Skip to content

[BUG] MetalLB instructions fail on k8s 1.25+ #1290

New issue
New issue
Closed
#1291
Closed
[BUG] MetalLB instructions fail on k8s 1.25+#1290
#1291
Assignees
ggiguash
@kevchu3

Description

@kevchu3
kevchu3
opened on Jan 24, 2023

What happened?

I followed the documentation on Deploying a TCP Load Balancer for User Workloads on my MicroShift cluster running on OpenShift 4.12. The instructions to deploy resource manifests from the metallb project do not work because PodSecurityPolicy which was previously deprecated, has now been removed from OpenShift 4.12 / Kubernetes 1.25.

What did you expect to happen?

Applying the YAML manifests to deploy the project should work.

How to reproduce it (as minimally and precisely as possible)?

  1. Deploy MicroShift on OpenShift 4.12.
  2. Run the instructions to apply the resource manifests from metallb project:
oc apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.4/config/manifests/metallb-native.yaml

It should fail when attempting to create objects of type PodSecurityPolicy.

Anything else we need to know?

I've already found a solution, which is to use updated manifests from that project:

oc apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.7/config/manifests/metallb-native.yaml

Afterwards, I still needed to apply the privileged scc to the controller and speaker serviceaccounts as follows:

oc adm policy add-scc-to-user privileged -z controller -n metallb-system
oc adm policy add-scc-to-user privileged -z speaker -n metallb-system

Environment

  • MicroShift version (use microshift version):
    $ microshift version
    MicroShift Version: 4.12.0-0.microshift-2022-11-17-084702-untagged
    Base OCP Version: 4.12.0-0.nightly-2022-11-07-181244

  • Hardware configuration:
    Intel NUC with 2 cores and 16 GB RAM

  • OS (e.g: cat /etc/os-release):
    $ cat /etc/os-release
    NAME="Red Hat Enterprise Linux"
    VERSION="8.7 (Ootpa)"
    ID="rhel"
    ID_LIKE="fedora"
    VERSION_ID="8.7"
    PLATFORM_ID="platform:el8"
    PRETTY_NAME="Red Hat Enterprise Linux 8.7 (Ootpa)"
    ANSI_COLOR="0;31"
    CPE_NAME="cpe:/o:redhat:enterprise_linux:8::baseos"
    HOME_URL="https://www.redhat.com/"
    DOCUMENTATION_URL="https://access.redhat.com/documentation/red_hat_enterprise_linux/8/"
    BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_BUGZILLA_PRODUCT_VERSION=8.7
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.7"

  • Kernel (e.g. uname -a):
    $ uname -a
    Linux [hostname redacted] 4.18.0-425.10.1.el8_7.x86_64 Init #1 SMP Wed Dec 14 16:00:01 EST 2022 x86_64 x86_64 x86_64 GNU/Linux

  • Others:

Relevant logs

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions