-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
4.20
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
Moderate
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
Networkpolicies are not applied to the operator pods until the a kueue CR is created
Version-Release number of selected component (if applicable):
1.1
How reproducible:
always
Steps to Reproduce:
1.install operator
2.do not create a Kueue CR
3.
Actual results:
No networkpolices applied in openshift-kueue-operator namespace or anywhere else
Expected results:
Networkpolicies created in openshift-kueue-operator namespace
Additional info:
Logs from operator pods:
E1023 14:29:29.522928 1 target_config_reconciler.go:211] "unable to get operator configuration" err="kueues.kueue.openshift.io \"cluster\" not found" kueue="cluster"
90
E1023 14:29:29.522961 1 base_controller.go:279] "Unhandled Error" err="KueueOperator reconciliation failed: kueues.kueue.openshift.io \"cluster\" not found"
It appears that the networkpolicies are not applied until the Kueue CR is created. This leaves the operator pods expose until then. This is a potential security risk.
