Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add endpoints list and watch permission for controller-manager #590

Merged
merged 2 commits into from Jun 18, 2019
Merged

Add endpoints list and watch permission for controller-manager #590

merged 2 commits into from Jun 18, 2019

Conversation

aylei
Copy link
Contributor

@aylei aylei commented Jun 17, 2019

Signed-off-by: Aylei rayingecho@gmail.com

What problem does this PR solve?

#545 Introduced a endpoints informer without adding the list and watch permission for endpoints object for tidb-controller-manager. This PR fix this.

The error messages from tidb-controller-manager:

E0617 14:08:32.736442       1 reflector.go:134] pkg/mod/k8s.io/client-go@v2.0.0-alpha.0.0.20190115164855-701b91367003+incompatible/tools/cache/reflector.go:95: Failed to list *v1.Endpoints: endpoints is forbidden: User "system:serviceaccount:pingcap:tidb-controller-manager" cannot list resource "endpoints" in API group "" at the cluster scope
E0617 14:08:33.737939       1 reflector.go:134] pkg/mod/k8s.io/client-go@v2.0.0-alpha.0.0.20190115164855-701b91367003+incompatible/tools/cache/reflector.go:95: Failed to list *v1.Endpoints: endpoints is forbidden: User "system:serviceaccount:pingcap:tidb-controller-manager" cannot list resource "endpoints" in API group "" at the cluster scope
E0617 14:08:34.739684       1 reflector.go:134] pkg/mod/k8s.io/client-go@v2.0.0-alpha.0.0.20190115164855-701b91367003+incompatible/tools/cache/reflector.go:95: Failed to list *v1.Endpoints: endpoints is forbidden: User "system:serviceaccount:pingcap:tidb-controller-manager" cannot list resource "endpoints" in API group "" at the cluster scope
I0617 14:08:35.739901       1 tidbcluster_control.go:68] TidbCluster: [e2e-cluster1/e2e-cluster1] updated successfully

Check List

Tests

  • E2E test

Code changes

  • Has Helm charts change
Add endpoints list and watch permission for controller-manager

@aylei
Add endpoints list and watch permission for controller-manager
f019d29 
Signed-off-by: Aylei <rayingecho@gmail.com>
@aylei
Copy link
Contributor Author

aylei commented Jun 17, 2019

/run-e2e-tests

@aylei
Copy link
Contributor Author

aylei commented Jun 17, 2019

/run-e2e-tests

1 similar comment
@aylei
Copy link
Contributor Author

aylei commented Jun 17, 2019

/run-e2e-tests

@aylei aylei marked this pull request as ready for review June 17, 2019 16:03
gregwebs
gregwebs approved these changes Jun 17, 2019
View reviewed changes
Copy link
Contributor

@gregwebs gregwebs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tested this on GKE, it fixed my issue, thanks!

@aylei aylei requested review from tennix and weekface June 18, 2019 02:18
@weekface weekface merged commit b9fb5eb into pingcap:master Jun 18, 2019
yahonda pushed a commit that referenced this pull request Dec 27, 2021
@weekface @ran-huang @ti-srebot
zh: TiCDC TLS document (#590)
a5ad350 
* tls for ticdc

* address comment

* Apply suggestions from code review

Co-authored-by: Ran <huangran@pingcap.com>

Co-authored-by: Ran <huangran@pingcap.com>
Co-authored-by: ti-srebot <66930949+ti-srebot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gregwebs gregwebs gregwebs approved these changes

@weekface weekface weekface approved these changes

@tennix tennix Awaiting requested review from tennix

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@aylei @gregwebs @weekface