K
Q

Kubernetes system:serviceaccount can't access service

5/16/2018

I'm trying to follow this tutorial to setup an nginx-ingress controller.

It seems it was written before RBAC was fully integrated into k8s. When I get to the final step of running the nginx-controller.yaml I get back an authorization error:

no service with name default/default-http-backend found: services "default-http-backend" is forbidden: User "system:serviceaccount:default:default" cannot get services in the namespace "default"

What do I need to do to make this work with RBAC?

-- Philip Kirkbride
kubernetes

Similar Questions

Argo Workflow using kubernetes
Kubernetes: Ingress commands on kubectl to change ingress configuration
Kubernetes - how to download a PersistentVolume's content
Restoring wordpress and mysql data to kubernetes volume

1 Answer

1/22/2019

That hackernoon post (like most of them) is incorrent. Specifically there are no RBAC objects and the deployment is not assigned a service account (i.e.: serviceAccountName: ).

To ensure that you have the right (or enough) RBAC objects created check out the RBAC-* objects at https://github.com/mateothegreat/k8-byexamples-ingress-controller/tree/master/manifests.

-- yomateo
Source: StackOverflow