Does sidecar work with RBAC enabled?

CommercialTribe / kube-redis

Redis on Kubernetes as StatefulSet

MIT License

34 stars 22 forks source link

Does sidecar work with RBAC enabled? #11

Open JohnLindahlTech opened 6 years ago

JohnLindahlTech commented 6 years ago

I am trying to use the instructions in a Google Kubernetes Engine (1.8.4-gke.1) without legacy auth. But the sidecar keeps crashing on me with the following error:

Error from server (Forbidden): pods "redis-0" is forbidden: User "system:serviceaccount:myNameSpace:default" cannot get pods in the namespace "myNameSpace": Unknown user "system:serviceaccount:myNameSpace:default"

Is there a known way of how to get this error resolved?

JohnLindahlTech commented 6 years ago

I got something working, but I am not 100% aware of the consequences:

kubectl create rolebinding myNameSpace-edit --clusterrole=edit --serviceaccount=myNameSpace:default --namespace=myNameSpace