Problem description: To avoid https://bugzilla.redhat.com/show_bug.cgi?id=1321533 we now need the deployer to have the cluster-admin role: oadm policy add-cluster-role-to-user cluster-admin system:serviceaccount:logging:logging-deployer Version-Release number of selected component (if applicable): https://docs.openshift.org/latest/install_config/aggregate_logging.html#pre-deployment-configuration How reproducible: Always Steps to Reproduce: Visit https://docs.openshift.org/latest/install_config/aggregate_logging.html#pre-deployment-configuration Actual Result: oadm policy add-cluster-role-to-user edit system:serviceaccount:logging:logging-deployer Expected Result: oadm policy add-cluster-role-to-user cluster-admin system:serviceaccount:logging:logging-deployer Additional info: Please refer to https://bugzilla.redhat.com/show_bug.cgi?id=1321533 for more detail
It looks like this command is wrong in 3.2 to 3.4. I have a PR here to correct the command: https://github.com/openshift/openshift-docs/pull/8869 @Anping, will you please confirm?
@juzhao, Must we add-cluster-role-to-user cluster-admin ystem:serviceaccount:logging:logging-deployer?
It is no need to change the doc now, so no need to merge the PR, it could be closed as NOTABUG This doc issue was filed at 2016-03-30, the descripton was "oadm policy add-cluster-role-to-user edit system:serviceaccount:logging:logging-deployer", the role was "edit" later we changed to role to "oauth-editor", it does not block the installation "oadm policy add-cluster-role-to-user oauth-editor system:serviceaccount:logging:logging-deployer", the role was "edit"
(In reply to Junqi Zhao from comment #4) typo, change > "oadm policy add-cluster-role-to-user oauth-editor > system:serviceaccount:logging:logging-deployer", the role was "edit" to "oadm policy add-cluster-role-to-user oauth-editor > system:serviceaccount:logging:logging-deployer", the role was "oauth-editor"