You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[datadog-operator] User "system:serviceaccount:system-datadog:datadog-cluster-agent" cannot list resource "datadogmetrics" in API group "datadoghq.com" at the cluster scope
#1561
Closed
adlord opened this issue
Oct 16, 2024
· 2 comments
Describe what happened:
We observed these logs in datadog-cluster-agent pod
2024-10-16 07:59:59 UTC | CLUSTER | WARN | ([email protected]/tools/cache/reflector.go:535 in list) | pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:229: failed to list datadoghq.com/v1alpha1, Resource=datadogmetrics: datadogmetrics.datadoghq.com is forbidden: User "system:serviceaccount:system-datadog:datadog-cluster-agent" cannot list resource "datadogmetrics" in API group "datadoghq.com" at the cluster scope │
2024-10-16 07:59:59 UTC | CLUSTER | ERROR | ([email protected]/pkg/util/runtime/runtime.go:115 in logError) | pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:229: Failed to watch datadoghq.com/v1alpha1, Resource=datadogmetrics: failed to list datadoghq.com/v1alpha1, Resource=datadogmetrics: datadogmetrics.datadoghq.com is forbidden: User "system:serviceaccount:system-datadog:datadog-cluster-agent" cannot list resource "datadogmetrics" in API group "datadoghq.com" at the cluster scope
indeed, datadog-cluster-agent clusterRole (binded with the system:serviceaccount:system-datadog:datadog-cluster-agent) do not deals with datadogmetrics
Describe what happened:
We observed these logs in datadog-cluster-agent pod
indeed, datadog-cluster-agent clusterRole (binded with the system:serviceaccount:system-datadog:datadog-cluster-agent) do not deals with datadogmetrics
Describe what you expected:
No error logs
Steps to reproduce the issue:
following the different step in https://arapulido.github.io/blog/2024/08/19/keda-cluster-agent/
and using Datadog Agent configuration :
Workaround :
use
datadog-operator service
account, as the corresponding clusterRole can interact with datadogmetricsUsed configuration of DatadogAgent :
Additional environment details (Operating System, Cloud provider, etc):
Datadog-operator chart version: datadog-operator-1.8.6
Cloud Provider : GCP
Kubernetes Cluster version : v1.30.5-gke.1014001
The text was updated successfully, but these errors were encountered: