Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-29434

One of the spod pods keeps restarting

    XMLWordPrintable

Details

    • Important
    • Rejected
    • Unspecified
    • If docs needed, set a value
    • In Progress

    Description

      Description of problem:

      This is ref to bug  https://issues.redhat.com/browse/OCPBUGS-29434

      with additional data
      SPO version is 0.8.2

      We ran into this issue while using SPOD with a P3.2XL aws machine. We manually adjusted the default action to SCMP_ACT_LOG.
      We then saw the spod pod no longer in CLBO. Looking at the /var/log/audit.log file we noticed the clock_gettime syscall was being logged by the pod.
      Manually adjusting the SCMP_ACT_ALLOW syscall list to permit clock_gettime prevented the issue when switching the default action back to SCMP_ACT_ERRNO.

      We then provided the fix upstream via
      https://github.com/kubernetes-sigs/security-profiles-operator/pull/2121

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-9269 One of the spod pods keeps restarting

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              wenshen@redhat.com Vincent Shen
              rhn-support-gmahto Gagan Mahto
              Xiaojie Yuan Xiaojie Yuan
              Red Hat Employee
              Xiaojie Yuan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: