Add deployment doc for single namespace configuration #256
Comments
|
Hi, it sounds you didn't create the cluster role binding which give all the permissions needed to the controller do its job. Actually there isn't a doc that say how to configure rbac to work on a single namespace - I'll label this issue and leave it open so this won't be forgotten. |
|
@jcmoraisjr Thank you, the problem was that ClusterRoleBinding was corrupted by an ingress in another namespace. Documentation on a multi-namespace ingress instantiation would be highly appreciated. |
I am trying to configure rbac to work in single namespace without using ClusterRole or ClusterRoleBinding. I am facing issue where haproxy ingress keeps throwing errors "cannot list [RESOURCES] at the cluster scope". I have added --watch-namespace still why is ingress trying to get cluster resources. Can you please provide a document that shows how to configure rbac with single namespace without using ClusterRole ? It would be really helpful. Thanks |
jcmoraisjr
changed the title
|
@swapnil1988 the "list resource at cluster scope issue" should be fixed since #578 and should be working fine on v0.10. If you have any problem please file a new issue with controller version, configurations and behavior. |
After restarting kubernetes nodes HaProxy ingress was not able to access Ingress backends (503 HTTP Error). haproxy-ingress logs gave following errors (HaProxy is deployed in "monitoring" namespace):
Fixed by allowing "list" verb for "Pods" resource in "ingress-controller" Role in corresponding namespace.
Runtime:
PhotonOS 4.9.130-2.ph2-esx
kubernetes v1.11.1
Docker version 17.06.0-ce
The text was updated successfully, but these errors were encountered: