-
Notifications
You must be signed in to change notification settings - Fork 226
Closed
Description
Hi,
When running the deploy/deploy-hostpath.sh, the command:
#kubectl apply -f csi-hostpath-provisioner.yaml
# kubectl get statefulset
NAME READY AGE
csi-hostpath-provisioner 0/1 33m
# kubectl describe statefulset csi-hostpath-provisioner
Warning FailedCreate 1s (x13 over 11s) statefulset-controller create Pod csi-hostpath-provisioner-0 in StatefulSet csi-hostpath-provisioner failed error: pods "csi-hostpath-provisioner-0" is forbidden: unable to validate against any pod security policy: [spec.volumes[0].hostPath.pathPrefix: Invalid value: "/var/lib/kubelet/plugins/csi-hostpath": is not allowed to be used]
# kubectl get psp
NAME PRIV CAPS SELINUX RUNASUSER FSGROUP SUPGROUP READONLYROOTFS VOLUMES
00-rook-ceph-operator true * RunAsAny RunAsAny RunAsAny RunAsAny false *
bcmt false * RunAsAny RunAsAny RunAsAny RunAsAny false *
privileged true * RunAsAny RunAsAny RunAsAny RunAsAny false *
restricted false RunAsAny MustRunAsNonRoot MustRunAs MustRunAs false configMap,emptyDir,projected,secret,downwardAPI,persistentVolumeClaim,hostPath
I have created the privileged psp, why it wlways reportes the pod security issue?
What should I change to make it successful?
Thanks for any comments!
Metadata
Metadata
Assignees
Labels
No labels