Access to Prometheus service monitor fails #369
Labels
stale
Pull requests/issues with no activity
Comments
|
Hi @jnewfield, we are looking into this. |
|
This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 10 days. |
|
This issue was closed because it has been stalled for 10 days with no activity. |
|
@AlexFenlon, Was there any movement on this issue on your end? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
After deploying NGINX Ingress Operator and an NginxIngress crd with parameter spec.prometheus.serviceMonitor.create.true, the NGINX Ingress Controller pod fails to get created. An error similar to the following message is reported from the NginxIngress resource:
failed to install release: Unable to continue with install: could not get information about the resource ServiceMonitor "nginxingress-sample-nginx-ingress-controller" in namespace "nginx-ingress": servicemonitors.monitoring.coreos.com "nginxingress-sample-nginx-ingress-controller" is forbidden: User "system:serviceaccount:nginx-ingress-operator-system:nginx-ingress-operator-controller-manager" cannot get resource "servicemonitors" in API group "monitoring.coreos.com" in the namespace "nginx-ingress"Workaround:
Add appropriate rbac rules for NGINX Ingress Operator to access the Prometheus service monitor
Edit the NGINX Ingress Operator manager cluster role
kubectl edit clusterroles.rbac.authorization.k8s.io nginx-ingress-operator-manager-roleAdd the following api group rule just before the very last api group rule in the file
Fix:
Incorporate permissions to api group monitoring.coreos.com
The text was updated successfully, but these errors were encountered: