kubectl apply -f calico.yaml Forbidden: disallowed by cluster policy

首页课程实战体系课手记专栏慕课教程

kubectl apply -f calico.yaml Forbidden: disallowed by cluster policy

来源：6-2 Harbor高可用部署（上）

千屹2024

2021-08-09

configmap/calico-config unchanged
customresourcedefinition.apiextensions.k8s.io/bgpconfigurations.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/bgppeers.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/blockaffinities.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/clusterinformations.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/felixconfigurations.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/globalnetworkpolicies.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/globalnetworksets.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/hostendpoints.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/ipamblocks.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/ipamconfigs.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/ipamhandles.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/ippools.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/kubecontrollersconfigurations.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/networkpolicies.crd.projectcalico.org configured
customresourcedefinition.apiextensions.k8s.io/networksets.crd.projectcalico.org configured
clusterrole.rbac.authorization.k8s.io/calico-kube-controllers unchanged
clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers unchanged
clusterrole.rbac.authorization.k8s.io/calico-node unchanged
clusterrolebinding.rbac.authorization.k8s.io/calico-node unchanged
serviceaccount/calico-node unchanged
deployment.apps/calico-kube-controllers unchanged
serviceaccount/calico-kube-controllers unchanged
poddisruptionbudget.policy/calico-kube-controllers unchanged
The DaemonSet “calico-node” is invalid:

spec.template.spec.containers[0].securityContext.privileged: Forbidden: disallowed by cluster policy
spec.template.spec.initContainers[0].securityContext.privileged: Forbidden: disallowed by cluster policy
spec.template.spec.initContainers[1].securityContext.privileged: Forbidden: disallowed by cluster policy
spec.template.spec.initContainers[2].securityContext.privileged: Forbidden: disallowed by cluster policy
[root@node-1 yaml]# vim /etc/kubernetes/config
[root@node-1 yaml]#
[root@node-1 yaml]#
[root@node-1 yaml]# ls
calico.yaml
[root@node-1 yaml]#

写回答

1回答

刘果国

刘果国

2021-08-10

百度搜这个：spec.template.spec.initContainers[0].securityContext.privileged: Forbidden: disallowed by cluster policy

0

0

Kubernetes生产落地全程实践

一个互联网公司落地Kubernetes全过程点点滴滴

2293 学习 · 2216 问题

相似问题

kubectl apply -f calico.yaml错误

回答 1

执行kubectl apply -f calico.yaml 报错

回答 3

kubectl apply -f calico.yaml kubectl: 未找到命令

回答 1

kubectl apply -f 的逆向操作是什么

回答 1

老师，kubectl apply -f mandatory.yaml 后出现了pending状态

回答 2

打开慕课网App查看更多内容