59b1f4a12e
Automatic merge from submit-queue (batch tested with PRs 39394, 38270, 39473, 39516, 36243) Improve an error message when privileged containers are disallowed on the cluster **What this PR does / why we need it**: At present when user creates privileged pod and creation of privileged containers disallowed globally by a system administrator (kubelet and api-server were running with `--allow-privileged=false`), user will get the following error message: ```console $ kubectl create -f nginx.pod The Pod "nginx" is invalid: spec.containers[0].securityContext.privileged: Forbidden: disallowed by policy ``` "Disallowed by policy" may give a wrong assumption to a user that creation of privileged containers disallowed by [`PodSecurityPolicy`](http://kubernetes.io/docs/user-guide/pod-security-policy/) while it's not. This commit improves error message and tries to point user to the right direction: ```console $ kubectl create -f nginx.pod The Pod "nginx" is invalid: spec.containers[0].securityContext.privileged: Forbidden: privileged containers are disallowed on this cluster by a system administrator ``` **Release note**: ```release-note NONE ``` PTAL @pweil- |
||
|---|---|---|
| .. | ||
| genericvalidation | ||
| path | ||
| testdata/v1 | ||
| BUILD | ||
| doc.go | ||
| events_test.go | ||
| events.go | ||
| OWNERS | ||
| schema_test.go | ||
| schema.go | ||
| validation_test.go | ||
| validation.go | ||