Hello! I foolishly upgraded from 1.24 to 1.26 without reading the changelog and now I'm running into issues where helm charts that try to install PodSecurityPolicies are failing because kubernetes is refusing the api. Is there a k3s command-line-flag that might allow the creation of the objects with the understanding that they'll be no-ops?
01/05/2023, 4:48 PM
Nope. Those types are gone gone gone from Kubernetes. Apiserver no longer knows what they are and will not allow them to be created. There is not as far as I know an 'ignore unknown resource types' flag for Kubernetes clients.
01/05/2023, 7:54 PM
horrible hack idea.. is it possible to create a CRD for PSP? 😄
01/05/2023, 7:55 PM
oh wow, that would be quite a dirty hack but it might actually work, depending on whether the apigroup is protected 😆
01/05/2023, 7:56 PM
yea I am the master of mind boggling hacks
I once wrote a cron script to make Solaris 10 kernels think they are out of memory so that they would flush their route caches, there was no other way to flush them and the hash size was so small that traversing the chains took more time than not caching..
oracle fixed it later.. 4 years later..
01/06/2023, 9:55 AM
@red-lizard-14453 wouldn’t it be possible to update the charts that use this old PSP policy? E.g. Longhorn just release v1.4.0 that solves the issue of its previous versions using PSP … just as an example