2018-05-17 15:15 GMT+02:00 Sam Padgett :
> The file mode is 400, and I think anyuid breaks reading it since the user
> changes.
>
> https://github.com/openshift/openshift-ansible/blob/master/
> roles/openshift_web_console/files/console-template.yaml#L90
>
> The console doesn't need anyuid... I'm
I'd like to continue this discussion because this broken configuration
could be easily reproduced by following our own documentation:
https://docs.openshift.org/latest/admin_guide/manage_scc.html#enable-images-to-run-with-user-in-the-dockerfile
How we can fix this?
Do we have a virtual group
Fair point Slava, hat off.
Thanks for the info.
On Thu, May 24, 2018 at 11:16 AM, Vyacheslav Semushin
wrote:
> 2018-05-24 10:10 GMT+02:00 Charles Moulliard :
>
>> +1 to document somewhere how SCC is working, priority defined, and
>> what should be
2018-05-24 10:10 GMT+02:00 Charles Moulliard :
> +1 to document somewhere how SCC is working, priority defined, and
> what should be done to resolve such issues
>
Perhaps this info is hard to find but it's there:
2018-05-23 23:06 GMT+02:00 Daniel Comnea :
>
>
> On Wed, May 23, 2018 at 5:20 PM, Vyacheslav Semushin
> wrote:
>
>> 2018-05-17 17:18 GMT+02:00 Charles Moulliard :
>>
>>> The trick / solution described there doesn t work. I tried
+1 to document somewhere how SCC is working, priority defined, and
what should be done to resolve such issues
On Wed, May 23, 2018 at 11:06 PM, Daniel Comnea
wrote:
>
>
> On Wed, May 23, 2018 at 5:20 PM, Vyacheslav Semushin
> wrote:
>
>>
2018-05-17 17:18 GMT+02:00 Charles Moulliard :
> The trick / solution described there doesn t work. I tried also using the
> ansible playbook of Openshift to remove the project and recreate it and the
> pod is always recreated with Openshift annotation = anyuid
>
The reason
Even if I add the webconsole ServiceAccount to scc anyuid, pod fails to
start
https://gist.github.com/cmoulliard/f05b9bc762cbab9993087b1a44aa1331
On Thu, May 17, 2018 at 7:42 PM, Charles Moulliard
wrote:
> Do you want that I create a ticket to report the error which is
Do you want that I create a ticket to report the error which is really
blocking/critical ?
On Thu, May 17, 2018 at 5:20 PM, Charles Moulliard
wrote:
> Personaly no. Fyi web console was installed using Openshift ansible
> playbook
>
> On Thu, May 17, 2018, 15:03 Clayton
The trick / solution described there doesn t work. I tried also using the
ansible playbook of Openshift to remove the project and recreate it and the
pod is always recreated with Openshift annotation = anyuid
On Thu, May 17, 2018, 15:01 Sam Padgett wrote:
> Charles, I'd
The file mode is 400, and I think anyuid breaks reading it since the user
changes.
https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_web_console/files/console-template.yaml#L90
The console doesn't need anyuid... I'm not sure what's adding it.
Sam
On Thu, May 17, 2018
anyuid is less restrictive than restricted, unless you customized
restricted. Did youvustomize restricted?
On May 17, 2018, at 8:56 AM, Charles Moulliard wrote:
Hi,
If we scale down/up the Replication Set of the OpenShift Web Console, then
the new pod created will crash
Hi,
If we scale down/up the Replication Set of the OpenShift Web Console, then
the new pod created will crash and report
"Error: unable to load server certificate: open /var/serving-cert/tls.crt:
permission denied"
This problem comes from the fact that when the pod is recreated, then the
scc
13 matches
Mail list logo