关于文档中正式环境配置的k8s配置calico网络，controller一直not ready

[baiclamp]

trafficstars

官方文档中，使用k8s部署的calico使用的是3.15版本，但是根据calico的文档兼容k8s，1.21版本的需要calico 3.19以上版本。 然后使用3.15版本的calico配置文件controller一直停留在下面的日志： 2023-07-31 02:28:19.977 [WARNING][1] runconfig.go 154: unable to get KubeControllersConfiguration(default) error=connection is unauthorized: kubecontrollersconfigurations.crd.projectcalico.org "default" is forbidden: User "system:serviceaccount:kube-system:calico-kube-controllers" cannot get resource "kubecontrollersconfigurations" in API group "crd.projectcalico.org" at the cluster scope 2023-07-31 02:28:20.985 [WARNING][1] runconfig.go 154: unable to get KubeControllersConfiguration(default) error=connection is unauthorized: kubecontrollersconfigurations.crd.projectcalico.org "default" is forbidden: User "system:serviceaccount:kube-system:calico-kube-controllers" cannot get resource "kubecontrollersconfigurations" in API group "crd.projectcalico.org" at the cluster scope 然后我尝试使用不同的calico版本，包括3.16~3.19 都有问题（仅仅修改配置文件的镜像版本） 请问如何修正3.15版本中的当前的日志反馈的问题。

[vettalwu]

@baiclamp The error message you provided indicates that the user "system:serviceaccount:kube-system:calico-kube-controllers" does not have the necessary permissions to access the "kubecontrollersconfigurations" resource in the "crd.projectcalico.org" API group at the cluster scope. To resolve this issue, you need to grant the appropriate permissions to the service account "calico-kube-controllers" in the "kube-system" namespace.

[vettalwu]

@baiclamp Is this problem resolved?