This Kubernetes operator automates the Cassandra operations such as deploying a new rack aware cluster, adding/removing nodes, configuring the C* and JVM parameters, upgrading JVM and C* versions, and many more...
What did you expect to see?
multicasskop pod operating on multicasskop custom resources
What did you see instead? Under which circumstances?
looks like it doesn't get the necessary rbac permissions
E0910 15:37:13.349482 1 reflector.go:178] pkg/mod/k8s.io/client-go@v0.18.2/tools/cache/reflector.go:125: Failed to list *v1alpha1.MultiCasskop: multicasskops.db.orange.com is forbidden: User "system:serviceaccount:cassandra:multi-casskop" cannot list resource "multicasskops" in API group "db.orange.com" in the namespace "cassandra"
Bug Report
What did you do? new install of 0.5.4
What did you expect to see? multicasskop pod operating on multicasskop custom resources
What did you see instead? Under which circumstances? looks like it doesn't get the necessary rbac permissions
Environment
Kubernetes cluster kind: bare-metal
Cassandra version: 3.11
Possible Solution looks like it got mixed in the switch to specific permissions in this file: https://github.com/Orange-OpenSource/casskop/blob/master/multi-casskop/helm/multi-casskop/templates/role.yaml
not sure off hand what verbs it needs (guessing something like
list
,get
,update
)