New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
clusterroles.rbac.authorization.k8s.io "kube-backup-reader" is forbidden #45
Comments
Hey Ben! Merry xmas. the serviceaccount should've been created when you deployed cronjob-ssh.yaml, but the error ( |
Hey Peter! Merry Christmas to you as well! It works now! I have added a print-screen of the repository and the next thing I will do is reading the instructions of the git-crypt to backup the secrets as well. I have to say that this is really a nice tool 👍. All the initial config has been committed and when a change is made only this is committed as a second commit like you showed in the demo. Issue one: @pieterlange the feedback helped! The other issue was that my email address contained two Uppercase chars and the role I created contained only lower case characters. Issue two: running:
skipped the creation of the serviceaccount. Running it as a separate file worked and when a helm chart (#46) would be used then this issue would not occur at all. |
Ah, it's a combined YAML file and with |
I had to add |
I am trying to enable kube-backup for one of the clusters that is running on GCP.
cronjob-ssh.yaml has been deployed
kubectl describe job kube-state-backup-1545735000 -n kube-system returns:
Error creating: pods "kube-state-backup-1545736800-" is forbidden: error looking up service account kube-system/kube-backup: serviceaccount "kube-backup" not found
When the rbac.yaml is deployed, the following issue occurs:
Based on this I tried:
kubectl create clusterrolebinding kube-backup-reader --clusterrole=cluster-admin --user=<email-address>
I ran the commands that are defined in this post https://stackoverflow.com/a/47332612/2777965, but the issue persists.
Now I wonder whether the "Tiller approach" should be used (fnproject/fn-helm#21 (comment)).
The text was updated successfully, but these errors were encountered: