No CRI Runtime Compliance checks seen for AKS 1.20.5 in Prisma Cloud Compute

No CRI Runtime Compliance checks seen for AKS 1.20.5 in Prisma Cloud Compute

2739
Created On 04/30/22 06:59 AM - Last Modified 11/21/24 18:20 PM


Symptom


  • Prisma Cloud Compute v21.04.412 running on AKS 1.20.5.
  • CRI Runtime Compliance checks not seen or observed for any Containers.

Environment


  • Prisma Cloud Compute v21.04.412 and later
  • Prisma Cloud Enterprise Edition
  • AKS 1.20.5.

Cause


  • The reason is because of 'Containerd Runtime'.
  • We have not yet rolled out Containerd Runtime CIS Benchmark conversion for Docker's CIS Benchmarks.
  • The "CRI Runtime" option is specifically built out for Openshift CRI-O (Container Runtime Interface - Openshift).

Resolution


  • There is an existing Feature Request for the implementation :  PANW-I-2391
  • This would entail our product team converting Docker's pre-existing CIS benchmarks and porting them to support Containerd CRI. 




 

Additional Information
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004OTBCA2&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language