-
Bug
-
Resolution: Cannot Reproduce
-
Major
-
None
-
4.15
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
Low
-
No
-
None
-
None
-
Rejected
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
After fixing https://issues.redhat.com/browse/OCPBUGS-20213, we found ccm logs report: Failed to watch *v1.EndpointSlice: failed to list *v1.EndpointSlice: endpointslices.discovery.k8s.io is forbidden: User "system:serviceaccount:openshift-cloud-controller-manager:cloud-controller-manager" cannot list resource "endpointslices" in API group "discovery.k8s.io" at the cluster scope
Version-Release number of selected component (if applicable):
How reproducible:
Always
Steps to Reproduce:
1. Set up cluster on azure 2. Check ccm logs 3.
Actual results:
Found below permission issue in ccm log: I1107 06:05:02.259788 1 reflector.go:325] Listing and watching *v1.EndpointSlice from k8s.io/client-go/informers/factory.go:150 W1107 06:05:02.262214 1 reflector.go:535] k8s.io/client-go/informers/factory.go:150: failed to list *v1.EndpointSlice: endpointslices.discovery.k8s.io is forbidden: User "system:serviceaccount:openshift-cloud-controller-manager:cloud-controller-manager" cannot list resource "endpointslices" in API group "discovery.k8s.io" at the cluster scope E1107 06:05:02.262245 1 reflector.go:147] k8s.io/client-go/informers/factory.go:150: Failed to watch *v1.EndpointSlice: failed to list *v1.EndpointSlice: endpointslices.discovery.k8s.io is forbidden: User "system:serviceaccount:openshift-cloud-controller-manager:cloud-controller-manager" cannot list resource "endpointslices" in API group "discovery.k8s.io" at the cluster scope
Expected results:
No error in azure ccm log
Additional info: