You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I understand that the AWX Operator is open source software provided for free and that I might not receive a timely response.
Bug Summary
I'm trying to deploy AWX 2.13.1 on kubernetes cluster v1.26.9
I set this for my AWX yaml file for security context
` task_privileged: false
security_context_settings:
runAsNonRoot: true
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
`
but I have this error on deployments Pods "awx-test-1-task-6d9c67f6cb-wb2f7" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost"):Deployment does not have minimum availability.
AWX Operator version
2.13.1
AWX version
24.0.0
Kubernetes platform
kubernetes
Kubernetes/Platform version
1.26
Modifications
no
Steps to reproduce
deploying AWX on k8s cluster with security context
Expected results
pods running with no errors
Actual results
Pods "awx-test-1-task-6d9c67f6cb-wb2f7" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost"):Deployment does not have minimum availability.
Additional information
No response
Operator Logs
No response
The text was updated successfully, but these errors were encountered:
Please confirm the following
Bug Summary
I'm trying to deploy AWX 2.13.1 on kubernetes cluster v1.26.9
I set this for my AWX yaml file for security context
` task_privileged: false
security_context_settings:
runAsNonRoot: true
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
`
but I have this error on deployments
Pods "awx-test-1-task-6d9c67f6cb-wb2f7" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost"):Deployment does not have minimum availability.
AWX Operator version
2.13.1
AWX version
24.0.0
Kubernetes platform
kubernetes
Kubernetes/Platform version
1.26
Modifications
no
Steps to reproduce
deploying AWX on k8s cluster with security context
Expected results
pods running with no errors
Actual results
Pods "awx-test-1-task-6d9c67f6cb-wb2f7" is forbidden: violates PodSecurity "restricted:latest": allowPrivilegeEscalation != false (containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or containers "init-database", "init-receptor", "redis", "awx-test-1-task", "awx-test-1-ee", "awx-test-1-rsyslog" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost"):Deployment does not have minimum availability.
Additional information
No response
Operator Logs
No response
The text was updated successfully, but these errors were encountered: