K
Q

helm install failing on GKE

11/29/2019

I am a total GCP Newbie- just created a new account.
I have installed a GKE cluster - it is active, also downloaded the sdk. I was able to deploy a pod on GKE using kubectl.
Have tiller and helm client installed.
From the CLI when I try running a helm command

>helm install --name testngn ./nginx-test


 Error: release testngn failed: namespaces "default" is forbidden: User  
"system:serviceaccount:kube-system:default" cannot get resource "namespaces" in API group "" in the namespace "default"

I have given my user "owner" role - so hopefully that is not the issue. But not sure how the CLI identifies the user and permissions (new to me). Also the kubectl -n flag does not work with helm (?)

-- Sam-T
google-cloud-platform
google-kubernetes-engine
kubernetes-helm

Similar Questions

Why isn't my ingress controller route traffic from my external IP to the service in my cluster?
CSINodes problem in Kubernetes Multiple Scheduler
Minikube failed to start -> pgrep kube-api
How to hack a Kubernetes container with a Spring Boot application and running as a root user?
Mounting a k8s secret using kustomize

1 Answer

11/29/2019

Most of documentation simply says just do helm init - but that does not provide any permissions to Tiller - so it would fail- unable to execute anything.
Create Service account with cluster-admin role using the rbac-config.yaml. Then helm init with this service account to provide permissions to Tiller

$ kubectl create -f rbac-config.yaml
serviceaccount "tiller" created
clusterrolebinding "tiller" created
$ helm init --service-account tiller

-- Sam-T
Source: StackOverflow