help request: FluentBit Daemonset getting mkdir Operation not permitted in Openshift env

[zeagur]

Describe the issue

In Openshift Env when I deploy Fluentbit using either plain yaml file or helm, the Daemonset of Fluentbit will spawn a pods with ContainerCreation error

Error: failed to mkdir /containers: mkdir /containers: operation not permitted

below is the snippet of value.yaml I'm using.

operator:
  initcontainer:
    repository: "docker"
    tag: "20.10"
    resources:
      limits:
        cpu: 100m
        memory: 64Mi
      requests:
        cpu: 50m
        memory: 64Mi
  container:
    repository: "kubesphere/fluent-operator"
    tag: "v2.4.0"
  nodeSelector: {}
  tolerations: []
  priorityClassName: ""
  podSecurityContext: {}
  securityContext: {}
  resources:
    limits:
      cpu: 100m
      memory: 256Mi
    requests:
      cpu: 100m
      memory: 64Mi
fluentbit:
  crdsEnable: true
  enable: true
  image:
    repository: "kubesphere/fluent-bit"
    tag: "v2.1.8"
  resources:
    limits:
      cpu: 500m
      memory: 200Mi
    requests:
      cpu: 10m
      memory: 50Mi
  labels: {}

  imagePullSecrets: []
  secrets: []
  podSecurityContext:
    privileged: true
  securityContext: {}
  additionalVolumes: []
  additionalVolumesMounts: []
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
          - matchExpressions:
              - key: node-role.kubernetes.io/edge
                operator: DoesNotExist

How did you install fluent operator?

Helm, and Plain yaml from walkthrough

Additional context

No response

[tapasmishra]

Do we have any workaround for the above issue?

[TomStary]

Try moving the configuration from podSecurityContext to securityContext in the fluentbit section.