Forbidden cluster scope requests


While trying to deploy Gitpod on our own cluster using helm 0.6.0, we are running into the following issue (among others):

Do we need to create a service account with special privileges for this?


To be honest, I don’t know how to solve this problem either. What I can tell you so far is that there is a service account node-daemon defined in the helm charts that has a cluster role defined that needs access to the nodes resssource. However, I’ve never heard that someone had to create additional service account rights. Probably, it’s something that is needed in your existing K8s installation?