ERROR DirectPV not installed - cniackz/public GitHub Wiki

Signature:

ERROR DirectPV not installed

Error:

$ kubectl krew install directpv
Updated the local copy of plugin index.
Installing plugin: directpv
Installed plugin: directpv
\
 | Use this plugin:
 | 	kubectl directpv
 | Documentation:
 | 	https://github.com/minio/directpv
/
WARNING: You installed plugin "directpv" from the krew-index plugin repository.
   These plugins are not audited for security by the Krew maintainers.
   Run them at your own risk.

$ kubectl directpv install

 ███████████████████████████████████████████████████████████████████████████ 100%

┌──────────────────────────────────────┬──────────────────────────┐
│ NAME                                 │ KIND                     │
├──────────────────────────────────────┼──────────────────────────┤
│ directpv                             │ Namespace                │
│ directpv-min-io                      │ ServiceAccount           │
│ directpv-min-io                      │ ClusterRole              │
│ directpv-min-io                      │ ClusterRoleBinding       │
│ directpv-min-io                      │ Role                     │
│ directpv-min-io                      │ RoleBinding              │
│ directpvdrives.directpv.min.io       │ CustomResourceDefinition │
│ directpvvolumes.directpv.min.io      │ CustomResourceDefinition │
│ directpvnodes.directpv.min.io        │ CustomResourceDefinition │
│ directpvinitrequests.directpv.min.io │ CustomResourceDefinition │
│ directpv-min-io                      │ CSIDriver                │
│ directpv-min-io                      │ StorageClass             │
│ node-server                          │ Daemonset                │
│ controller                           │ Deployment               │
└──────────────────────────────────────┴──────────────────────────┘

DirectPV installed successfully

Reproduced:

$ kubectl directpv info
ERROR DirectPV not installed

Reason:

status:
  replicas: 0
  observedGeneration: 1
  conditions:
    - type: ReplicaFailure
      status: 'True'
      lastTransitionTime: '2024-01-16T22:16:35Z'
      reason: FailedCreate
      message: >-
        pods "controller-5c4c684fb6-" is forbidden: unable to validate against
        any security context constraint: [provider "anyuid": Forbidden: not
        usable by user or serviceaccount, spec.volumes[0]: Invalid value:
        "hostPath": hostPath volumes are not allowed to be used, provider
        restricted-v2: .containers[0].privileged: Invalid value: true:
        Privileged containers are not allowed, provider restricted-v2:
        .containers[1].privileged: Invalid value: true: Privileged containers
        are not allowed, provider restricted-v2: .containers[2].privileged:
        Invalid value: true: Privileged containers are not allowed, provider
        "restricted": Forbidden: not usable by user or serviceaccount, provider
        "containerized-data-importer": Forbidden: not usable by user or
        serviceaccount, provider "nonroot-v2": Forbidden: not usable by user or
        serviceaccount, provider "nonroot": Forbidden: not usable by user or
        serviceaccount, provider "hostmount-anyuid": Forbidden: not usable by
        user or serviceaccount, provider "kubevirt-controller": Forbidden: not
        usable by user or serviceaccount, provider
        "machine-api-termination-handler": Forbidden: not usable by user or
        serviceaccount, provider "bridge-marker": Forbidden: not usable by user
        or serviceaccount, provider "hostnetwork-v2": Forbidden: not usable by
        user or serviceaccount, provider "hostnetwork": Forbidden: not usable by
        user or serviceaccount, provider "hostaccess": Forbidden: not usable by
        user or serviceaccount, provider "linux-bridge": Forbidden: not usable
        by user or serviceaccount, provider "kubevirt-handler": Forbidden: not
        usable by user or serviceaccount, provider "node-exporter": Forbidden:
        not usable by user or serviceaccount, provider "privileged": Forbidden:
        not usable by user or serviceaccount]

Solution:

$ oc get serviceaccount -n directpv
NAME              SECRETS   AGE
builder           1         2m20s
default           1         2m20s
deployer          1         2m20s
directpv-min-io   1         2m20s

oc adm policy add-scc-to-user privileged -n directpv -z builder
oc adm policy add-scc-to-user privileged -n directpv -z default
oc adm policy add-scc-to-user privileged -n directpv -z deployer
oc adm policy add-scc-to-user privileged -n directpv -z directpv-min-io

$ kubectl directpv info
┌──────┬──────────┬───────────┬─────────┬────────┐
│ NODE │ CAPACITY │ ALLOCATED │ VOLUMES │ DRIVES │
├──────┼──────────┼───────────┼─────────┼────────┤
│ • 25 │ 8.1 TiB  │ 0 B       │ 0       │ 7      │
│ • 26 │ 9.1 TiB  │ 0 B       │ 0       │ 7      │
│ • 27 │ 9.6 TiB  │ 0 B       │ 0       │ 8      │
└──────┴──────────┴───────────┴─────────┴────────┘

0 B/27 TiB used, 0 volumes, 22 drives