Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Strimzi Quickstart Configured service account doesn't have access. Service account may have been revoked.
See original GitHub issueDescribe the bug Installing Strimzi operator as per: https://strimzi.io/docs/operators/latest/quickstart.html into fresh Rancher Desktop k3s. (Also tried the same demo in kubespray/kubeadm production k8s cluster.
I’ve followed the steps by both changing the namespace using the suggested:
sed -i '' 's/namespace: .*/namespace: kafka/' install/cluster-operator/*RoleBinding*.yaml
as well as leaving it default using the “myproject” namespace.
operator pod doesn’t deploy properly and gives “CrashLoopBackOff”, the problem seems to be service account access:
ERROR Main:154 - Cluster Operator verticle in namespace my-kafka-project failed to start
io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET at: https://10.43.0.1/apis/kafka.strimzi.io/v1beta2/namespaces/my-kafka-project/kafkas. Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked. kafkas.kafka.strimzi.io is forbidden: User "system:serviceaccount:kafka:strimzi-cluster-operator" cannot list resource "kafkas" in API group "kafka.strimzi.io" in the namespace "my-kafka-project".
To Reproduce Steps to reproduce the behavior:
- Go to https://strimzi.io/docs/operators/latest/quickstart.html
- Follow instructions on quickstart
- Run command “kubectl get pods --all-namespaces” then kubectl -n kafka logs strimzi-cluster-<pod_id>
- See error in logs
Expected behavior a stable operator installed, and the ability to deploy kafka objects.
Environment (please complete the following information):
- Strimzi version: strimzi-0.27.1
- Installation method: github files as per https://strimzi.io/docs/operators/latest/quickstart.html
- Kubernetes cluster: Rancher Desktop v1.21.7+k3s1 (also tried on kubeadm/kubespray v1.21.4, same problem)
- Infrastructure: Rancher Desktop, kubespray.
YAML files and logs
Attach or copy paste the custom resources you used to deploy the Kafka cluster and the relevant YAMLs created by the Cluster Operator. Attach or copy and paste also the relevant logs. strimzi.txt
Issue Analytics
- State:
- Created 2 years ago
- Comments:9 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I’m facing the same issue but with Helm deployment, I configured the deployment to watch any namespace and the pod throws the same error. Can you help please?
@all4innov I had install cluster operator with this command and it’s works now
kubectl create -f https://strimzi.io/install/latest?namespace=kafka' -n kafkaIf can help you 😉