This article applies Kubernetes 1.25 migration https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-25 to the hivemq-operator
helm Helm chart.
According to the Kubernetes 1.25 migration , The relevant point from the https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-25 is that PodSecurityPolicy
in the policy/v1beta1 API version will no longer be served in v1.25 onwards, and the PodSecurityPolicy admission controller will be removed. Kubernetes recommends to Migrate migrating to Pod Security Admission or a 3rd party admission webhook.At the moment we don't have an alternative to enforce security policies, so this should be considered a workaround.
This article also helps you to resolve the error “error: resource mapping not found for name: "hivemq-operator" namespace: "hivemq" from "manifests\operator\hivemq-psp.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1"
The workaround is to disable the PodSecurityPolicy
. How to do it is explained in the instructions below.
\uD83D\uDCD8 Instructions
Get the values from the Helm chart:
Code Block language bash helm show values hivemq/hivemq-operator > my-values.yaml
Disable the
...
PodSecurityPolicy
:Code Block language yaml global: rbac: pspEnabled: false
Deploy the chart using values.yaml:
Code Block language bash helm upgrade my-hivemq \ --install hivemq/hivemq-operator \ --values my-values.yaml \ --namespace my-namespace
Or, deploy the chart without using values.yaml and disable
pspEnabled
with--set
option:Code Block language bash helm upgrade my-hivemq \ --install hivemq/hivemq-operator \ --set global.rbac.pspEnabled=false \ --namespace my-namespace
\uD83D\uDCCB Related articles
Filter by label (Content by label) | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|