search

metal-stack / firewall-controller

A kubernetes controller running on bare-metal firewalls, creating nftables rules, configures suricata, collects network metrics
MIT License
47 stars 4 forks source link

RBAC for crd creation missing #8

Closed majst01 closed 4 years ago

majst01 commented 4 years ago 
May 04 15:46:32 suricata ip[3242]: 2020-05-04T15:46:32.542+0200        ERROR        setup        unable to create crds of firewall-controller        {"error": "customresourcedefinitions.apiextensions.k8s.io \"firewalls.metal-stack.io\" is forbidden: User \"system:firewall-policy-controller\" cannot get resource \"customresourcedefinitions\" in API group \"apiextensions.k8s.io\" at the cluster scope"}
May 04 15:46:32 suricata ip[3242]: github.com/go-logr/zapr.(*zapLogger).Error
May 04 15:46:32 suricata ip[3242]:         github.com/go-logr/zapr@v0.1.0/zapr.go:128
May 04 15:46:32 suricata ip[3242]: main.main
May 04 15:46:32 suricata ip[3242]:         command-line-arguments/main.go:103
May 04 15:46:32 suricata ip[3242]: runtime.main
May 04 15:46:32 suricata ip[3242]:         runtime/proc.go:203