cloud-barista / cb-operator

The Operator for Cloud-Barista system
Apache License 2.0
6 stars 6 forks source link

Update CB-Dragonfly HelmChart config file #177

Closed dev-secloudit closed 2 years ago

jihoon-seo commented 2 years ago

@hyokyungk @inno-cloudbarista 이 PR을 pull 하여 테스트 해 봤는데, 같은 문제가 발생합니다. 🤔 (https://github.com/cloud-barista/cb-dragonfly/issues/129)

❯ kubectl logs cb-dragonfly-86bcc7dfb8-b4q7r -n cloud-barista                             
...
[CLOUD-BARISTA].[ERROR]: 2022-01-11 12:05:01 mechanism.go:45, github.com/cloud-barista/cb-dragonfly/pkg/modules/procedure.startPushModule() - failed to initialize collector manager 
panic: configmaps is forbidden: User "system:serviceaccount:cloud-barista:cb-dragonfly" cannot create resource "configmaps" in API group "" in the namespace "dragonfly"

goroutine 1 [running]:
main.main()
        /go/src/github.com/cloud-barista/cb-dragonfly/pkg/main.go:54 +0x2e6
jihoon-seo commented 2 years ago

From @devpjh121 :

원인: (1) CB-Dragonfly의 pod(Deployment )는 kube-api로 configmap 생성, 조회, 업데이트 및 deployment 생성, 조회, 삭제 요청 수행 (2) DF Pod가 "cloud-barista" namespace로 configmap 및 deployment 관련 수행 권한이 없어서 에러 발생

해결 방안: (1) "cloud-barista" namespace에 serviceaccount 생성 (2) "cloud-barista" namespace에 configmap, deployment 리소스를 다룰수 있는 권한 생성(clusterrole) (3) 위에서 생성한 clusterrole을 serviceaccount로 부여하는 rolebinding 리소스 생성

jihoon-seo commented 2 years ago

이 문제가 계속 발생하여 살펴 보니

이에,

/lgtm /approve

prow-for-cloud-barista[bot] commented 2 years ago

LGTM label has been added.

Git tree hash: 87fc24962a50e830422db9e1eb0c3f804735f283

prow-for-cloud-barista[bot] commented 2 years ago

LGTM label has been added.

Git tree hash: 87fc24962a50e830422db9e1eb0c3f804735f283

prow-for-cloud-barista[bot] commented 2 years ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: hyokyungk, jihoon-seo

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/cloud-barista/cb-operator/blob/master/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
prow-for-cloud-barista[bot] commented 2 years ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: hyokyungk, jihoon-seo

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/cloud-barista/cb-operator/blob/master/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment