Kubernetes' command-line tool is kubectl, while OphenShift uses oc, a typically compatible variant. To support non-OpenShift clusters, the FlexNet Manager for Engineering Applications’ installation script (install.sh) uses kubectl instead of oc. If you’re using oc, the installation script's incompatibility with oc command will cause the security context constraint template to be missing the following entries.
This will result in errors when the SecurityContextConstraints are applied to the cluster:
error: error validating "STDIN": error validating data: [ValidationError(SecurityContextConstraints): missing required field "allowHostDirVolumePlugin" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "allowHostIPC" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "allowHostNetwork" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "allowHostPID" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "allowHostPorts" in io.openshift.security.v1.SecurityContextConstraints, ValidationError(SecurityContextConstraints): missing required field "readOnlyRootFilesystem" in io.openshift.security.v1.SecurityContextConstraints]; if you choose to ignore these errors, turn validation off with --validate=false
There are two workarounds for the issue.
Or
Jan 06, 2023 10:45 AM