We are testing pod security where product namesapce level enforce=baseline, in that case fluent-bit pods were not starting, They are failing with below message.
We are testing pod security where product namesapce level enforce=baseline, in that case fluent-bit pods were not starting, They are failing with below message.
Error message: Warning FailedCreate 4m2s daemonset-controller Error creating: pods "objectscale-manager-fluent-bit-96rq4" is forbidden: violates PodSecurity "baseline:latest": hostPath volumes (volumes "varlog", "varlibdockercontainers")
I am interested to know is it possible to achieve rolebinding/clusterrolebinding or other ways to run daemonset pods by keeping namesapce at enforce=baseline level & mounting hostpath.
k8s version - GitVersion:v1.25.4+a34b9e9 kubectl version - GitVersion:v1.25.2