Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rancher operator fails to deploy on CIS hardened RKE cluster #32547

Closed
janeczku opened this issue May 5, 2021 · 3 comments
Closed

Rancher operator fails to deploy on CIS hardened RKE cluster #32547

janeczku opened this issue May 5, 2021 · 3 comments
Assignees
@StrongMonkey @sowmyav27
Labels
internal kind/bug Issues that are defects reported by users or that we know have reached a real release
Milestone
v2.5.10

Comments

@janeczku
Copy link
Contributor

janeczku commented May 5, 2021
edited by jambajaar

What kind of request is this (question/bug/enhancement/feature request):
Bug

Steps to reproduce (least amount of steps as possible):

  1. Create an RKE cluster following the Rancher HA install documentation and the CIS 1.6 hardening guidelines
  2. Install Rancher Helm chart on the cluster
  3. Check status of the deployment in the rancher-operator-system

Result:
Rancher-Operator in the rancher-operator-system namespace fails to successfully deploy due to missing access to pod security policy

Error creating: pods "rancher-operator-79b8c96444-" is forbidden: PodSecurityPolicy: unable to admit pod: []

Environment information

  • Rancher version: 2.5.7
  • Installation option (single install/HA): HA
  • RKE Version: 1.2.8
  • Kubernetes Version: v1.19.10-rancher1-1

gz#17244
@janeczku janeczku added the kind/bug Issues that are defects reported by users or that we know have reached a real release label May 5, 2021
@janeczku
Copy link
Contributor Author

janeczku commented May 5, 2021

Regression? #29696

@deniseschannon deniseschannon added this to the v2.6 milestone May 5, 2021
@Jono-SUSE-Rancher Jono-SUSE-Rancher modified the milestones: v2.6, v2.5.9 May 26, 2021
@sowmyav27
Copy link
Contributor

On 2.5.4, rancher-operator fails to deploy on the local cluster in a HA setup with BYO valid certs.
Other related issues -

@Jono-SUSE-Rancher Jono-SUSE-Rancher modified the milestones: v2.5.9, v2.5.10 May 26, 2021
@StrongMonkey StrongMonkey mentioned this issue May 28, 2021
Merged
@janeczku janeczku mentioned this issue May 31, 2021
Closed
@deniseschannon deniseschannon modified the milestones: v2.5.10, v2.6 Jun 15, 2021
@zube zube bot removed the [zube]: Next Up label Jun 15, 2021
@sowmyav27
Copy link
Contributor

Closing this issue as deploying rancher on 2.5.8 HA install with the updated docs worked fine - #32823 (comment)

@sowmyav27 sowmyav27 self-assigned this Jun 15, 2021
@zube zube bot removed the [zube]: Done label Sep 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@StrongMonkey StrongMonkey

@sowmyav27 sowmyav27

Labels
internal kind/bug Issues that are defects reported by users or that we know have reached a real release
Projects
None yet
Milestone
v2.5.10
Development

No branches or pull requests
6 participants
@janeczku @StrongMonkey @jambajaar @deniseschannon @sowmyav27 @Jono-SUSE-Rancher