Skip to content

Create the csi-hostpath-provisioner.yaml failed #11

@darcyllingyan

Description

@darcyllingyan

Hi,
When running the deploy/deploy-hostpath.sh, the command:

#kubectl apply -f csi-hostpath-provisioner.yaml
# kubectl get statefulset
NAME                       READY   AGE
csi-hostpath-provisioner   0/1     33m
# kubectl describe statefulset csi-hostpath-provisioner
Warning  FailedCreate  1s (x13 over 11s)  statefulset-controller  create Pod csi-hostpath-provisioner-0 in StatefulSet csi-hostpath-provisioner failed error: pods "csi-hostpath-provisioner-0" is forbidden: unable to validate against any pod security policy: [spec.volumes[0].hostPath.pathPrefix: Invalid value: "/var/lib/kubelet/plugins/csi-hostpath": is not allowed to be used]

# kubectl get psp
NAME                    PRIV    CAPS   SELINUX    RUNASUSER          FSGROUP     SUPGROUP    READONLYROOTFS   VOLUMES
00-rook-ceph-operator   true    *      RunAsAny   RunAsAny           RunAsAny    RunAsAny    false            *
bcmt                    false   *      RunAsAny   RunAsAny           RunAsAny    RunAsAny    false            *
privileged              true    *      RunAsAny   RunAsAny           RunAsAny    RunAsAny    false            *
restricted              false          RunAsAny   MustRunAsNonRoot   MustRunAs   MustRunAs   false            configMap,emptyDir,projected,secret,downwardAPI,persistentVolumeClaim,hostPath

I have created the privileged psp, why it wlways reportes the pod security issue?
What should I change to make it successful?

Thanks for any comments!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions