Containers not starting fails on RBAC enabled k8s
When running the OOM scripts on a RBAC enabled kubernetes,
readiness probes failed to check dependencies status as they
don't have the needed access rights.
Note for the reviewer :
The fix has been tested on a rancher installation (k8s 1.8)
and on a kubeadm installation (k8s 1.8), but not a previous
versions of k8s. There might be issues with the command when
used on pre RBAC (<1.6) versions of k8s. This should be tested
with such version if early backward compatibility should be a
concern.
Change-Id: I7a915fc08927cd0fc0d5ea70a75f44c1380de926
Issue-ID: OOM-349
Signed-off-by: Anaël Closson <ac2550@intl.att.com>
diff --git a/kubernetes/oneclick/createAll.bash b/kubernetes/oneclick/createAll.bash
index 8d41ee4..c23f014 100755
--- a/kubernetes/oneclick/createAll.bash
+++ b/kubernetes/oneclick/createAll.bash
@@ -26,6 +26,11 @@
fi
}
+create_service_account() {
+ cmd=`echo kubectl create clusterrolebinding $1-$2-admin-binding --clusterrole=cluster-admin --serviceaccount=$1-$2:default`
+ eval ${cmd}
+ check_return_code $cmd
+}
create_namespace() {
cmd=`echo kubectl create namespace $1-$2`
@@ -164,6 +169,9 @@
printf "\nCreating namespace **********\n"
create_namespace $NS $i
+ printf "\nCreating service account **********\n"
+ create_service_account $NS $i
+
printf "\nCreating registry secret **********\n"
create_registry_key $NS $i ${NS}-docker-registry-key $ONAP_DOCKER_REGISTRY $DU $DP $ONAP_DOCKER_MAIL