Open philipp1992 opened 3 days ago
Hi, using 24.10.0 or 24.06 under Openshift 4.16 with Windows Nodes. The operator successfully creates the "trident-node-windows" SCC.
allowHostPorts: false priority: null requiredDropCapabilities: - MKNOD allowPrivilegedContainer: false runAsUser: type: RunAsAny users: - 'system:serviceaccount:trident:trident-node-windows' allowHostDirVolumePlugin: false allowHostIPC: false seLinuxContext: type: MustRunAs readOnlyRootFilesystem: false metadata: annotations: kubernetes.io/description: 'trident-node-windows is a clone of the anyuid built-in, and is meant just for use with trident.' resourceVersion: '1736544975' name: trident-node-windows uid: ff45ad32-0fb0-42af-aeff-1c2cd8367ae4 creationTimestamp: '2024-11-18T09:19:22Z' - apiVersion: trident.netapp.io/v1 controller: true kind: TridentOrchestrator name: trident uid: 02250c41-f783-430b-9292-181888c15926 labels: app: node.csi.trident.netapp.io fsGroup: type: RunAsAny groups: [] kind: SecurityContextConstraints defaultAddCapabilities: null supplementalGroups: type: RunAsAny volumes: - downwardAPI - emptyDir - projected allowHostPID: false allowHostNetwork: false allowPrivilegeEscalation: true apiVersion: security.openshift.io/v1 allowedCapabilities: null
The windows Pod from the Daemonset cant start though, because the SCC does not allow "hostPath". The linux scc created by Trident does allow it.
Hi, using 24.10.0 or 24.06 under Openshift 4.16 with Windows Nodes. The operator successfully creates the "trident-node-windows" SCC.
The windows Pod from the Daemonset cant start though, because the SCC does not allow "hostPath". The linux scc created by Trident does allow it.