agones: Agones roles have insufficient permissions defined for clusters where OwnerReferencesPermissionEnforcement is enabled
What happened:
When trying to deploy a GameServer
, I received an error.
What you expected to happen:
A GameServer
should deploy.
How to reproduce it (as minimally and precisely as possible):
- create a k8s cluster
- enable
OwnerReferencesPermissionEnforcement
plugin - install agones
- create a gameserver
Environment:
- Agones version: 1.7
- Kubernetes version (use
kubectl version
): 1.6 but likely any recent version - Cloud provider or hardware configuration: N/A
- Install method (yaml/helm): helm
- Troubleshooting guide log(s):
pods "simple-udp-jcc4d" is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on: , <nil>
In the agones-controller
role, explicitly adding the finalizers permissions (eg: gameservers/finalizers
) at least is a workaround. I am not sure if that is the correct fix.
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 1
- Comments: 15 (12 by maintainers)
I’ll need to play with this and try to do it with Minikube and report back with a clear reproducer.
If I get enough cycles I may be able to PR the owner references themselves.