Community operator should support multiple namespaces out of the box

[gecube]

Good day!

I installed the operator into namespace mongodb-operator with all the defaults settings.
I created ns database where I put the sample mongodb description.

Expected behaviour

The DB is created under custom namespaces with default settings of the operator.

Observed behaviour:

DB is not created at all. If I reinstall operator with operator.watchNamespace: "*" the process starts, but then:

  Normal   SuccessfulCreate  6m26s                 statefulset-controller  create Claim data-volume-call-analytics-mongodb-0 Pod ***-mongodb-0 in StatefulSet call-analytics-mongodb success
  Normal   SuccessfulCreate  6m26s                 statefulset-controller  create Claim logs-volume-call-analytics-mongodb-0 Pod ***-mongodb-0 in StatefulSet call-analytics-mongodb success
  Warning  FailedCreate      58s (x17 over 6m26s)  statefulset-controller  create Pod call-analytics-mongodb-0 in StatefulSet ***-mongodb failed error: pods "call-analytics-mongodb-0" is forbidden: error looking up service account databases/mongodb-database: serviceaccount "mongodb-database" not found

I checked the helm chart and it looks like that SA for DB management should be present in any namespace where mongodb would be created. It would be nice if operator could take the management of this SA (yes, I want it to have a cluster role to be able to manage all NSs).

[WiZeYAR]

I do agree that it makes little sense to restrict the cluster operator under a single namespace only. This is not how other popular operators, such as https://github.com/zalando/postgres-operator are implemented. Is there a reason, why this design choice was made?

[antoineozenne]

Same here, this design seems unusual.