp /usr/sbin/start_vernemq /vernemq/start_vernemq ; sed -i 's|/var/run/secrets/kubernetes.io/serviceaccount|/var/run/secrets/kubernetes.io/serviceaccount_not-need|g' /vernemq/start_vernemq ; /vernemq/start_vernemq"]But i think, this is not a good solution.
Is there a possibility to solve this better?
@Tob1as thanks, hm, we check whether we are on Kubernetes there.
Would you say what you are trying to do is to be considered a stardard setup and should be possible/supported?
๐ Thank you for supporting VerneMQ: https://github.com/sponsors/vernemq
๐ Using the binary VerneMQ packages commercially (.deb/.rpm/Docker) requires a paid subscription.
I think it is only interesting for private and/or small clusters (with limited resources) or for tests with MQTT.
For larger clusters user should already use helm or operator for scaling.
I just wanted to ask. ๐ For me my solution seems to work, I could not find any disadvantage yet.