E0722 15:19:28.024292 1 main.go:93] "error while running" err="failed to advertise features (via CRD API): failed to get NodeFeature object: nodefeatures.nfd.k8s-sigs.io \"ip-172-16-212-61.eu-west-1.compute.internal\" is forbidd │
│ en: User \"system:serviceaccount:nfd:nfd-worker\" cannot get resource \"nodefeatures\" in API group \"nfd.k8s-sigs.io\" in the namespace \"nfd\""
no errors in the nfd-controller-manager pod.
I've had to separately create a role/rolebinding to fix it. I was expecting this to be managed by the operator somehow. Maybe that's by design?
What you expected to happen:
nfd-worker not crashing or needing a separate role/rolebinding
How to reproduce it (as minimally and precisely as possible):
What happened:
I installed the operator as documented in https://kubernetes-sigs.github.io/node-feature-discovery/master/deployment/operator.html#deployment
nfd-worker pods crashloop with the error:
no errors in the nfd-controller-manager pod.
I've had to separately create a role/rolebinding to fix it. I was expecting this to be managed by the operator somehow. Maybe that's by design?
What you expected to happen:
nfd-worker not crashing or needing a separate role/rolebinding
How to reproduce it (as minimally and precisely as possible):
Install the operator as documented in https://kubernetes-sigs.github.io/node-feature-discovery/master/deployment/operator.html#deployment on EKS
Anything else we need to know?:
Environment:
kubectl version
): v1.28.9-eks-036c24bcat /etc/os-release
): Amazon Linux 2uname -a
):