$ oc policy add-role-to-user edit --serviceaccount logging-deployer
Hi,I've tried to set up logging with the EFK stack according to the documentation for OpenShift 3.2, but when I try to deploy the logging-deployer pod it fails into Error status with the following error message in the container log:[...]+ echo 'Attaching secrets to service accounts'
+ oc secrets add serviceaccount/aggregated-logging-kibana logging-kibana logging-kibana-proxy
+ oc secrets add serviceaccount/aggregated-logging-elasticsearch logging-elasticsearch
+ oc secrets add serviceaccount/aggregated-logging-fluentd logging-fluentd
+ oc secrets add serviceaccount/aggregated-logging-curator logging-curator
+ '[' -n '' ']'
+ echo 'Deleting configmaps'
+ oc delete configmap -l logging-infra=support
Error from server: User "system:serviceaccount:logging:logging-deployer" cannot list configmaps in project "logging"[ full output at http://pastebin.com/sUZrNX1b ]When I take a look who is allowed to list configmaps the logging-deployer serviceaccount is not listed:10:18:16 root osmaster:~> oc policy who-can list configmap -n logging
system:mastersBut to be honest I don't have a clue how to add a verb/resource pair to a serviceaccount.I've tried to add the view/edit/admin roles to the serviceaccount but no luck.Any help would be greatly appreciated!Thanks and kind regards,Lemmy.
users mailing list
users lists openshift redhat com