Closed naqvis closed 10 months ago
I'm curious if you are logged in as root.
kubectl-karmada when invoking init is failing with error error: failed to create directory: /etc/karmada, error: mkdir /etc/karmada: permission denied
The output shows that you don't have permission to create a directory at /etc/karmada
.
You might need to talk to your administrator to grant permission to you.
Another approach might be change the default path:
The init
command default to put the cert and crds file under /etc/karmada
directory:
-d, --karmada-data='/etc/karmada':
Karmada data path. kubeconfig cert and crds files
--karmada-pki='/etc/karmada/pki':
Karmada pki path. Karmada cert files
You can customize a directory that you have permission to access. like :
karmadactl init --karmada-data=~/karmada --karmada-pki=~/karmada <other flags>
It doesn't seem like a bug. /remove-kind bug /kind question
Please let us know if you have further questions.
I'm curious if you are logged in as root.
No, I'm not logged in as root.
It doesn't seem like a bug.
I would argue against it. There is no clear indication in documentation or somewhere else that init
requires root privileges and for non root users what options are available.
Similarly non-root users can install the Karmada control plane using Helm chart
Thanks for your suggestion. I'll invite init author here to comment. @lonelyCZ
I'm quite sure about does init
really requires root
permission?
I'm quite sure about does init really requires root permission?
I think it should not need the root permission. It only need the permission of kubeconfig, as for /etc/karmada
directory is only a common dir like /etc/kubernetes
, so it can be configured.
There is no clear indication in documentation or somewhere else that init requires root privileges and for non root users what options are available.
It makes sense, perhaps we can note this in the document. We deafult use /etc/karmada
that seems more friendly for new Karmada user, especially unify the description of documents, how do you think?
Thanks @RainbowMango and @lonelyCZ.
Similar to kubectl
configurations under user home folder ~/.kube
it make sense to use the similar approach (as default) for Karmada artifacts. As requiring a normal user activity to have root privileges should be something which should be avoided for security concerns.
I'm not suggesting that artifacts should be stored under ~/.kube
folder, but suggestion is to store operation artifacts under user home folder (as that' the common place, where linux user has full privileges).
My two cents.
We deafult use /etc/karmada that seems more friendly for new Karmada user, especially unify the description of documents, how do you think?
+1
but suggestion is to store operation artifacts under user home folder (as that' the common place, where linux user has full privileges)
The kubectl
configuration is normally used by a specific user, so it makes sense to store the configurations in the home folder.
But Karmada configurations(or, Kubernetes configurations), might be used by more than one user. So, I don't think such kind of configuration should be put in a user-specific directory.
Take kubeadm
as an example, an administrator(probably root) might install Kubernetes, which might be used by more than one user, so the configuration definitely can't be at /root/xxx
.
ake
kubeadm
as an example, an administrator(probably root) might install Kubernetes, which might be used by more than one user, so the configuration definitely can't be at/root/xxx
.
Understand and agree for such use cases, but keep in view that Karmada control plane can be installed via Helm and that doesn't require escalated privileges.
Request here is to please
init
command with default settings (requires escalated privileges & why) karmadactl init
command and helm install
, if these two achieves the same result of installing the control plane? or there are some differences? if so what are them?Thanks again for all of the great work and contributions you are making to the community.
The difference between karmadactl init
and helm install
is that:
karmadactl init
needs a path to store public configurations for multiple users.helm install
doesn't need to store public configurations, it essentially deploys workloads(karmada components) to a specific cluster.I don't know why we need to document the difference. In addition, we just introduced another installation approach, Karmada Operator, do you mean we also need to note the differences?
Update the documentation accordingly stating that init command with default settings (requires escalated privileges & why)
Sounds good to me. Would you like to send a PR for this?
Sounds good to me. Would you like to send a PR for this?
Yeah sure, would be happy to do that.
/assign In favor of https://github.com/karmada-io/website/pull/364. Thanks. /remove-kind question /kind cleanup /kind documentation
Sorry, just mistakenly assigned it to me. /unassign /assign @naqvis
I guess we can close it now. /close
@RainbowMango: Closing this issue.
What happened:
kubectl-karmada
when invokinginit
is failing with error error: failed to create directory: /etc/karmada, error: mkdir /etc/karmada: permission deniedWhat you expected to happen:
init
command should successfully install Karmada control planeHow to reproduce it (as minimally and precisely as possible):
kubectl-karmada
kubectl karmada init
Anything else we need to know?:
Environment:
kubectl-karmada version
orkarmadactl version
):