Reduce The Number Of Privilege Escalations Using Sudo While Executing PF9 Scripts/Commands In The Wo

Problem

In environments where LDAP is configured, it is observed that every command that runs as part of the Nodeletd phases requires a sudo privilege. This is is resulting in high number of ldap lookups even though pf9user is a local user.

Oct 11 12:00:43 : pf9 : HOST=XXXXXXXXXX : TTY=unknown ; PWD=/ ;
    USER=root ; COMMAND=/opt/pf9/pf9-kube/setup_env_and_run_script.sh
    /opt/pf9/pf9-kube/phases/kubelet_configure_start.sh status
Oct 11 12:00:43 : pf9 : HOST=XXXXXXXXXX : TTY=unknown ; PWD=/ ;
    USER=root ; COMMAND=/opt/pf9/pf9-kube/setup_env_and_run_script.sh
    /opt/pf9/pf9-kube/phases/kube_proxy_start.sh status

Environment

Platform9 Managed Kubernetes - v5.5 and Higher.

Answer

This issue is resolved in PMK-5.10.3 release version. The JIRA to track this issue is [PMK-6173].

PreviousDisabling Pf9-monitoring Addon Deletes Resources From The Monitoring Stack NextDuring The MetalLB Version Upgrade To 0.13.7, Service IPs From Custom IPAddressPools [2nd] Getting R

Last updated 3 months ago

Good evening

hashtagProblem

hashtagEnvironment

hashtagAnswer

Problem

Environment

Answer