tepid yoke
Hey guys,
i'm trying to get trident protect up and running on an OpenShift 4.17 cluster. First tried with 24.10 and later with 25.02 but had similar error messages.
Values is yaml is pretty basic... Can anyone help me with that?
Best Florian
Find the logs of the crashing trident-protect controller manger and the values.yaml in the attachment.
proven girder
I think this might be a permission issue:
events is forbidden: User \"system:serviceaccount:trident-protect:trident-protect-controller-manager\" cannot create resource \"events\" in API group \"\"
Did you try kubectl auth can-i '*' '*' --all-namespaces ?
tepid yoke
the error you quoted is the permission issue of an service account... which is just from the helm-chart so should be fine. The command you like me try test if my kubeconfig has cluster-admin permissions (which i have).
I think there is something different.
proven girder
I'm no k8s expert by any means, but to me it sounds like it's trying to read some resources, is denied access, and then fails because it couldn't get the resources it required
User "system:serviceaccount:trident-protect:trident-protect-controller-manager" cannot list resource "jobs" in API group "batch" in the namespace "trident-protect"
I vaguely remember that with OpenShift specifically, you needed some special permissions or something for many containers
tepid yoke
i mostly do k8s and i little bit of NetApp... and my gut tells me it's something different. No specialities of RBAC in OpenShift 😉 what you have in mind is SCC
proven girder
maybe @minor drift has an idea
tepid yoke
will try the same installation on a non openshift cluster tomorrow
sleek tulip
Is Trident installed and working?
tepid yoke
@sleek tulip yes it is... but in a different namespace
tepid yoke
seems like it was an issue with deploying trident-protect by ArgoCD... i tried manual deployment today and it seems good now
minor drift
maybe <@1050718136674041866> has an idea
sorry, got here too late 😉