Open chenmin1992 opened 5 years ago
It seems like the user doesn't have permission to create resources at the global scope level. You can create an RBAC rule and give permissions to the user "system:serviceaccount:mysql-operator:default"
(using kubectl create clusterrolebinding
).
I just saw that you're running it in a custom namespace. I've created a PR which will allow to specify namespace to register CRDs in. https://github.com/grtl/mysql-operator/pull/127 - I will merge when Travis accepts the build. Test by running:
kubectl -n mysql-operator run mysql-operator --image=grtl/mysql-operator:latest -- -namespace mysql-operator
@earlgreyz thank you so much, you are awesome. I think it should have ability to run in a separated namespace.
@earlgreyz thank you so much, you are awesome. I think it should have ability to run in a separated namespace.
Already merged, let me know if it works for you ;D
there is no more panic error, but still can not create clusterrolebinding automatically
klutzdeMacBook-Pro:~ klutz$ kubectl -n mysql-operator logs pod/mysql-operator-5b7685587d-6zqgq
time="2018-12-13T10:38:03Z" level=fatal msg="Unable to initialize objects" error="customresourcedefinitions.apiextensions.k8s.io is forbidden: User \"system:serviceaccount:mysql-operator:default\" cannot create resource \"customresourcedefinitions\" in API group \"apiextensions.k8s.io\" at the cluster scope"
and some other errors occurred when create mysql cluster
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedCreate 2m33s (x12 over 2m41s) statefulset-controller create Pod my-cluster-0 in StatefulSet my-cluster failed error: Failed to create PVC data-my-cluster-0: PersistentVolumeClaim "data-my-cluster-0" is invalid: spec.resources[storage]: Invalid value: "0": must be greater than zero
Warning FailedCreate 2m23s (x13 over 2m41s) statefulset-controller create Claim data-my-cluster-0 for Pod my-cluster-0 in StatefulSet my-cluster failed error: PersistentVolumeClaim "data-my-cluster-0" is invalid: spec.resources[storage]: Invalid value: "0": must be greater than zero
and yaml
volumeClaimTemplates:
- metadata:
creationTimestamp: null
labels:
app: my-cluster
name: data
spec:
accessModes:
- ReadWriteOnce
dataSource: null
resources:
requests:
storage: "0"
@chenmin1992 did you run the deployment with the -namespace mysql-operator
flag? You might still need to create RBAC rule to allow user for modifying the mysql-operator
namespace.
yes, I just run the command copied from you issuecomment-446547910
klutzdeMacBook-Pro:~ klutz$ kubectl -n mysql-operator run mysql-operator --image=grtl/mysql-operator:latest -- -namespace mysql-operator
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/mysql-operator created
klutzdeMacBook-Pro:~ klutz$ kubectl -n mysql-operator get all
NAME READY STATUS RESTARTS AGE
pod/mysql-operator-5b7685587d-tdvlt 0/1 ContainerCreating 0 7s
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
deployment.apps/mysql-operator 1 1 1 0 7s
NAME DESIRED CURRENT READY AGE
replicaset.apps/mysql-operator-5b7685587d 1 1 0 7s
klutzdeMacBook-Pro:~ klutz$ kubectl -n mysql-operator get all
NAME READY STATUS RESTARTS AGE
pod/mysql-operator-5b7685587d-tdvlt 0/1 ContainerCreating 0 11s
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
deployment.apps/mysql-operator 1 1 1 0 11s
NAME DESIRED CURRENT READY AGE
replicaset.apps/mysql-operator-5b7685587d 1 1 0 11s
klutzdeMacBook-Pro:~ klutz$
klutzdeMacBook-Pro:~ klutz$ kubectl -n mysql-operator describe pod/mysql-operator-5b7685587d-tdvlt
Name: mysql-operator-5b7685587d-tdvlt
Namespace: mysql-operator
Priority: 0
PriorityClassName: <none>
Node: minikube/192.168.64.31
Start Time: Fri, 14 Dec 2018 09:50:01 +0800
Labels: pod-template-hash=5b7685587d
run=mysql-operator
Annotations: <none>
Status: Running
IP: 172.17.0.4
Controlled By: ReplicaSet/mysql-operator-5b7685587d
Containers:
mysql-operator:
Container ID: docker://6fd0fa916b9a7ec588795f52c028630f4c801233010e61243740feee1e66e64f
Image: grtl/mysql-operator:latest
Image ID: docker-pullable://grtl/mysql-operator@sha256:52db2909b4e9f99b792563fdd09dd425f0b5650a95a2fd46cd091e179228684c
Port: <none>
Host Port: <none>
Args:
-namespace
mysql-operator
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Error
Exit Code: 1
Started: Fri, 14 Dec 2018 09:50:18 +0800
Finished: Fri, 14 Dec 2018 09:50:18 +0800
Ready: False
Restart Count: 1
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-bh58f (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
default-token-bh58f:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-bh58f
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 23s default-scheduler Successfully assigned mysql-operator/mysql-operator-5b7685587d-tdvlt to minikube
Normal Pulling 10s (x2 over 23s) kubelet, minikube pulling image "grtl/mysql-operator:latest"
Normal Pulled 6s (x2 over 11s) kubelet, minikube Successfully pulled image "grtl/mysql-operator:latest"
Normal Created 6s (x2 over 11s) kubelet, minikube Created container
Normal Started 6s (x2 over 11s) kubelet, minikube Started container
Warning BackOff 4s (x2 over 5s) kubelet, minikube Back-off restarting failed container
klutzdeMacBook-Pro:~ klutz$ kubectl -n mysql-operator logs pod/mysql-operator-5b7685587d-tdvlt
time="2018-12-14T01:50:18Z" level=fatal msg="Unable to initialize objects" error="customresourcedefinitions.apiextensions.k8s.io is forbidden: User \"system:serviceaccount:mysql-operator:default\" cannot create resource \"customresourcedefinitions\" in API group \"apiextensions.k8s.io\" at the cluster scope"
klutzdeMacBook-Pro:~ klutz$