Getting below issue with Zalando Postgres operator. The default manifests are applied on the Kubernetes cluster(hosted on-prem) as provided here: https://github.com/zalando/postgres-operator/tree/4a099d698d641b80c5aeee5bee925921b7283489/manifests
Verified if there are any issues in the operator names or any in configmaps or in the service-account definitions but couldn't figure out much.
kubectl logs -f postgres-operator-944b9d484-9h796
2019/10/24 16:31:02 Spilo operator v1.2.0
2019/10/24 16:31:02 Fully qualified configmap name: default/postgres-operator
panic: configmaps "postgres-operator" is forbidden: User "system:serviceaccount:default:zalando-postgres-operator" cannot get resource "configmaps" in API group "" in the namespace "default"
goroutine 1 [running]:
github.com/zalando/postgres-operator/pkg/controller.(*Controller).initOperatorConfig(0xc0004a6000)
/root/go/src/github.com/zalando/postgres-operator/pkg/controller/controller.go:102 +0x687
github.com/zalando/postgres-operator/pkg/controller.(*Controller).initController(0xc0004a6000)
/root/go/src/github.com/zalando/postgres-operator/pkg/controller/controller.go:253 +0x825
github.com/zalando/postgres-operator/pkg/controller.(*Controller).Run(0xc0004a6000, 0xc000464660, 0xc000047a70)
/root/go/src/github.com/zalando/postgres-operator/pkg/controller/controller.go:348 +0x2f
main.main()
/workspace/cmd/main.go:82 +0x256
Any help here?
I have set up postgres-operator in my environment and it is working perfectly in my case. Please make sure that you have followed steps:
Clone postgres-operator repo:
$ git clone https://github.com/zalando/postgres-operator
$ cd postgres-operator
Operator from Zalando can be configured in two ways - using a classical configmap, or using a CRD configuration object, which is more powerful:
$ kubectl create -f manifests/operator-service-account-rbac.yaml
serviceaccount/zalando-postgres-operator created
clusterrole.rbac.authorization.k8s.io/zalando-postgres-operator created
clusterrolebinding.rbac.authorization.k8s.io/zalando-postgres-operator created
In order to use the CRD config, you must change a value in the postgres-operator itself. Change the last few lines in manifests/postgres-operator.yaml so they read:
env:
# provided additional ENV vars can overwrite individual config map entries
#- name: CONFIG_MAP_NAME
# value: "postgres-operator"
# In order to use the CRD OperatorConfiguration instead, uncomment these lines and comment out the two lines above
- name: POSTGRES_OPERATOR_CONFIGURATION_OBJECT
value: postgresql-operator-default-configuration
The service account name given in that file does not match that given by the operator service account definition, so you must adjust and create the actual config object referenced. This is placed in manifests/postgresql-operator-default-configuration.yaml. These are the values that must be set:
configuration:
kubernetes:
pod_environment_configmap: postgres-pod-config
pod_service_account_name: zalando-postgres-operator
Let’s create the operator and it’s configuration.
$ kubectl create -f manifests/postgres-operator.yaml
deployment.apps/postgres-operator created
Please wait few minutes before type following command:
$ kubectl create -f postgresql-operator-default-configuration.yaml
operatorconfiguration.acid.zalan.do/postgresql-operator-default-configuration created
Now, you will be able to see your POD running:
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
postgres-operator-599fd68d95-c8z67 1/1 Running 0 21m
You can also refer to this article, hope it will helps you.