You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I0128 16:22:26.355941 1 azure_vmss.go:623] EnsureHostInPool update backing off vmssVM(infra-1580226559-000000) with new backendPoolID /subscriptions/XXXXXXX-XXXX-XXXX-XXXXXXXXX/resourceGroups/XXXXXXX-XXXX-XXXX-XXXXXXXXX/providers/Microsoft.Network/loadBalancers/kubernetes-internal/backendAddressPools/kubernetes, err: compute.VirtualMachineScaleSetVMsClient#Update: Failure sending request: StatusCode=403 -- Original Error: Code="LinkedAuthorizationFailed" Message="The client 'XXXXXXX-XXXX-XXXX-XXXXXXXXX' with object id 'XXXXXXX-XXXX-XXXX-XXXXXXXXX' has permission to perform action 'Microsoft.Compute/virtualMachineScaleSets/virtualmachines/write' on scope '/subscriptions/XXXXXXX-XXXX-XXXX-XXXXXXXXX/resourceGroups/XXXXXXX-XXXX-XXXX-XXXXXXXXX/providers/Microsoft.Compute/virtualMachineScaleSets/ss-infra-XXXXXXXX/virtualmachines/0'; however, it does not have permission to perform action 'Microsoft.Network/networkSecurityGroups/join/action' on the linked scope(s) '/subscriptions/XXXXXXX-XXXX-XXXX-XXXXXXXXX/resourceGroups/XXXXXXX-XXXX-XXXX-XXXXXXXXX/providers/Microsoft.Network/networkSecurityGroups/nsg-worker' or the linked scope(s) are invalid."
Anything else we need to know?:
This is happening in an OpenShift v3.x cluster deployed via Azure Red Hat OpenShift
@julienstroheker Thanks for reporting the issue. It has been fixed by kubernetes/kubernetes#68210 and have been included in v1.12.0 and above versions. Have you tried the same things on v1.12+ clusters?
What happened:
When deploying ILB with wrong cloud provider permissions looks like cloud provider is panicing :
What you expected to happen:
Cloud provider should not panic
How to reproduce it:
Creating ILB as following with missing permissions such as
Microsoft.Network/networkSecurityGroups/join/action
ILB Test template used
Error :
Anything else we need to know?:
This is happening in an OpenShift v3.x cluster deployed via Azure Red Hat OpenShift
Environment:
kubectl version
):The text was updated successfully, but these errors were encountered: