[BUG] demo deploy RBAC role is incomplete

[LaysDragon]

Describe the bug
Flow the instruction from README via the admiral-install-v0.1-beta.tar.gz to deploy single cluster demo on kubernetes 1.16.6 and istio 1.4.3(deployed via rancher),the admiral will keep report about the error.

020-02-07T08:35:50.643231Z info Waiting for informer caches to sync
2020-02-07T08:35:50.647657Z warn Failed to refresh configmap state Error: configmaps "se-address-configmap" is forbidden: User "system:serviceaccount:admiral:admiral" cannot get resource "configmaps" in API group "" in the namespace "admiral-sync"
2020-02-07T08:35:50.647701Z info getting kubeconfig from: ""
ERROR: logging before flag.Parse: W0207 08:35:50.647710 1 client_config.go:552] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
2020-02-07T08:35:50.648535Z info Initializing default secret resolver
2020-02-07T08:35:50.648547Z info Setting up event handlers
...
...
...
2020-02-07T08:35:50.852004Z info op=Event type=service name=expose-operator-metrics cluster= message=Received, doing nothing
2020-02-07T08:35:50.852777Z error Could not get unique address after 3 retries. Failing to create serviceentry name=default.webapp.global
2020-02-07T08:35:50.852832Z info op=GetMeshPorts type=service name=webapp cluster=enmd message=No mesh ports present, defaulting to first port
2020-02-07T08:35:50.852848Z info op=Event type=deployment name=greeting cluster= message=Received
2020-02-07T08:35:50.852854Z info op=GetMeshPorts type=service name=greeting cluster=enmd message=No mesh ports present, defaulting to first port
2020-02-07T08:35:50.853501Z error Could not get unique address after 3 retries. Failing to create serviceentry name=default.greeting.global
2020-02-07T08:35:50.853516Z info op=GetMeshPorts type=service name=greeting cluster=enmd message=No mesh ports present, defaulting to first port
2020-02-07T08:35:51.776399Z info op=Event type=add name=konga cluster=enmd message=No dependent clusters found
2020-02-07T08:35:51.776579Z info op=Event type=add name=test cluster=enmd message=No dependent clusters found

Steps To Reproduce
Simply flow instruction in README

Expected behavior
Admiral should success generate ServiceEntry.

Note
I fix it via add RBAC role myself,not sure what is the best practice to set it so I give admiral full permission to configmaps in admiral-sync.
This problem might come from this PR which lost the RBAC part
#42

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: admiral-configmap-role
  namespace: admiral-sync
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  verbs:
  - get
  - list
  - create
  - update
  - delete
  - patch
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: admiral-configmap-role-binding
  namespace: admiral-sync
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: admiral-configmap-role
subjects:
- kind: ServiceAccount
  name: admiral
  namespace: admiral

and here is another problem here

admiral/admiral/pkg/clusters/serviceentry.go

Lines 47 to 50 in 7b4e5fd

	if err != nil {
	log.Errorf("Could not get unique address after %v retries. Failing to create serviceentry name=%v", maxRetries, globalFqdn)
	return nil
	}

It ignore the source err and only report cannot not get unique address,and make it harder to find out what happen. It should log the source error to point out the real problem.

[aattuluri]

@LaysDragon Great feedback, will fix this.

[martinbaillie]

Having a play with Admiral and hit this using latest. Should these roles and bindings not be in whatever is the sync namespace? admiral-sync by default

[josephpeacock]

@martinbaillie Thanks for keeping me honest. We should have been overriding that namespace in Kustomize for the example. I fixed that and validated that the out of the box example starts up.