Why do my pods fail to deploy after applying a pod security policy?
Virtual Private Cloud Classic infrastructure
After creating a pod or running kubectl get events
to check on a pod deployment, you see an error message similar to the following.
unable to validate against any pod security policy
The PodSecurityPolicy
admission controller checks the authorization of the user or service account that tried to create the pod.
If no pod security policy supports the user or service account, then the PodSecurityPolicy
admission controller prevents the pods from being created.
If you deleted one of the pod security policy resources for IBM cluster management, you might experience similar issues.
Make sure that the user or service account is authorized by a pod security policy. You might need to modify an existing policy.
If you deleted an IBM cluster management resource, refresh the Kubernetes master to restore it.
-
Refresh the Kubernetes master to restore it.
ibmcloud ks cluster master refresh