search

ceph / ceph-csi-operator

Kubernetes operator for managing the CephCSI plugins
Apache License 2.0
16 stars 18 forks source link

add missing rbac for persistentvolume during deletion #141

Closed leelavg closed 2 months ago

leelavg commented 2 months ago

Fixes 

W0918 10:12:09.506345       1 controller.go:989] Retrying syncing volume "pvc-1de9079b-1287-4d36-8998-db0a264b7488", failure 1                                                
E0918 10:12:09.506382       1 controller.go:1007] error syncing volume "pvc-1de9079b-1287-4d36-8998-db0a264b7488": persistentvolumes "pvc-1de9079b-1287-4d36-8998-db0a264b7488
" is forbidden: User "system:serviceaccount:openshift-storage-client:ceph-csi-rbd-ctrlplugin-sa" cannot update resource "persistentvolumes" in API group "" at the cluster sco
pe                                                                                                                                                                            
I0918 10:12:09.705796       1 controller.go:1561] delete "pvc-008acf6c-eba1-41f4-bffd-2a0a70d37081": failed to remove finalizer for persistentvolume: persistentvolumes "pvc-0
08acf6c-eba1-41f4-bffd-2a0a70d37081" is forbidden: User "system:serviceaccount:openshift-storage-client:ceph-csi-rbd-ctrlplugin-sa" cannot update resource "persistentvolumes"
 in API group "" at the cluster scope

RC as per @Madhu-1 some version of csi sidecar requires pv/patch and another version requires pv/update rbac.