Open
Description
Bug Report
What did you do?
After installing OLM, tried to install the splunk operator using:
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: my-splunk
namespace: operators
spec:
channel: stable
name: splunk
source: operatorhubio-catalog
sourceNamespace: olm
What did you expect to see?
The splunk CSV created and showing installed as status.
What did you see instead? Under which circumstances?
Unpack job pods failing, extract container exit with error:
time="2024-08-06T17:07:53Z" level=info msg="Using in-cluster kube client config"
time="2024-08-06T17:07:53Z" level=fatal msg="cluster config failed: Cannot load config for REST client: open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory"
We are running in a hardened cluster where the default service account has automountServiceAccountToken set to false
apiVersion: v1
kind: ServiceAccount
metadata:
name: default
namespace: olm
automountServiceAccountToken: false
From more information check:
kubernetes/kubernetes#57601
rke1-hardening-guide#configure-default-service-account
Environment
- operator-lifecycle-manager version: v0.28.0
- Kubernetes version information: v1.26.13+rke2r1
- Kubernetes cluster kind:
Possible Solution
Use another service account instead of the default.
Additional context
Add any other context about the problem here.