helm-charts icon indicating copy to clipboard operation
helm-charts copied to clipboard

Published 20 hours ago verified publisher icon vsphere-tmm

vsphere-cpi: Installation of vsphere-cpi in other namespaces than 'kube-system' fails

Open ErikLundJensen opened this issue 2 years ago • 2 comments

It seems the cpi needs to access the configmap "extension-apiserver-authentication" in namespace kube-system.

When vsphere-cpi is installed other namespaces then the pod does not have permissions to read the ConfigMap in kube-system. For example when installing vsphere-csi Helm Chart with vsphere-cpi.enabled: true

Two different solutions as I see it:

  • A RoleBinding in kube-system to let the serviceaccount read the ConfigMap
  • Documentation of vsphere-cpi must be installed in kube-system namespace and thereby remove the option to install vsphere-cpi as part of the vsphere-csi chart.

ErikLundJensen avatar May 11 '22 11:05 ErikLundJensen

Hi @ErikLundJensen, I have created a PR(#40) , to fix the read permission issue. Maybe you can take a look and share your thoughts.

hasanhakkaev avatar May 30 '22 07:05 hasanhakkaev

See also somewhat related #44.

sathieu avatar Jun 09 '22 12:06 sathieu