Azure Policy on AKS (Gatekeeper) prevents pod from fetching images of cert-manager-controller and etc
Error
Most of pods doesn't work due to AKS Policy not allowing fetching images of cert-manager-controller and etc. as of 16th Apr 24.
kubectl get pods -n cert-manager
kubectl get pods -n istio-system
kubectl get pods -n auth
kubectl get pods -n knative-eventing
kubectl get pods -n knative-serving
kubectl get pods -n kubeflow
kubectl get pods -n kubeflow-user-example-com
Above all pods are not there.
Log in event
One of above, cert-manager has this event.
Error creating: admission webhook "validation.gatekeeper.sh" denied the
request: [azurepolicy-k8sazurev2containerallowedimag-5ee1d79beab0bf8e481a]
Container image quay.io/jetstack/cert-manager-controller:v1.12.2 for container
cert-manager-controller has not been allowed.
Azure Policy on AKS (Gatekeeper) prevents pod from fetching images of cert-manager-controller and etc
Error
Most of pods doesn't work due to AKS Policy not allowing fetching images of
cert-manager-controllerand etc. as of 16th Apr 24.Above all pods are not there.
Log in event
One of above, cert-manager has this event.
Resolution
Simply turn off Poilcy on AKS. or change [
bicep]https://github.com/Azure/kubeflow-aks/blob/main/main.bicep#L21) toazurepolicy: ''