vitessio/vitess-operator

deploying a cluster fails

Keithsc opened this issue · 5 comments

I am unable to deploy a vitess cluster on my bare metal k8s 14.1 cluster.

kubectl apply -R -f deploy
kubectl apply -f my-vitess.yaml

kubectl get pods -w
NAME READY STATUS RESTARTS AGE
vitess-operator-594f878667-gzs5w 1/1 Running 0 16m
vt-zone1-unsharded-dbname-0-replica-0 0/6 Init:CrashLoopBackOff 7 15m
vt-zone1-unsharded-dbname-0-replica-1 0/6 Init:CrashLoopBackOff 7 15m
vt-zone1-vtctld-5c8cb6f797-sh4vz 0/1 CrashLoopBackOff 7 15m
vt-zone1-vtgate-958f4b894-8lgbb 0/1 CrashLoopBackOff 7 15m
vt-zone1-vtgate-958f4b894-wjkh4 0/1 CrashLoopBackOff 7 15m
wordpress-operator-664b87b9c9-9j8r6 1/1 Running 0 43m

kubectl log vitess-operator-594f878667-gzs5w 100's of lines containing the following...
E0429 09:40:53.006233 1 reflector.go:134] sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go:196: Failed to list *v1.Job: jobs.batch is forbidden: User "system:serviceaccount:default:vitess-operator" cannot list resource "jobs" in API group "batch" in the namespace "default"

kubectl get jobs
No resources found.

kubectl get vitessclusters -o 'custom-columns=NAME:.metadata.name,READY:.status.phase'
NAME READY
vt

This is my first time trying to deploy Vitess so I am unsure what to try next.

That sounds like an RBAC problem. There's nothing here or in the helm charts yet around RBAC.

Your are right. The current applied role for the operator does not give it access to jobs. @derekperkins can you review PR #14?

@Keithsc you can manually edit the role and add the permissions if you don't want to wait for the PR to be merged:

kubectl  edit role vitess-operator

Add to following entry to the rules list:

- apiGroups:
  - batch
  resources:
  - jobs
  verbs:
  - '*'

Merged

@Keithsc can pull the latest code and run kubectl apply -R -f deploy? You may also need to delete and recreate the cluster resource.