Pods Controlled By Job unable to terminate until finalizers are deleted manually after namespace excluded in gatekeeper

Solution In Progress - Updated -

Issue

  • Pods Controlled By Job unable to terminate until finalizers are deleted manually after namespace excluded in gatekeeper.
  • During node drains, pods created from an existing Running Job are left in Terminating state. The finalizers cannot be deleted for these pods, until their namespace is added in the excludeNamespace of assign runtimeclass and fsgroup resources respectively. The pods are created by the job and affected by the gatekeeper policies. Is this behaviour expected?

Environment

  • Red Hat Openshift Container Platform, v4.13
  • Gatekeeper, v3.14

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content