Skip to content
This repository has been archived by the owner on Jan 4, 2022. It is now read-only.

Problem to run operator tomcat #7

Open
u650080 opened this issue Aug 18, 2021 · 1 comment
Open

Problem to run operator tomcat #7

u650080 opened this issue Aug 18, 2021 · 1 comment

Comments

@u650080
Copy link

u650080 commented Aug 18, 2021

When I tried to deploy the tomcat-operator, we saw this problem in the operator pod
Exception in thread "main" io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET at: https://10.233.0.1/apis/apiextensions.k8s.io/v1/customresourcedefinitions/tomcats.tomcatoperator.io. Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked. customresourcedefinitions.apiextensions.k8s.io "tomcats.tomcatoperator.io" is forbidden: User "system:serviceaccount:tomcat-operator:tomcat-operator" cannot get resource "customresourcedefinitions" in API group "apiextensions.k8s.io" at the cluster scope.
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.requestFailure(OperationSupport.java:583)
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.assertResponseCode(OperationSupport.java:520)
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleResponse(OperationSupport.java:487)
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleResponse(OperationSupport.java:448)
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleGet(OperationSupport.java:415)
at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleGet(OperationSupport.java:397)
at io.fabric8.kubernetes.client.dsl.base.BaseOperation.handleGet(BaseOperation.java:924)
at io.fabric8.kubernetes.client.dsl.base.BaseOperation.getMandatory(BaseOperation.java:219)
at io.fabric8.kubernetes.client.dsl.base.BaseOperation.get(BaseOperation.java:185)
at io.fabric8.kubernetes.client.dsl.base.BaseOperation.get(BaseOperation.java:86)
at io.javaoperatorsdk.operator.Operator.register(Operator.java:146)
at io.javaoperatorsdk.operator.Operator.register(Operator.java:97)
at io.javaoperatorsdk.operator.sample.TomcatOperator.main(TomcatOperator.java:29)

I used minikube 1.22.0 (client kubectl 1.21.3 and server 1.21.2)
and other system client kubectl 1.16.3 and server 1.16.3
@u650080
Copy link
Author

u650080 commented Aug 18, 2021

There is an issue with rules section of k8s/operator.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: tomcat-operator
rules:

  • apiGroups:
    • 'apiextensions.k8s.io'
    • 'tomcatoperator.io'
      resources:
    • deployments
    • services
    • customresourcedefinitions
    • tomcats
    • webapps
      verbs:
    • '*'

@kanedafromparis kanedafromparis mentioned this issue Aug 25, 2021
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@u650080