WARNING: Using insecure TLS client config. Setting this option is not supported! Login successful. You have access to 69 projects, the list has been suppressed. You can list all projects with 'oc projects' Using project "default". ls: cannot access '/tmp/kiali/hack/istio/../../_output/istio-*': No such file or directory CLIENT_EXE=oc ARCH=amd64 IS_OPENSHIFT=true IS_MAISTRA=true Deploying bookinfo demo ... ls: cannot access '/tmp/kiali/hack/istio/../../_output/istio-*': No such file or directory Output Directory: /tmp/kiali/_output Will use the latest Istio version: 1.18.2 Will look for Istio here: /tmp/kiali/_output/istio-1.18.2 Cannot find Istio 1.18.2 - will download it now... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 101 100 101 0 0 1346 0 --:--:-- --:--:-- --:--:-- 1364 100 4899 100 4899 0 0 51031 0 --:--:-- --:--:-- --:--:-- 51031 Downloading istio-1.18.2 from https://github.com/istio/istio/releases/download/1.18.2/istio-1.18.2-linux-amd64.tar.gz ... Istio 1.18.2 Download Complete! Istio has been successfully downloaded into the istio-1.18.2 folder on your system. Next Steps: See https://istio.io/latest/docs/setup/install/ to add Istio to your Kubernetes cluster. To configure the istioctl client tool for your workstation, add the /tmp/kiali/_output/istio-1.18.2/bin directory to your environment path variable with: export PATH="$PATH:/tmp/kiali/_output/istio-1.18.2/bin" Begin the Istio pre-installation check by running: istioctl x precheck Need more information? Visit https://istio.io/latest/docs/setup/install/ Istio is found here: /tmp/kiali/_output/istio-1.18.2 client version: 1.18.2 control plane version: OSSM_2.4.2-1 data plane version: 1.16.7 (2 proxies) istioctl is found here: /tmp/kiali/_output/istio-1.18.2/bin/istioctl Istio is found here: /tmp/kiali/hack/istio/../../_output/istio-1.18.2 istioctl is found here: /tmp/kiali/hack/istio/../../_output/istio-1.18.2/bin/istioctl client version: 1.18.2 control plane version: OSSM_2.4.2-1 data plane version: 1.16.7 (2 proxies) The cluster client executable is found here: /usr/bin/oc IS_OPENSHIFT=true IS_MAISTRA=true Now using project "bookinfo" on server "https://api.ci-op-wmr17wsg-8c5aa.cspilp.interop.ccitredhat.com:6443". You can add applications to this project with the 'new-app' command. For example, try: oc new-app rails-postgresql-example to build a new example application in Ruby. Or use kubectl to deploy a simple Kubernetes application: kubectl create deployment hello-node --image=registry.k8s.io/e2e-test-images/agnhost:2.43 -- /agnhost serve-hostname Error from server (NotFound): services "productpage" not found Error from server (AlreadyExists): routes.route.openshift.io "istio-ingressgateway" already exists securitycontextconstraints.security.openshift.io/bookinfo-scc created namespace/bookinfo labeled service/details created serviceaccount/bookinfo-details created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "details" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "details" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "details" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/details-v1 created service/ratings created serviceaccount/bookinfo-ratings created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "ratings" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "ratings" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "ratings" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/ratings-v1 created service/reviews created serviceaccount/bookinfo-reviews created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "reviews" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "reviews" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "reviews" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/reviews-v1 created deployment.apps/reviews-v2 created deployment.apps/reviews-v3 created service/productpage created serviceaccount/bookinfo-productpage created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "productpage" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "productpage" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "productpage" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/productpage-v1 created gateway.networking.istio.io/bookinfo-gateway created virtualservice.networking.istio.io/bookinfo created servicemeshmember.maistra.io/default created servicemeshmemberroll.maistra.io/default condition met Enabling sidecar injection for deployment: deployment.apps/details-v1 Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "details" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "details" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "details" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/details-v1 patched Enabling sidecar injection for deployment: deployment.apps/productpage-v1 Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "productpage" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "productpage" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "productpage" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/productpage-v1 patched Enabling sidecar injection for deployment: deployment.apps/ratings-v1 Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "ratings" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "ratings" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "ratings" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/ratings-v1 patched Enabling sidecar injection for deployment: deployment.apps/reviews-v1 Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "reviews" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "reviews" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "reviews" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/reviews-v1 patched Enabling sidecar injection for deployment: deployment.apps/reviews-v2 Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "reviews" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "reviews" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "reviews" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/reviews-v2 patched Enabling sidecar injection for deployment: deployment.apps/reviews-v3 Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "reviews" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "reviews" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "reviews" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/reviews-v3 patched Bookinfo Demo should be installed and starting up - here are the pods and services NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE details ClusterIP 172.30.163.8 9080/TCP 6s productpage ClusterIP 172.30.62.10 9080/TCP 6s ratings ClusterIP 172.30.154.113 9080/TCP 6s reviews ClusterIP 172.30.202.34 9080/TCP 6s NAME READY STATUS RESTARTS AGE details-v1-7c7dbcb4b5-w292w 1/1 Running 0 6s details-v1-fb8d64689-r8csz 0/2 ContainerCreating 0 5s productpage-v1-559cb4579c-kqcw5 0/2 ContainerCreating 0 5s productpage-v1-664d44d68d-f788r 1/1 Running 0 6s ratings-v1-68bc78f8f7-mj7vd 0/2 ContainerCreating 0 5s ratings-v1-844796bf85-4tlhx 1/1 Running 0 6s reviews-v1-5cf854487-ln9t4 1/1 Running 0 6s reviews-v1-f8496b9f-qw4t2 0/2 ContainerCreating 0 5s reviews-v2-574944ff79-h88ks 0/2 ContainerCreating 0 4s reviews-v2-955b74755-vd9zs 1/1 Running 0 6s reviews-v3-797fc48bc9-9szht 1/1 Running 0 6s reviews-v3-857c7785c9-cftw7 0/2 ContainerCreating 0 4s Installing Traffic Generator Traffic Generator will use the OpenShift ingress route of: istio-ingressgateway-istio-system.apps.ci-op-wmr17wsg-8c5aa.cspilp.interop.ccitredhat.com clusterrole.rbac.authorization.k8s.io/system:openshift:scc:anyuid added: "default" % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 215 100 215 0 0 1822 0 --:--:-- --:--:-- --:--:-- 1822 configmap/traffic-generator-config created % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 1185 100 1185 0 0 10128 0 --:--:-- --:--:-- --:--:-- 10128 Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "kiali-traffic-generator" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "kiali-traffic-generator" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "kiali-traffic-generator" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "kiali-traffic-generator" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") replicaset.apps/kiali-traffic-generator created Deploying error rates demo ... Will deploy Error Rates Demo using these settings: CLIENT_EXE=oc ARCH=amd64 DELETE_DEMO=false ENABLE_INJECTION=true ISTIO_NAMESPACE=istio-system NAMESPACE_ALPHA=alpha NAMESPACE_BETA=beta SOURCE=https://raw.githubusercontent.com/kiali/demos/master IS_OPENSHIFT=true IS_MAISTRA=true Now using project "alpha" on server "https://api.ci-op-wmr17wsg-8c5aa.cspilp.interop.ccitredhat.com:6443". You can add applications to this project with the 'new-app' command. For example, try: oc new-app rails-postgresql-example to build a new example application in Ruby. Or use kubectl to deploy a simple Kubernetes application: kubectl create deployment hello-node --image=registry.k8s.io/e2e-test-images/agnhost:2.43 -- /agnhost serve-hostname Now using project "beta" on server "https://api.ci-op-wmr17wsg-8c5aa.cspilp.interop.ccitredhat.com:6443". You can add applications to this project with the 'new-app' command. For example, try: oc new-app rails-postgresql-example to build a new example application in Ruby. Or use kubectl to deploy a simple Kubernetes application: kubectl create deployment hello-node --image=registry.k8s.io/e2e-test-images/agnhost:2.43 -- /agnhost serve-hostname namespace/alpha labeled namespace/beta labeled clusterrole.rbac.authorization.k8s.io/system:openshift:scc:anyuid added: "default" clusterrole.rbac.authorization.k8s.io/system:openshift:scc:anyuid added: "default" securitycontextconstraints.security.openshift.io/error-rates-scc created % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 8377 100 8377 0 0 83770 0 --:--:-- --:--:-- --:--:-- 83770 Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "a" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "a" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "a" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "a" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/a-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "b-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "b-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "b-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "b-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/b-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "c-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "c-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "c-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "c-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/c-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "d-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "d-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "d-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "d-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/d-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "e-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "e-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "e-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "e-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/e-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "f-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "f-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "f-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "f-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/f-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "v-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "v-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "v-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "v-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/v-server created service/v-server created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "w-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "w-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "w-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "w-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/w-server created service/w-server created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "x-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "x-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "x-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "x-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/x-server created service/x-server created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "y-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "y-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "y-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "y-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/y-server created service/y-server created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "z-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "z-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "z-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "z-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/z-server created service/z-server created % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 8368 100 8368 0 0 118k 0 --:--:-- --:--:-- --:--:-- 118k Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "a" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "a" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "a" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "a" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/a-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "b-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "b-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "b-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "b-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/b-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "c-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "c-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "c-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "c-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/c-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "d-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "d-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "d-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "d-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/d-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "e-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "e-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "e-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "e-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/e-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "f-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "f-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "f-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "f-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/f-client created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "v-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "v-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "v-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "v-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/v-server created service/v-server created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "w-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "w-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "w-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "w-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/w-server created service/w-server created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "x-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "x-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "x-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "x-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/x-server created service/x-server created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "y-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "y-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "y-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "y-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/y-server created service/y-server created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "z-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "z-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "z-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "z-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/z-server created service/z-server created servicemeshmember.maistra.io/default created servicemeshmemberroll.maistra.io/default condition met Enabling sidecar injection for deployment: deployment.apps/a-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "a" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "a" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "a" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "a" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/a-client patched Enabling sidecar injection for deployment: deployment.apps/b-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "b-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "b-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "b-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "b-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/b-client patched Enabling sidecar injection for deployment: deployment.apps/c-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "c-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "c-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "c-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "c-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/c-client patched Enabling sidecar injection for deployment: deployment.apps/d-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "d-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "d-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "d-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "d-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/d-client patched Enabling sidecar injection for deployment: deployment.apps/e-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "e-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "e-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "e-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "e-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/e-client patched Enabling sidecar injection for deployment: deployment.apps/f-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "f-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "f-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "f-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "f-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/f-client patched Enabling sidecar injection for deployment: deployment.apps/v-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "v-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "v-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "v-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "v-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/v-server patched Enabling sidecar injection for deployment: deployment.apps/w-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "w-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "w-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "w-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "w-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/w-server patched Enabling sidecar injection for deployment: deployment.apps/x-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "x-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "x-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "x-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "x-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/x-server patched Enabling sidecar injection for deployment: deployment.apps/y-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "y-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "y-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "y-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "y-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/y-server patched Enabling sidecar injection for deployment: deployment.apps/z-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "z-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "z-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "z-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "z-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/z-server patched servicemeshmember.maistra.io/default created servicemeshmemberroll.maistra.io/default condition met Enabling sidecar injection for deployment: deployment.apps/a-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "a" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "a" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "a" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "a" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/a-client patched Enabling sidecar injection for deployment: deployment.apps/b-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "b-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "b-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "b-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "b-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/b-client patched Enabling sidecar injection for deployment: deployment.apps/c-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "c-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "c-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "c-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "c-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/c-client patched Enabling sidecar injection for deployment: deployment.apps/d-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "d-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "d-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "d-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "d-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/d-client patched Enabling sidecar injection for deployment: deployment.apps/e-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "e-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "e-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "e-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "e-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/e-client patched Enabling sidecar injection for deployment: deployment.apps/f-client Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "f-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "f-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "f-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "f-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/f-client patched Enabling sidecar injection for deployment: deployment.apps/v-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "v-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "v-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "v-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "v-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/v-server patched Enabling sidecar injection for deployment: deployment.apps/w-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "w-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "w-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "w-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "w-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/w-server patched Enabling sidecar injection for deployment: deployment.apps/x-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "x-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "x-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "x-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "x-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/x-server patched Enabling sidecar injection for deployment: deployment.apps/y-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "y-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "y-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "y-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "y-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/y-server patched Enabling sidecar injection for deployment: deployment.apps/z-server Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "z-server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "z-server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "z-server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "z-server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/z-server patched Installing the 'sleep' app in the 'sleep' namespace... Error from server (NotFound): namespaces "sleep" not found Now using project "sleep" on server "https://api.ci-op-wmr17wsg-8c5aa.cspilp.interop.ccitredhat.com:6443". You can add applications to this project with the 'new-app' command. For example, try: oc new-app rails-postgresql-example to build a new example application in Ruby. Or use kubectl to deploy a simple Kubernetes application: kubectl create deployment hello-node --image=registry.k8s.io/e2e-test-images/agnhost:2.43 -- /agnhost serve-hostname namespace/sleep labeled clusterrole.rbac.authorization.k8s.io/system:openshift:scc:anyuid added: "sleep" networkattachmentdefinition.k8s.cni.cncf.io/istio-cni created securitycontextconstraints.security.openshift.io/sleep-scc created serviceaccount/sleep created service/sleep created Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "sleep" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "sleep" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "sleep" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "sleep" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/sleep created servicemeshmember.maistra.io/default created servicemeshmemberroll.maistra.io/default condition met Enabling sidecar injection for deployment: deployment.apps/sleep Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "sleep" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "sleep" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "sleep" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "sleep" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") deployment.apps/sleep patched virtualservice.networking.istio.io/bookinfo patched Waiting for workload: 'details-v1' to be ready Waiting for deployment "details-v1" rollout to finish: 1 old replicas are pending termination... error: deployment "details-v1" exceeded its progress deadline