Pod security policy defaults not applied after upgrade
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Jerry Sun |
Bug Description
Brief Description
-----------------
After upgrading, the default pod security policy files are not applied, since they are applied during bootstrap. This means if pod security policy is enabled after an upgrade, there will be deployment issues
Severity
--------
Major
Steps to Reproduce
------------------
Upgrade a system and enable pod security policy
deploy pods to kube-system
Expected Behavior
------------------
deployment successful
Actual Behavior
----------------
pods are not able to deploy due to pod security policies
Reproducibility
---------------
Reproducible
System Configuration
-------
multi-node system
Branch/Pull Time/Commit
-------
2020-06-25
Test Activity
-------------
developer testing
Workaround
----------
Manually run the following after upgrade, but before turning on pod security policies:
kubectl apply -f /usr/share/
stx.4.0 / medium priority - should be fixed, but there is a manual workaround, so not critical.