Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to run opentelemetry-collector in namespaced mode #10482

Closed
alita1991 opened this issue Jun 28, 2024 · 3 comments
Closed

Unable to run opentelemetry-collector in namespaced mode #10482

alita1991 opened this issue Jun 28, 2024 · 3 comments
Labels
bug Something isn't working

Comments

@alita1991
Copy link

Describe the bug

Provide a way to run the opentelemetry-collector in namespaced mode (without the need for a cluster-role)

Steps to reproduce

Deploy opentelemetry-collector with a role and add a receiver that will access the K8S API (ex: prometheus)

What did you expect to see?

No RBAC errors should be reported

What did you see instead?

RBAC errors are printed to console, where resources like Pods, ReplicaSets are being listed at the cluster level, instead of namespace.

E0628 13:56:31.636433       1 reflector.go:147] k8s.io/client-go@v0.29.3/tools/cache/reflector.go:229: Failed to watch *v1.ReplicationController: failed to list *v1.ReplicationController: replicationcontrollers is forbidden: User "system:serviceaccount:argocd-openshift:collector-sa" cannot list resource "replicationcontrollers" in API group "" at the cluster scope
E0628 13:56:36.263036       1 reflector.go:147] k8s.io/client-go@v0.29.3/tools/cache/reflector.go:229: Failed to watch *v1.Deployment: failed to list *v1.Deployment: deployments.apps is forbidden: User "system:serviceaccount:argocd-openshift:collector-sa" cannot list resource "deployments" in API group "apps" at the cluster scope
E0628 13:56:41.790609       1 reflector.go:147] k8s.io/client-go@v0.29.3/tools/cache/reflector.go:229: Failed to watch *v1.Event: failed to list *v1.Event: events is forbidden: User "system:serviceaccount:argocd-openshift:collector-sa" cannot list resource "events" in API group "" at the cluster scope
E0628 14:00:54.757556       1 reflector.go:147] k8s.io/client-go@v0.29.3/tools/cache/reflector.go:229: Failed to watch *v2.HorizontalPodAutoscaler: failed to list *v2.HorizontalPodAutoscaler: horizontalpodautoscalers.autoscaling is forbidden: User "system:serviceaccount:argocd-openshift:collector-sa" cannot list resource "horizontalpodautoscalers" in API group "autoscaling" at the cluster scope

Additional context

I want to be able to run otel-operator + collectors in a K8S environment, where I only have access to a namespace.
@alita1991 alita1991 added the bug Something isn't working label Jun 28, 2024
@codeboten
Copy link
Contributor

this appears to be an issue w/ the operator, maybe one of the @open-telemetry/operator-maintainers there can move transfer the issue

@jaronoff97
Copy link
Contributor

jaronoff97 commented Jul 16, 2024
edited

@codeboten we already have an open issue there with a similar description. I think we can close this in favor of that one. sorry... this issue

@codeboten
Copy link
Contributor

Thanks @jaronoff97! Closing as a duplicate of open-telemetry/opentelemetry-operator#3042, @alita1991 please let us know if that issue doesn't capture your concerns.

@codeboten codeboten closed this as not planned Won't fix, can't repro, duplicate, stale Jul 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@codeboten @jaronoff97 @alita1991