-
Bug
-
Resolution: Cannot Reproduce
-
Normal
-
None
-
4.19.z
-
Quality / Stability / Reliability
-
False
-
-
None
-
Low
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
This is an LVMS Bug Report:
Please make sure that you describe your storage configuration in detail. List all devices that you plan to work with for LVMS as well as any relevant machine configuration data to make it easier for an engineer to help out.
Description of problem:
Installation of LVM Storage Operator version 4.18 channel stable on OCP 4.19.0-ec.2 did not happen as expected.
Version-Release number of selected component (if applicable):
4.18
Steps to Reproduce:
Install the Operator using OLM, both CLI and GUI
Actual results:
vg-manager ds pods were not getting created without additional scc being created: Warning FailedCreate 4m38s daemonset-controller Error creating: pods "vg-manager-drt2n" is forbidden: violates PodSecurity "restricted:latest": host namespaces (hostPID=true), privileged (container "vg-manager" must not set securityContext.privileged=true), allowPrivilegeEscalation != fal se (container "vg-manager" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "vg-manager" must set securityContext.capabilities.drop=["ALL"]), restricted volume types (volumes "registration-dir", "node-plugin-dir", "file-lock-dir", "csi-plugin-dir", "pod-volumes-di r", "lvmd-config", "device-dir", "run-udev", "sys" use restricted volume type "hostPath"), runAsNonRoot != true (pod or container "vg-manager" must set securityContext.runAsNonRoot=true), runAsUser=0 (container "vg-manager" must not set runAsUser=0), seccompProfile (pod or container "vg-manager" must set secu rityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
Expected results:
vg-manager ds deploys pods and hence allowing the user to create a storage cluster.
Additional info:
To troubleshoot, I was able to add privileged scc and issue was bypassed.
