Open SherazShahid17 opened 4 years ago
Hey @SherazShahid17
This issue seems related to Openshift security rules. You can find how to enable these options in your SCC in our Openshift doc: https://docs.datadoghq.com/integrations/openshift/#restricted-scc-operations
If this does not yield any results, you can open a support ticket by emailing: support@datadoghq.com to troubleshoot this further with our support team.
Thanks,
Simon
Following all instructions in installing the Kubernetes Datadog-agent, when executed it reaches the following error (separated for ease)
Warning FailedCreate 13h (x78 over 19h) daemonset-controller Error creating: pods "datadog-agent-" is forbidden: unable to validate against any security context constraint:
[spec.volumes[1]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.volumes [2]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.volumes [3]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.volumes [7]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.volumes [8]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.volumes[ 10]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.volumes [11]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.volumes [12]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.volumes [13]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.initContainers
[0].securityContext.containers[1].hostPort: Invalid value: 8126: Host ports are not allowed to be used spec.initContainers [1].securityContext.containers [1].hostPort: Invalid value: 8126: Host ports are not allowed to be used spec.initContainers [2].securityContext.containers[1].hostPort: Invalid value: 8126: Host ports are not allowed to be used spec.containers [0].securityContext.containers [1].hostPort: Invalid value: 8126: Host ports are not allowed to be used spec.containers [1].securityContext.containers[1].hostPort: Invalid value: 8126: Host ports are not allowed to be used spec.containers[2].securityContext.containers
[1].hostPort: Invalid value: 8126: Host ports are not allowed to be used pod.metadata.annotations.container.seccomp.security.alpha.kubernetes.io/system-probe: Forbidden: seccomp may not be set capabilities.add:
Invalid value: "IPC_LOCK": capability may not be added capabilities.add: Invalid value: "NET_ADMIN": capability may not be added capabilities.add: Invalid value: "SYS_ADMIN": capability may not be added capabilities.add: Invalid value: "SYS_PTRACE": capability may not be added capabilities.add: Invalid value: "SYS_RESOURCE": capability may not be added spec.containers
[3].securityContext.containers [1].hostPort: Invalid value: 8126: Host ports are not allowed to be used
Attached screenshot: