Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dynatrace operator custom namespace name



I am setting up Kubernetes monitoring in our environment, and I am following the documentation for "Get started with Kubernetes/OpenShift monitoring"

We use a hosted EKS cluster, and have a specific naming convention for namespace names. This means I can't complete the first step to create a 'dynatrace' namespace. I have created a namespace using our naming convention, so am hoping to amend the config files for the rest to the process using our own namespace name.

For the next step 'Install Dynatrace Operator', I downloaded a local copy of the kubernetes.yaml file, and updated all instances of the namespace name to the new value of our custom namespace. When I ran the kubectl apply command using the local copy of the kubernetes.yaml file, it created some resources, but then gave a number of Forbidden errors. A sample of the output is shown below.


I notice that the Namespace in the forbidden error is blank, so perhaps I need some other config to be updated with my namespace name?


poddisruptionbudget.policy/dynatrace-webhook created

serviceaccount/dynatrace-activegate created

serviceaccount/dynatrace-kubernetes-monitoring created

serviceaccount/dynatrace-dynakube-oneagent-privileged created

serviceaccount/dynatrace-dynakube-oneagent-unprivileged created

serviceaccount/dynatrace-operator created

serviceaccount/dynatrace-webhook created

service/dynatrace-webhook created

deployment.apps/dynatrace-operator created

deployment.apps/dynatrace-webhook created


Error from server (Forbidden): error when retrieving current configuration of:

Resource: ", Resource=customresourcedefinitions", GroupVersionKind: ", Kind=CustomResourceDefinition"

Name: "", Namespace: ""

from server for: "/root/.kube/kubernetes.yaml": "" is forbidden: User "dyna-********" cannot get resource "customresourcedefinitions" in API group "" at the cluster scope



DynaMight Legend
DynaMight Legend

@nick_chard were you able to get this sorted out? 



Hi Chad,

No I didn't get a resolution. After doing some more research into it, the error suggests it's a permissions problem, and my account doesn't have the correct permissions at the EKS cluster level, however, I have managed to prove this yet, or get a working solution.

DynaMight Champion
DynaMight Champion

Hi @nick_chard !

Which deployment mode did you use ?
Did you try the latest release 0.10.2?

Also maybe troubleshoot command could help you :

kubectl exec deploy/dynatrace-operator -n dynatrace -- dynatrace-operator troubleshoot --namespace=yourcustomnamespace --dynakube=yourdynakubename




Observability Engineer at Phenisys - Dynatrace Professional

Featured Posts