Hi, I've tried to set up logging with the EFK stack according to the documentation for OpenShift 3.2, but when I try to deploy the logging-deployer pod it fails into Error status with the following error message in the container log:
[...] + echo 'Attaching secrets to service accounts' + oc secrets add serviceaccount/aggregated-logging-kibana logging-kibana logging-kibana-proxy + oc secrets add serviceaccount/aggregated-logging-elasticsearch logging-elasticsearch + oc secrets add serviceaccount/aggregated-logging-fluentd logging-fluentd + oc secrets add serviceaccount/aggregated-logging-curator logging-curator Deleting configmaps + '[' -n '' ']' + generate_configmaps + echo 'Deleting configmaps' + oc delete configmap -l logging-infra=support Error from server: User "system:serviceaccount:logging:logging-deployer" cannot list configmaps in project "logging" [ full output at http://pastebin.com/sUZrNX1b ] When I take a look who is allowed to list configmaps the logging-deployer serviceaccount is not listed: 10:18:16 root@osmaster:~> oc policy who-can list configmap -n logging Namespace: logging Verb: list Resource: configmaps Users: system:serviceaccount:openshift-infra:namespace-controller Groups: system:cluster-admins system:masters But to be honest I don't have a clue how to add a verb/resource pair to a serviceaccount. I've tried to add the view/edit/admin roles to the serviceaccount but no luck. Any help would be greatly appreciated! Thanks and kind regards, Lemmy.
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
