Kubernetes' command-line tool is kubectl, while OphenShift uses oc, a typically compatible variant. To support non-OpenShift clusters, the FlexNet Manager Kubernetes Agent's installation script (install.sh) uses kubectl instead of oc. If you’re using oc, the installation script's incompatibility with the oc command will cause the security context constraint template to be missing the following entries.
This will result in errors when the SecurityContextConstraints are applied to the cluster:
error: error validating "STDIN": error validating data: [ValidationError(SecurityContextConstraints): missing required field "allowHostDirVolumePlugin" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "allowHostIPC" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "allowHostNetwork" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "allowHostPID" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "allowHostPorts" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "readOnlyRootFilesystem" in io.openshift.security.v1.SecurityContextConstraints]; if you choose to ignore these errors, turn validation off with --validate=false
There are two workarounds for the issue.
Or
on Jan 06, 2023 10:45 AM - edited on May 09, 2024 01:06 PM by tjohnson1