daemonset pods In Red Hat OpenShift sphere-csi-node are in crashloopbackoff state
search cancel

daemonset pods In Red Hat OpenShift sphere-csi-node are in crashloopbackoff state

book

Article ID: 392159

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • Running oc get pods shows the sphere-csi-node daemonset pods in crashloopbackoff state
  • vsphere-csi-node-driver-registrar.log shows the following status: 
    E0000 11:00:00 1 node_register.go:00] failed to listen on socket: /registration/csi.vsphere.vmware.com-reg.sock with error: listen unix /registration/csi.vsphere.vmware.com-reg.sock: bind: permission denied

Environment

  • VMware vCenter Server 8.0.2
  • Red Hat OpenShift  Version: 4.16.23 (Kubernetes Version: v1.29.9+7423cac)

Cause

In RHCOS environments or any environment with SELinux enabled, the above permission issue may occur as an SELinux label may need to be applied to allow permission.

Resolution

Update the CSI node daemonset deployment to make node-registrar container run with "securityContext: privileged:true".

For example:

securityContext:
   privileged: true

 

 

Powered by Wolken Software