Single User Container Not Creating due to Pod Policies

Hi Team,

Single User Container are not creating due to strict pod Policies and getting the error message

{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"pods \"jupyter-jovyan\" is forbidden: PodSecurityPolicy: unable to admit pod: [spec.initContainers[0].securityContext.runAsUser: Invalid value: 0: running with the root UID is forbidden spec.initContainers[0].securityContext.privileged: Invalid value: true: Privileged containers are not allowed spec.initContainers[0].securityContext.capabilities.add: Invalid value: \"NET_ADMIN\": capability may not be added]","reason":"Forbidden","details":{"name":"jupyter-jovyan","kind":"pods"},"code":403}

As Kuberenetes Policies we cannot change so can you please suggest how we can handle this in Jupyterhub

If your K8s cluster supports NetworkPolicies you can set singleuser.cloudMetadata.blockWithIptables: False: