-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
odf-4.20
-
None
Description of problem:
The odf-blackbox-exporter Pod in the openshift-storage namespace fails with CreateContainerConfigError because the container image runs as root, but the Pod requires the container to run as non-root
Version-Release number of selected component (if applicable):
CNV: v4.21.0.rhel9-57
How reproducible:
100%
Steps to Reproduce:
1. 2. 3.
Actual results:
CreateContainerConfigError, and affected T1 gating test
Expected results:
odf-blackbox-exporter Pod should running successful
Additional info:
$ oc get pod -A | grep odf-blackbox openshift-storage odf-blackbox-exporter-5d6dd9f4c5-r6rxh 0/1 CreateContainerConfigError 0 19h
yaml
- image: quay.io/prometheus/blackbox-exporter@sha256:a50c4c0eda297baa1678cd4dc4712a67fdea713b832d43ce7fcc5f9bea05094d
imageID: ""
lastState: {}
name: odf-blackbox-exporter
ready: false
restartCount: 0
started: false
state:
waiting:
message: 'container has runAsNonRoot and image will run as root (pod: "odf-blackbox-exporter-5d6dd9f4c5-r6rxh_openshift-storage(6fc79a50-1bd4-4afc-b753-955ca2429f96)",
container: odf-blackbox-exporter)'
reason: CreateContainerConfigError
volumeMounts:
- mountPath: /etc/blackbox_exporter
name: config
readOnly: true
recursiveReadOnly: Disabled
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-t7qww
readOnly: true
recursiveReadOnly: Disabled