You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using Helm on Openshift (on AWS), I see the following behavior:
I see the following warning when I install:
W1129 14:23:48.829438 22854 warnings.go:70] would violate PodSecurity "restricted:latest": host namespaces (hostNetwork=true), allowPrivilegeEscalation != false (containers "sniffer", "tracer" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "sniffer", "tracer" must not include "CHECKPOINT_RESTORE", "DAC_OVERRIDE", "NET_ADMIN", "NET_RAW", "SYS_ADMIN", "SYS_MODULE", "SYS_PTRACE", "SYS_RESOURCE" in securityContext.capabilities.add), restricted volume types (volumes "proc", "sys" use restricted volume type "hostPath"), runAsNonRoot != true (pod or containers "sniffer", "tracer" must set securityContext.runAsNonRoot=true), seccompProfile (pod or containers "sniffer", "tracer" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")W1129 14:23:48.907067 22854 warnings.go:70] would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "kubeshark-hub" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "kubeshark-hub" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "kubeshark-hub" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "kubeshark-hub" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")W1129 14:23:48.908988 22854 warnings.go:70] would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "kubeshark-front" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "kubeshark-front" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "kubeshark-front" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "kubeshark-front" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
When I try to uninstall with helm I see this:
helm uninstall kubeshark-osError: failed to delete release: kubeshark-os
When I try to install again, using the same name, I see this:
helm install kubeshark-os . --set tap.proxy.worker.srvPort=30001Error: INSTALLATION FAILED: cannot re-use a name that is still in use
Hence, I can't install Kubeshark twice in the same namespace.
Similar problems occur when installing with the CLI.
TBD
Ensure eBPF/Openshift support
The text was updated successfully, but these errors were encountered:
When using Helm on Openshift (on AWS), I see the following behavior:
When I try to install again, using the same name, I see this:
Hence, I can't install Kubeshark twice in the same namespace.
TBD
Ensure eBPF/Openshift support
The text was updated successfully, but these errors were encountered: