You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by GitBox <gi...@apache.org> on 2021/04/22 17:59:06 UTC
[GitHub] [solr-operator] thomaswoeckinger opened a new issue #263: Missing RBAC rule for finalizers
thomaswoeckinger opened a new issue #263:
URL: https://github.com/apache/solr-operator/issues/263
Creating following cluster:
```
apiVersion: solr.apache.org/v1beta1
kind: SolrCloud
metadata:
name: solr-cloud
spec:
replicas: 3
solrImage:
tag: 8.6.3
solrJavaMem: "-Xms4g -Xmx6g"
solrOpts: "-Dsolr.autoSoftCommit.maxTime=10000"
solrGCTune: "-XX:SurvivorRatio=4 -XX:TargetSurvivorRatio=90 -XX:MaxTenuringThreshold=8"
dataStorage:
persistent:
reclaimPolicy: Delete
pvcTemplate:
spec:
storageClassName: "local-sc-solr"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "20Gi"
solrAddressability:
commonServicePort: 80
external:
method: ExternalDNS
useExternalAddress: true
domainName: "apps.test.org"
zookeeperRef:
connectionInfo:
internalConnectionString: "zookeeper-0.zookeeper-headless.solr.svc.cluster.local:2181,zookeeper-1.zookeeper-headless.solr.svc.cluster.local:2181,zookeeper-2.zookeeper-headless.solr.svc.cluster.local:2181"
```
leads to following error:
2021-04-22T15:13:52.773Z INFO controllers.SolrCloud Creating Common Service {"namespace": "solr", "solrCloud": "solr-cloud", "service": "solr-cloud-solrcloud-common"}
2021-04-22T15:13:52.899Z ERROR controller Reconciler error {"reconcilerGroup": "solr.apache.org", "reconcilerKind": "SolrCloud", "controller": "solrcloud", "name": "solr-cloud", "namespace": "solr", "error": "services \"solr-cloud-solrcloud-common\" is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on: , <nil>"}
github.com/go-logr/zapr.(*zapLogger).Error
/go/pkg/mod/github.com/go-logr/zapr@v0.2.0/zapr.go:132
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.6.2/pkg/internal/controller/controller.go:237
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.6.2/pkg/internal/controller/controller.go:209
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).worker
/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.6.2/pkg/internal/controller/controller.go:188
k8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1
/go/pkg/mod/k8s.io/apimachinery@v0.20.4/pkg/util/wait/wait.go:155
k8s.io/apimachinery/pkg/util/wait.BackoffUntil
/go/pkg/mod/k8s.io/apimachinery@v0.20.4/pkg/util/wait/wait.go:156
k8s.io/apimachinery/pkg/util/wait.JitterUntil
/go/pkg/mod/k8s.io/apimachinery@v0.20.4/pkg/util/wait/wait.go:133
k8s.io/apimachinery/pkg/util/wait.Until
/go/pkg/mod/k8s.io/apimachinery@v0.20.4/pkg/util/wait/wait.go:90
which can be fixed by adding following rule:
```
- verbs:
- '*'
apiGroups:
- solr.apache.org
resources:
- solrclouds/finalizers
```
May the action list can be specified in detail.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org
[GitHub] [solr-operator] HoustonPutman closed issue #263: Missing RBAC rule for finalizers
Posted by GitBox <gi...@apache.org>.
HoustonPutman closed issue #263:
URL: https://github.com/apache/solr-operator/issues/263
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org
[GitHub] [solr-operator] thomaswoeckinger commented on issue #263: Missing RBAC rule for finalizers
Posted by GitBox <gi...@apache.org>.
thomaswoeckinger commented on issue #263:
URL: https://github.com/apache/solr-operator/issues/263#issuecomment-825465653
Looks good to me
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org
[GitHub] [solr-operator] HoustonPutman commented on issue #263: Missing RBAC rule for finalizers
Posted by GitBox <gi...@apache.org>.
HoustonPutman commented on issue #263:
URL: https://github.com/apache/solr-operator/issues/263#issuecomment-825076528
This RBAC rule is necessary when a particular setting is turned on in the admission controller. But we should definitely include it by default.
The verb only needs to be `update`. The check is here:
https://github.com/kubernetes/kubernetes/blob/master/plugin/pkg/admission/gc/gc_admission.go#L192
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org