Bug 1683701

Summary: Clusterlogging is created but deployments not created: "system:serviceaccount:openshift-operators:cluster-logging-operator" cannot list resource "clusterloggings"
Product: OpenShift Container Platform Reporter: Mike Fiedler <mifiedle>
Component: LoggingAssignee: Jeff Cantrill <jcantril>
Status: CLOSED ERRATA QA Contact: Anping Li <anli>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 4.1.0CC: aos-bugs, ewolinet, mifiedle, qitang, rmeggins, xtian
Target Milestone: ---   
Target Release: 4.1.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-04 10:44:39 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
cluster logging install plan none

Description Mike Fiedler 2019-02-27 15:31:40 UTC 
Description of problem:

1.  From the OCP web console, deploy the cluster logging community operator
2.  From the OCP web console, create a clusterlogging instance in the openshift-logging namespace with the following yaml:

apiVersion: logging.openshift.io/v1alpha1
kind: ClusterLogging
metadata:
  name: instance
  namespace: openshfit-logging
spec:
  managementState: Managed
  logStore:
    type: elasticsearch
    elasticsearch:
      nodeCount: 3
      redundancyPolicy: SingleRedundancy
      storage:
        storageClassName: gp2
        size: 200G
  visualization:
    type: kibana
    kibana:
      replicas: 1
  curation:
    type: curator
    curator:
      schedule: 30 3 * * *
  collection:
    logs:
      type: fluentd
      fluentd: {}

3.  The clusterlogging cr named instance is created in the openshift-logging namespace, but the clusterlogging-operator pod logs are full of the following error message:

ERROR: logging before flag.Parse: E0227 15:27:13.952660       1 reflector.go:205] github.com/operator-framework/operator-sdk/pkg/sdk/informer.go:91: Failed to list *unstructured.Unstructured: clusterloggings.logging.openshift.io is forbidden: User "system:serviceaccount:openshift-operators:cluster-logging-operator" cannot list resource "clusterloggings" in API group "logging.openshift.io" at the cluster scope

Version-Release number of selected component (if applicable): 4.0.0-0.nightly-2019-02-27-074704


How reproducible: Always
Comment 1 ewolinet 2019-02-27 15:59:13 UTC 
How are you installing the operator? 
It seems like you are missing the clusterloggings CRD from your system. `$ oc get crds`
Comment 2 Mike Fiedler 2019-02-27 16:22:14 UTC 
# oc get crd | egrep "clusterlogging|elastic"
clusterloggings.logging.openshift.io                                     2019-02-27T13:44:51Z
elasticsearches.logging.openshift.io                                     2019-02-27T13:44:51Z


The clusterlogging CR gets created ok:



 # oc get clusterlogging -o wide -n openshift-logging
NAME       AGE
instance   132m


Installing  the operator like this:

1. login in to the console
2. Click Catalogs -> OperatorHub
3. Click Community Operators
4. Click Cluster Logging
5. Click Install
Comment 3 Mike Fiedler 2019-02-27 16:40:50 UTC 
Created attachment 1539200 [details]
cluster logging install plan
Comment 4 Jeff Cantrill 2019-02-28 16:32:46 UTC 
Believe this will be resolved by https://github.com/operator-framework/community-operators/pull/85
Comment 5 Qiaoling Tang 2019-03-06 01:21:03 UTC 
Verified in 4.0.0-0.nightly-2019-03-05-065158.
Comment 8 errata-xmlrpc 2019-06-04 10:44:39 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758