Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-3201

Unable to install Elasticsearch operator from upstream repo on OCP 4.12

XMLWordPrintable

    • False
    • None
    • False
    • NEW
    • VERIFIED
    • Log Storage - Sprint 226

      PodSecurity violation Error while trying to install Loki Operator on OCP 4.12 from upstream repo.

      FATA[0008] Failed to run bundle: create catalog: error creating registry pod: error creating pod: pods "quay-io-rhn-support-kbharti-loki-operator-bundle-v0-0-1" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "registry-grpc" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "registry-grpc" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "registry-grpc" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "registry-grpc" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") 
      make: *** [Makefile:237: olm-deploy] Error 1
      

       Steps to reproduce:
      1) clone upsteam repo openshift/loki.
      2) Run below cmd under under loki/operators.

      make olm-deploy REGISTRY_ORG=<quay-account-name> VERSION=<version>

      OCP version: 4.12

      Installation works fine on OCP 4.11

              ptsiraki@redhat.com Periklis Tsirakidis
              rhn-support-kbharti Kabir Bharti
              Kabir Bharti Kabir Bharti
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: