joschi36 edited a comment on pull request #30: URL: https://github.com/apache/cloudstack-kubernetes-provider/pull/30#issuecomment-831244086
@davidjumani When running in my setup I had to change RBAC rules. Got this error: ```I0503 12:44:20.142166 1 leaderelection.go:247] failed to acquire lease kube-system/cloud-controller-manager``` ```E0503 12:44:23.753152 1 leaderelection.go:324] error retrieving resource lock kube-system/cloud-controller-manager: leases.coordination.k8s.io "cloud-controller-manager" is forbidden: User "system:serviceaccount:kube-system:cloud-controller-manager" cannot get resource "leases" in API group "coordination.k8s.io" in the namespace "kube-system"``` Maybe we need to update them aswell in the file [deployment.yaml](https://github.com/apache/cloudstack-kubernetes-provider/blob/master/deployment.yaml). Or even better, create a new Role and RoleBinding limiting this change to only the Namespace. ```diff +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - create + - update ``` Sorry for the late review, I'm very busy at the moment. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
