Role and RoleBinding for OpenShift

[Jonas Pettersson]

Hi,

I am trying out fluent-bit 0.13.1 on OpenShift as a daemon set. But I doesn't have permissions to mount "hostPath" /var/log/ as in https://github.com/fluent/fluent-bit-kubernetes-logging/blob/master/output/elasticsearch/fluent-bit-ds.yaml

Is there a different Role object available for OpenShift? I think the fluent-bit container need to run as privileged. https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/fluent-bit-role.yaml

Any suggestions on how to get fluent-bit to run as a daemon set with OpenShift?

/Jonas

[Jonas Pettersson]

I get this error, in a fluent-bit log:

[2018/05/16 08:07:28] [error] [in_tail] read error, check permissions: /var/log/containers/*.log

/Jonas

[Jonas Pettersson]

I fixed it by adding this to the daemon set under the container;

    securityContext:

        privileged: true

On Wednesday, May 16, 2018 at 9:54:12 AM UTC+2, Jonas Pettersson wrote:

[Eduardo Silva]

hi Jonas, 

thanks for raising this issue and providing the fix. 

Do you know if this SecurityContext is only required for Openshift or it also affects different Kubernetes distributions ?

regards, 

--
You received this message because you are subscribed to the Google Groups "Fluent-Bit" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fluent-bit+unsubscribe@googlegroups.com.
To post to this group, send email to fluen...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/fluent-bit/c960e2ad-2bb5-4979-b1c8-0a904b001a74%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Eduardo Silva

Open Source, Treasure Data

http://www.treasuredata.com/opensource