Hello, I am deploying an embeded version of ignite on AKS and I am getting this error: Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: https://kubernetes.default.svc.cluster.local:443/api/v1/namespaces/default/endpoints/processing-engine-pe-v1-ignite at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1900) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1498)
That sounds like a problem with the RBAC to me but I cannot nail it down. So let me give my current configuration: NAME READY STATUS RESTARTS AGE processing-engine-pe-v1.master-69668fcb5b-zm7m8 1/1 Running 0 9m6s processing-engine-pe-v1.worker-7598949c5d-pkbfg 1/1 Running 0 9m6s As you can see 2 pods on the default namespace So the configuration is <bean id="tcpDiscoveryKubernetesIpFinder" class="org.apache.ignite.spi.discovery.tcp.ipfinder.kubernetes.TcpDiscoveryKubernetesIpFinder"> <property name="namespace" value="default" /> <property name="serviceName" value="processing-engine-pe-v1-ignite" /> </bean> The service is there kubectl describe svc processing-engine-pe-v1-ignite Name: processing-engine-pe-v1-ignite Namespace: default Labels: app.kubernetes.io/managed-by=Helm Annotations: meta.helm.sh/release-name: pe-v1 meta.helm.sh/release-namespace: default Selector: type=processing-engine-pe-v1.node Type: ClusterIP IP: None Port: service-discovery 47500/TCP TargetPort: 47500/TCP Endpoints: 10.244.0.31:47500,10.244.1.28:47500 Session Affinity: None Events: <none> The service account kubectl describe serviceaccount ignite Name: ignite Namespace: default Labels: app.kubernetes.io/managed-by=Helm Annotations: meta.helm.sh/release-name: pe-v1 meta.helm.sh/release-namespace: default Image pull secrets: <none> Mountable secrets: ********** Tokens: ********** Events: <none> The role kubectl describe clusterrole ignite Name: ignite Labels: app.kubernetes.io/managed-by=Helm release=pe-v1 Annotations: meta.helm.sh/release-name: pe-v1 meta.helm.sh/release-namespace: default PolicyRule: Resources Non-Resource URLs Resource Names Verbs --------- ----------------- -------------- ----- endpoints [] [] [get list watch] pods [] [] [get list watch] The role binding kubectl describe clusterrolebinding ignite Name: ignite Labels: app.kubernetes.io/managed-by=Helm release=pe-v1 Annotations: meta.helm.sh/release-name: pe-v1 meta.helm.sh/release-namespace: default Role: Kind: ClusterRole Name: ignite Subjects: Kind Name Namespace ---- ---- --------- ServiceAccount ignite default Any idea of what I am missing? -- Sent from: http://apache-ignite-users.70518.x6.nabble.com/