[jira] [Created] (FLINK-27211) RBAC deployments/finalizers missing for OpenShift Deployment

Tue, 12 Apr 2022 16:26:07 -0700 

James Busche created FLINK-27211:
------------------------------------

             Summary: RBAC deployments/finalizers missing for OpenShift 
Deployment
                 Key: FLINK-27211
                 URL: https://issues.apache.org/jira/browse/FLINK-27211
             Project: Flink
          Issue Type: Bug
          Components: Kubernetes Operator
    Affects Versions: kubernetes-operator-0.1.0
            Reporter: James Busche


On Openshift 4.8 when applying the basic.yaml, we see in the operator logs:

 

??2022-04-12 23:11:56,290 i.j.o.p.e.ReconciliationDispatcher 
*[ERROR][default/basic-example] Error during event processing ExecutionScope{ 
resource id*??

??*: CustomResourceID\{name='basic-example', namespace='default'}, version: 
680939} failed.*??

??{*}org.apache.flink.kubernetes.operator.exception.ReconciliationException: 
org.apache.flink.client.deployment.ClusterDeploymentException: Could not create 
Kubernetes clus{*}{*}ter "basic-example".{*}??
??{*}....{*}{*}{*}??

??*Caused by: 
org.apache.flink.kubernetes.shaded.io.fabric8.kubernetes.client.KubernetesClientException:
 Failure executing: POST at:* [*https://172.30.0.1/api/v1/namespaces/*]??

??{*}default/services. Message: Forbidden!Configured service account doesn't 
have access. Service account may have been revoked. services "basic-example" is 
forbidden: cann{*}{*}ot set blockOwnerDeletion if an ownerReference refers to a 
resource you can't set finalizers on: , <nil>.{*}??

Manually, this can be fixed by adding to the flink role under apps apiGroups:

  - deployments/finalizers

 

and to add to the flink-operator clusterrole under apps apiGrups:

  - deployments/finalizers

 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to