Error in Kubernetes when not use helm-chart or operator

[Tob1as]

Hello,

i only want deploy VerneMQ in kubernetes with simple deployment without helm-chart or operator (with serviceaccount and something).

But i get an error on startup:

Permission error: Cannot access URL apis/apps/v1/namespaces/MY-NAMESPACE/statefulsets/null: "Forbidden"
403
"statefulsets.apps \"null\" is forbidden: User \"system:serviceaccount:MY-NAMESPACE:MY-NAMESPACE\" cannot get resource \"statefulsets\" in API group \"apps\" in the namespace \"MY-NAMESPACE\""

I think the "problem" begin with this line:

if [ -d "${SECRETS_KUBERNETES_DIR}" ] ; then  # SECRETS_KUBERNETES_DIR="/var/run/secrets/kubernetes.io/serviceaccount"

in File: https://github.com/vernemq/docker-vernemq/blob/1.13.0/bin/vernemq.sh#L264-L287

With a workarround in my deployment it start:

args: ["/bin/sh", "-c", "cp /usr/sbin/start_vernemq /vernemq/start_vernemq ; sed -i 's|/var/run/secrets/kubernetes.io/serviceaccount|/var/run/secrets/kubernetes.io/serviceaccount_not-need|g' /vernemq/start_vernemq ; /vernemq/start_vernemq"]

But i think, this is not a good solution.
Is there a possibility to solve this better?

[ioolkos]

@Tob1as thanks, hm, we check whether we are on Kubernetes there. Would you say what you are trying to do is to be considered a stardard setup and should be possible/supported?

---

👉 Thank you for supporting VerneMQ: https://github.com/sponsors/vernemq 👉 Using the binary VerneMQ packages commercially (.deb/.rpm/Docker) requires a paid subscription.

[Tob1as]

I think it is only interesting for private and/or small clusters (with limited resources) or for tests with MQTT.
For larger clusters user should already use helm or operator for scaling. I just wanted to ask. :smirk: For me my solution seems to work, I could not find any disadvantage yet.