-
Bug
-
Resolution: Done-Errata
-
Critical
-
None
-
False
-
-
False
-
CLOSED
-
---
-
---
-
Critical
-
None
Description of problem:
virt-operator deployment is not rolling out
virt-operator 0/2 0 0 28m
- lastTransitionTime: "2022-10-06T11:23:51Z"
lastUpdateTime: "2022-10-06T11:23:51Z"
message: 'pods "virt-operator-5bfcfcbbfd-gvnxt" is forbidden: unable to validate
against any security context constraint: [pod.metadata.annotations.seccomp.security.alpha.kubernetes.io/pod:
Forbidden: seccomp may not be set pod.metadata.annotations.container.seccomp.security.alpha.kubernetes.io/virt-operator:
Forbidden: seccomp may not be set provider "anyuid": Forbidden: not usable by
user or serviceaccount provider "nonroot": Forbidden: not usable by user or
serviceaccount provider "noobaa": Forbidden: not usable by user or serviceaccount
provider "noobaa-endpoint": Forbidden: not usable by user or serviceaccount
provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount
provider "machine-api-termination-handler": Forbidden: not usable by user or
serviceaccount provider "hostnetwork": Forbidden: not usable by user or serviceaccount
provider "hostaccess": Forbidden: not usable by user or serviceaccount provider
"rook-ceph": Forbidden: not usable by user or serviceaccount provider "node-exporter":
Forbidden: not usable by user or serviceaccount provider "rook-ceph-csi": Forbidden:
not usable by user or serviceaccount provider "privileged": Forbidden: not usable
by user or serviceaccount]'
Version-Release number of selected component (if applicable):
CNV-4.10.6-18
How reproducible: 100%
Steps to Reproduce:
1. Start CNV deployment
2. Observe virt-operator deployment
3.
Actual results: virt-operator failing to rollout
Expected results: Successful CNV deployment
Additional info:
- blocks
-
CNV-21711 [2132015] virt-launcher cannot be started on OCP 4.12 due to PodSecurity restricted:v1.24
-
- Closed
-
- external trackers