0

While debugging we are used spring-cloud-starter-kubernetes-config (version 1.1.10.RELEASE) dependency, with spring boot 2.5.4 (target version is above, 2.6.x). Actuator dependency enabled too.

After application deployed in actuator/info:

"kubernetes": {
"inside": false
}

But expected something like this: https://piotrminkowski.files.wordpress.com/2019/12/microservices-with-spring-cloud-kubernetes-info.png?resize=359%2C207

I tried to enable info explicitly:

management:
  info:
    kubernetes:
      enabled: true

After application startup in logs:

2022-03-22 08:28:31.897 [http-nio-8080-exec-3] [] WARN  o.s.cloud.kubernetes.StandardPodUtils - Failed to get pod with name:[our-ci-example-multi-module-one-deployment-86dcb6c559-rmxp8]. You should look into this if things aren't working as you expect. Are you missing serviceaccount permissions?
io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET at: https://k8s-ip/api/v1/namespaces/our-ci/pods/our-ci-example-multi-module-one-deployment-86dcb6c559-rmxp8. Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked. pods "our-ci-example-multi-module-one-deployment-86dcb6c559-rmxp8" is forbidden: User "system:serviceaccount:our-ci:default" cannot get pods in the namespace "our-ci".

May be reason that actuator can`t see the app inside k8s in this permissions?

Pavel
  • 31
  • 4
  • Do you have a service account for your deployment? https://docs.spring.io/spring-cloud-kubernetes/docs/current/reference/html/#service-account – Boris the Spider Mar 22 '22 at 05:53
  • @BoristheSpider, i used default account. Our SRE told me, that it has all needed accesses/permissions, but i dont think so. Should i add to `default` SA roles/bindings like in doc? – Pavel Mar 22 '22 at 06:03
  • @BoristheSpider, thanks a lot, its worked. Now left to force application read data from configmap. – Pavel Mar 22 '22 at 06:26

0 Answers0