Tiller can't init dew to lack of permissions


Domingo Mu├▒oz Daza <domingo.munoz@...>
 

Hello, first time using helm in our kubernetes cluster and we came accross some issue, and I was hoping you could help us. I don't know if this is the right way to contact the Helm community.

Output of `helm version`:

`Client: &version.Version{SemVer:"v2.12.3", GitCommit:"eecf22f77df5f65c823aacd2dbd30ae6c65f186e", GitTreeState:"clean"}
Error: could not find a ready tiller pod`

Output of `kubectl version`:

`Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.1", GitCommit:"eec55b9ba98609a46fee712359c7b5b365bdd920", GitTreeState:"clean", BuildDate:"2018-12-13T10:39:04Z", GoVersion:"go1.11.2", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"9+", GitVersion:"v1.9.2-CCE2.0.7-B003", GitCommit:"302f471a1e2caa114c9bb708c077fbb363aa2f13", GitTreeState:"clean", BuildDate:"2018-06-20T03:27:16Z", GoVersion:"go1.9.2", Compiler:"gc", Platform:"linux/amd64"}`

Cloud Provider/Platform (AKS, GKE, Minikube etc.): Open Telekom Cloud

I have created a tiller serviceaccount and its binded with cluster-admin clusterrole

The output of `kubectl get pods -n kube-system` is

Captura de pantalla 2019-02-06 a las 13.33.59.png

The output of `kubectl describe pods tiller -n kube-system`

Captura de pantalla 2019-02-06 a las 13.34.09.png

Tried to get the logs from tiller and this was the output ` kubectl logs -f tiller-deploy-7c78f74c-7529q -n kube-system`

`[main] 2019/02/06 12:32:13 Cannot initialize Kubernetes connection: failed to read token file "/var/run/secrets/kubernetes.io/serviceaccount/token": open /var/run/secrets/kubernetes.io/serviceaccount/token: permission denied``

Can't access the container to check this path because its not created yet. Any thoughts on this?