Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

policy/v1beta1 has been deprecated since kubectl version 1.25 #856

Open
portega-inbrain opened this issue Dec 7, 2022 · 5 comments
Open

policy/v1beta1 has been deprecated since kubectl version 1.25 #856

portega-inbrain opened this issue Dec 7, 2022 · 5 comments

Comments

@portega-inbrain
Copy link

The PodSecurityPolicy configuration has a dependency on policy/v1beta1

eks-charts/stable/aws-node-termination-handler/templates/psp.yaml

Line 2 in 8e82f74

apiVersion: policy/v1beta1
.
However this has been deprecated in more recent kubectl versions PodDisruptionBudget, PodSecurityPolicy in https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-25.
This is causing the aws-node-termination-handler to fail during installation with message

Error: unable to build kubernetes objects from release manifest: resource mapping not found
for name: "aws-node-termination-handler" namespace: "" from "":
no matches for kind "PodSecurityPolicy" in version "policy/v1beta1"
ensure CRDs are installed first

Please, see the original issue leading to this dandi/dandi-hub#52.
@razorsk8jz
Copy link
Contributor

This is also affecting myself when deploying aws-for-fluent-bit

eks-charts/stable/aws-for-fluent-bit/templates/psp.yaml

Line 1 in 69c1e0e

apiVersion: policy/v1beta1

This was referenced Jan 17, 2023
Closed
Merged
@bakayolo
Copy link

Same issue here, just upgraded my cluster to 1.25 and I can't upgrade or even delete the node termination handler anymore

@LeoSpyke
Copy link

LeoSpyke commented Mar 31, 2023
edited

Same here, even though the message is slightly different:

Error: unable to build kubernetes objects from release manifest: resource mapping not found
for name: "aws-for-fluent-bit" namespace: "" from "": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1"
ensure CRDs are installed first

I'm actually trying to use it from the EKS Blueprints for Terraform by configuring the value .rbac.pspEnabled to false both via a new values.yaml and by manually configuring the "set" block:

set {
    name  = "rbac.pspEnabled"
    value = false
}

but I'm getting the same error.

Environment:

  • EKS: 1.25
  • Chart version: 0.1.24 0.1.21
  • Application version: 2.28.4

@LeoSpyke LeoSpyke mentioned this issue Mar 31, 2023
Closed
@mvanbaak
Copy link

mvanbaak commented Apr 4, 2023

Environment:

  • EKS: 1.25
  • Chart version: 0.1.24
  • Application version: 2.28.4

Are you sure about this Chart version? The latest eks-blueprints code references 0.1.22.
I'm using EKS Blueprints as well, and I had to tell it to use a newer chart with the following code

  aws_for_fluentbit_helm_config = {
    version = "0.1.24"
  }

After I added that, pspEnabled will be set to false by default, so it JustWorks.

@LeoSpyke
Copy link

LeoSpyke commented Apr 4, 2023
edited

Are you sure about this Chart version?

You're right, I was thinking that importing the latest version of the blueprints would have involved using the latest version of the Helm chart too, instead 0.1.21 was used, which did not have the pspEnabled flag evaluation yet.

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mvanbaak @bakayolo @razorsk8jz @LeoSpyke @portega-inbrain