deploying a cluster fails
Keithsc opened this issue · 5 comments
I am unable to deploy a vitess cluster on my bare metal k8s 14.1 cluster.
kubectl apply -R -f deploy
kubectl apply -f my-vitess.yaml
kubectl get pods -w
NAME READY STATUS RESTARTS AGE
vitess-operator-594f878667-gzs5w 1/1 Running 0 16m
vt-zone1-unsharded-dbname-0-replica-0 0/6 Init:CrashLoopBackOff 7 15m
vt-zone1-unsharded-dbname-0-replica-1 0/6 Init:CrashLoopBackOff 7 15m
vt-zone1-vtctld-5c8cb6f797-sh4vz 0/1 CrashLoopBackOff 7 15m
vt-zone1-vtgate-958f4b894-8lgbb 0/1 CrashLoopBackOff 7 15m
vt-zone1-vtgate-958f4b894-wjkh4 0/1 CrashLoopBackOff 7 15m
wordpress-operator-664b87b9c9-9j8r6 1/1 Running 0 43m
kubectl log vitess-operator-594f878667-gzs5w 100's of lines containing the following...
E0429 09:40:53.006233 1 reflector.go:134] sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go:196: Failed to list *v1.Job: jobs.batch is forbidden: User "system:serviceaccount:default:vitess-operator" cannot list resource "jobs" in API group "batch" in the namespace "default"
kubectl get jobs
No resources found.
kubectl get vitessclusters -o 'custom-columns=NAME:.metadata.name,READY:.status.phase'
NAME READY
vt
This is my first time trying to deploy Vitess so I am unsure what to try next.
That sounds like an RBAC problem. There's nothing here or in the helm charts yet around RBAC.
Your are right. The current applied role for the operator does not give it access to jobs. @derekperkins can you review PR #14?
@Keithsc you can manually edit the role and add the permissions if you don't want to wait for the PR to be merged:
kubectl edit role vitess-operator
Add to following entry to the rules list:
- apiGroups:
- batch
resources:
- jobs
verbs:
- '*'
Merged