I am deploying istio into my PKS cluster using the helm template with the grafana add-on enabled. When the resources are spinning up I can see that the grafana service is running. When I dive deeper into the deployment I see that under the Conditions header that there is a ReplicaFailure due to a FailedCreate. That led me to look at the replica-set, which gives me this error message:
Error creating: pods "grafana-6567b56959-mw6m2" is forbidden: pod.Spec.SecurityContext.RunAsUser is forbidden. Has anyone else run into this problem? Is the grafana pod trying to run as a privileged container?