search

robusta-dev / kubewatch

Watch k8s events and trigger Handlers
Apache License 2.0
547 stars 79 forks source link

Unauthorized event in log #15

Closed vdvelde closed 1 year ago

vdvelde commented 1 year ago

When starting up the container I get the error below.

E0111 13:41:59.199162       1 reflector.go:123] pkg/mod/k8s.io/client-go@v0.16.8/tools/cache/reflector.go:96: Failed to list *v1.Event: Unauthorized

Any Idea how to resove this ?

arikalon1 commented 1 year ago

It seems that Kubewatch is unable to list events in your cluster. You have to authorize reading events in the service account used by Kubewatch.

For example:

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: kubewatch-cluster-role
  namespace : default
rules:
  - apiGroups:
      - ""
    resources:
      - configmaps
      - daemonsets
      - deployments
      - events
      - namespaces
      - nodes
      - persistentvolumes
      - pods
      - replicasets
      - replicationcontrollers
      - services
      - serviceaccounts
    verbs:
      - get
      - list
      - watch

you see events listed there on the resources list

vdvelde commented 1 year ago

The above is a good and working example .