search

tczekajlo / kube-consul-register

a tool to register Kubernetes PODs as Consul Services
Apache License 2.0
105 stars 50 forks source link

Unable to load configuration: configmaps #45

Closed kolesoffac closed 5 years ago

kolesoffac commented 5 years ago

I add config to my kubernetes and rs/kube-consul-register, but in log have: E1108 13:44:19.614014 1 main.go:93] Unable to load configuration: configmaps "kube-consul-register" is forbidden: User "system:serviceaccount:default:default" cannot get resource "configmaps" in API group "" in the namespace "default"

How can i fix it?

Thanks

aryklein commented 3 years ago

@kolesoffac how did you manage this issue?

aryklein commented 3 years ago

Missing RBAC

apiVersion: v1
kind: ServiceAccount
metadata:
  name: kube-consul-register
  namespace: consul
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: kube-consul-register
rules:
- apiGroups: [""]
  resources: ["configmaps", "services", "endpoints", "pods"]
  verbs: ["watch", "get", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kube-consul-register
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kube-consul-register
subjects:
  - kind: ServiceAccount
    name: kube-consul-register
    namespace: consul