Hi folks,
When would we have a fix for PSP that is present in consul-helm 0.32.0 ?
KNOWN ISSUES:
- This release does not work when Pod Security Policies are enabled. This will be fixed in the upcoming release.
Thankyou!
Hi Ashwin,
Are PSPs currently enabled in your Kubernetes cluster and is this blocking you from deploying Consul K8s? We have seen this fail on GKE with PSPs enabled, and have not prioritized this yet.
Kubernetes is moving to deprecate PSPs in the future as described here: PodSecurityPolicy Deprecation: Past, Present, and Future | Kubernetes. It is not clear whether the prototype being built in 1.22 is going to be promoted from Alpha until some time so we are tracking then current progress of that feature.
1 Like
Hello David, Thanks for replying.
Yes we have PSPs enabled in our k8s cluster. Due to this, I won’t be able to deploy latest consul-helm release i.e 0.32.1 based on this KNOWN ISSUES.
Do you see any issue with consul-helm 0.32.1 release when deployed on k8s clusters running on VM with PSP enabled or its just the issue with GKE clusters ?
yeah, I have read the article on PSP deprecation before but its still not GA from them.
Hi Ashwin,
My understanding that this also is not working on other K8s distributions as well. Sorry I wish I had a better answer right now. We are currently tracking interest in this issue here: Support pod security policies for consul-helm 0.32.0+ · Issue #1021 · hashicorp/consul-helm · GitHub
Thanks David for letting me know n this and pointing me to a link where this is being tracked. I have voted there.