Error create/update ingress on OKD

[abdiali9617]

Bugs should be filed for issues encountered whilst operating bank-vaults. You should first attempt to resolve your issues through the community support channels, e.g. Slack, in order to rule out individual configuration errors. Please provide as much detail as possible.

Describe the bug: When Installing the operator the vault pod crashes and has the following error message

• "[INFO] core: security barrier not initialized" Also in the vault-operator pod logs has the following error
• "1 request.go:645] Throttling request took 1.043982282s, request: GET:https://172.30.0.1:443/apis/acme.cert-manager.io/v1alpha3?timeout=32s {"level":"error","ts":1620407609.7283828,"logger":"controller","msg":"Reconciler error","controller":"vault-controller","name":"vault","namespace":"banzai-vault","error":"failed to create/update ingress: no matches for kind \"Ingress\" in version \"networking.k8s.io/v1\"","stacktrace":"github.com/go-logr/zapr.(zapLogger).Error\n\t/go/pkg/mod/github.com/go-logr/zapr@v0.2.0/zapr.go:132\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(Controller).reconcileHandler\n\t/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.6.2/pkg/internal/controller/controller.go:237\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(Controller).processNextWorkItem\n\t/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.6.2/pkg/internal/controller/controller.go:209\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(Controller).worker\n\t/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.6.2/pkg/internal/controller/controller.go:188\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1\n\t/go/pkg/mod/k8s.io/apimachinery@v0.19.3/pkg/util/wait/wait.go:155\nk8s.io/apimachinery/pkg/util/wait.BackoffUntil\n\t/go/pkg/mod/k8s.io/apimachinery@v0.19.3/pkg/util/wait/wait.go:156\nk8s.io/apimachinery/pkg/util/wait.JitterUntil\n\t/go/pkg/mod/k8s.io/apimachinery@v0.19.3/pkg/util/wait/wait.go:133\nk8s.io/apimachinery/pkg/util/wait.Until\n\t/go/pkg/mod/k8s.io/apimachinery@v0.19.3/pkg/util/wait/wait.go:90"} {"level":"info","ts":1620407670.7196321,"logger":"controller_vault","msg":"Reconciling Vault","Request.Namespace":"banzai-vault","Request.Name":"vault"}"

Expected behaviour: The expected behave is for all the pods to be running successfully

Steps to reproduce the bug: Run the following commands to reproduce the bug

Create environment

kubectl create namespace banzai-vault

Install the operator

helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com helm upgrade --install vault-operator banzaicloud-stable/vault-operator

Create a Vault instance with the Vault CR

kubectl apply -f https://raw.githubusercontent.com/banzaicloud/bank-vaults/master/operator/deploy/rbac.yaml kubectl apply -f https://raw.githubusercontent.com/banzaicloud/bank-vaults/master/operator/deploy/cr.yaml

Add privileged rolebinding

oc adm policy add-scc-to-user privileged -z vault-operator -n banzai-vault oc adm policy add-scc-to-user privileged -z vault -n banzai-vault

Additional context: If I don't add the privileged rolebinding the pods won't start

Environment details:

• Current OKD Version: 4.5.0-0.okd-2021-01-22-120006

/kind bug

[bonifaido]

Interesting since OKD 4 has also this v1 Ingress API: https://docs.okd.io/latest/rest_api/network_apis/ingress-networking-k8s-io-v1.html

Do you what is the correct RBAC role for this in OKD (I don't have access to an OKD cluster)?

[github-actions[bot]]

Thank you for your contribution! This issue has been automatically marked as stale because it has no recent activity in the last 60 days. It will be closed in 20 days, if no further activity occurs. If this issue is still relevant, please leave a comment to let us know, and the stale label will be automatically removed.