I’m a first time user of Convox, followed the instructions here and received a number of permission errors from Kubernetes:
Error: clusterroles.rbac.authorization.k8s.io is forbidden: User "system:anonymous" cannot create resource "clusterroles" in API group "rbac.authorization.k8s.io" at the cluster scope
on ../../terraform/api/k8s/atom.tf line 1, in resource "kubernetes_cluster_role" "atom":
1: resource "kubernetes_cluster_role" "atom" {
Error: clusterroles.rbac.authorization.k8s.io is forbidden: User "system:anonymous" cannot create resource "clusterroles" in API group "rbac.authorization.k8s.io" at the cluster scope
on ../../terraform/api/k8s/main.tf line 14, in resource "kubernetes_cluster_role" "api":
14: resource "kubernetes_cluster_role" "api" {
Error: clusterroles.rbac.authorization.k8s.io is forbidden: User "system:anonymous" cannot create resource "clusterroles" in API group "rbac.authorization.k8s.io" at the cluster scope
on ../../terraform/fluentd/k8s/main.tf line 9, in resource "kubernetes_cluster_role" "fluentd":
9: resource "kubernetes_cluster_role" "fluentd" {
Error: serviceaccounts is forbidden: User "system:anonymous" cannot create resource "serviceaccounts" in API group "" in the namespace "kube-system"
on ../../terraform/fluentd/k8s/main.tf line 39, in resource "kubernetes_service_account" "fluentd":
39: resource "kubernetes_service_account" "fluentd" {
Error: Failed to create daemonset: daemonsets.apps is forbidden: User "system:anonymous" cannot create resource "daemonsets" in API group "apps" in the namespace "kube-system"
on ../../terraform/fluentd/k8s/main.tf line 61, in resource "kubernetes_daemonset" "fluentd":
61: resource "kubernetes_daemonset" "fluentd" {
Error: namespaces is forbidden: User "system:anonymous" cannot create resource "namespaces" in API group "" at the cluster scope
on ../../terraform/rack/k8s/main.tf line 9, in resource "kubernetes_namespace" "system":
9: resource "kubernetes_namespace" "system" {
Error: clusterroles.rbac.authorization.k8s.io is forbidden: User "system:anonymous" cannot create resource "clusterroles" in API group "rbac.authorization.k8s.io" at the cluster scope
on ../../terraform/router/k8s/main.tf line 9, in resource "kubernetes_cluster_role" "router":
9: resource "kubernetes_cluster_role" "router" {
I realise this is only beta but would be nice to try it out