This repository has been archived by the owner on Aug 9, 2024. It is now read-only.
Failed to install kubebench due to kubebench nfs deploy failed #147
Comments
|
Checked the problem, that should be caused by the the serviceaccount has no privileged security policy, see below. [root@test ks_app]# kubectl --as=system:serviceaccount:kubeflow:default -n kubeflow auth can-i use podsecuritypolicy/privileged
noSuggest that ensure the pod security policy in the install script before deploy nfs. Thanks. |
|
worked around solution: kubectl -n ${K8S_NAMESPACE} create role psp:privileged --verb=use --resource=podsecuritypolicy --resource-name=privileged
kubectl -n ${K8S_NAMESPACE} create rolebinding ${KB_ENV}:psp:privileged --role=psp:privileged --serviceaccount=${K8S_NAMESPACE}:defaultBut I think we should better to update install script to ensure that automatically. |
This was referenced Dec 12, 2018
|
@jinchihe Can you show me your PodSecurityPolicy? |
|
Below is PodSecurityPolicy which has been modified as above steps. Thanks. [root@test hejinchi]# kubectl get PodSecurityPolicy -n kubeflow
NAME PRIV CAPS SELINUX RUNASUSER FSGROUP SUPGROUP READONLYROOTFS VOLUMES
default false RunAsAny RunAsAny RunAsAny RunAsAny false *
privileged true * RunAsAny RunAsAny RunAsAny RunAsAny false * |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Install kubebench by following Readme file, but failed, that's caused the nfs cannot be deployment, please see below for details.
The text was updated successfully, but these errors were encountered: