Getting error while deploying istio version 1.16, pods are getting crashed

Question

I am deploying to version 1.16 but the pods are getting crashed below are the pod's error.

istiod pod:

2023-03-21T11:58:09.768255Z info kube controller "extensions.istio.io/v1alpha1/WasmPlugin" is syncing... controller=crd-controller 2023-03-21T11:58:09.868998Z info kube controller "extensions.istio.io/v1alpha1/WasmPlugin" is syncing... controller=crd-controller 2023-03-21T11:58:09.887383Z info klog k8s.io/client-go@v0.25.2/tools/cache/reflector.go:169: failed to list *v1alpha1.WasmPlugin: wasmplugins.extensions.istio.io is forbidden: User "system:serviceaccount:istio-system:istiod-service-account" cannot list resource "wasmplugins" in API group "extensions.istio.io" at the cluster scope 2023-03-21T11:58:09.887472Z error watch error in cluster Kubernetes: failed to list *v1alpha1.WasmPlugin: wasmplugins.extensions.istio.io is forbidden: User "system:serviceaccount:istio-system:istiod-service-account" cannot list resource "wasmplugins" in API group "extensions.istio.io" at the cluster scope

external-dns: time="2023-03-21T12:17:22Z" level=fatal msg="failed to sync cache: timed out waiting for the condition"

Version istioctl version:

client version: 1.17.1 control plane version: 1.16.2 data plane version: none

kubectl version --short:

Client Version: v1.24.10 Kustomize Version: v4.5.4 Server Version: v1.24.10-eks-48e63af

score 2 · Answer 1 · answered Mar 21 '23 at 14:20

2

The error is speaking; the Service Account istiod-service-account has no privileges on the CRDs extensions.istio.io/v1alpha1/WasmPlugin.

The solution to your problem is documented here: https://github.com/istio/istio/issues/36886#issue-1107794465

answered Mar 21 '23 at 14:20

glv

994
1
1
15

Hi glv, thanks for your response. Actually i tried that as well but still have the same issue. – Bhagavat Bhise Mar 23 '23 at 04:46

Getting error while deploying istio version 1.16, pods are getting crashed

1 Answers1