When installing the new Kubernetes cluster collector (Checkmk 2.1), the following error appears (in the Kubernetes event logs)
This happens when you are using older container runtime versions, which always add CAP_ to each capability drop.
This problem is fixed in Docker 19.03 and containerd 1.4.5
Change in the values.yaml under nodeCollector.cadvisor.securityContext:
(Remove the "CAP_")