cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dynatrace operator custom namespace name

nick_chard
Visitor

Hi,

I am setting up Kubernetes monitoring in our environment, and I am following the documentation for "Get started with Kubernetes/OpenShift monitoring"

We use a hosted EKS cluster, and have a specific naming convention for namespace names. This means I can't complete the first step to create a 'dynatrace' namespace. I have created a namespace using our naming convention, so am hoping to amend the config files for the rest to the process using our own namespace name.

For the next step 'Install Dynatrace Operator', I downloaded a local copy of the kubernetes.yaml file, and updated all instances of the namespace name to the new value of our custom namespace. When I ran the kubectl apply command using the local copy of the kubernetes.yaml file, it created some resources, but then gave a number of Forbidden errors. A sample of the output is shown below.

 

I notice that the Namespace in the forbidden error is blank, so perhaps I need some other config to be updated with my namespace name?

 

poddisruptionbudget.policy/dynatrace-webhook created

serviceaccount/dynatrace-activegate created

serviceaccount/dynatrace-kubernetes-monitoring created

serviceaccount/dynatrace-dynakube-oneagent-privileged created

serviceaccount/dynatrace-dynakube-oneagent-unprivileged created

serviceaccount/dynatrace-operator created

serviceaccount/dynatrace-webhook created

service/dynatrace-webhook created

deployment.apps/dynatrace-operator created

deployment.apps/dynatrace-webhook created

 

Error from server (Forbidden): error when retrieving current configuration of:

Resource: "apiextensions.k8s.io/v1, Resource=customresourcedefinitions", GroupVersionKind: "apiextensions.k8s.io/v1, Kind=CustomResourceDefinition"

Name: "dynakubes.dynatrace.com", Namespace: ""

from server for: "/root/.kube/kubernetes.yaml": customresourcedefinitions.apiextensions.k8s.io "dynakubes.dynatrace.com" is forbidden: User "dyna-********" cannot get resource "customresourcedefinitions" in API group "apiextensions.k8s.io" at the cluster scope

 

3 REPLIES 3

ChadTurner
DynaMight Legend
DynaMight Legend

@nick_chard were you able to get this sorted out? 

-Chad

nick_chard
Visitor

Hi Chad,

No I didn't get a resolution. After doing some more research into it, the error suggests it's a permissions problem, and my account doesn't have the correct permissions at the EKS cluster level, however, I have managed to prove this yet, or get a working solution.

jegron
DynaMight Pro
DynaMight Pro

Hi @nick_chard !

Which deployment mode did you use ?
Did you try the latest release 0.10.2? https://www.dynatrace.com/support/help/whats-new/release-notes/dynatrace-operator

Also maybe troubleshoot command could help you :

kubectl exec deploy/dynatrace-operator -n dynatrace -- dynatrace-operator troubleshoot --namespace=yourcustomnamespace --dynakube=yourdynakubename

 

 

 

Observability Engineer at Phenisys - Dynatrace Professional

Featured Posts