Re: Problem in Replication controller

Tue, 01 Mar 2016 07:31:02 -0800 

Regular Openshift users don't have permission to run as arbitrary
UIDs.  You can read more here:
https://docs.openshift.org/latest/architecture/additional_concepts/authorization.html#security-context-constraints

To give yourself access as a root user (if you are an admin) run

    oadm policy add-scc-to-user anyuid -z default

Or to let your pods run as any non-root user, run

    oadm policy add-scc-to-user nonroot -z default

> On Mar 1, 2016, at 9:04 AM, Julio Saura <jsa...@hiberus.com> wrote:
>
> Hello
>
> i have a working open shift running and maybe is my misunderstanding but i 
> have a problem with RC
>
> so,
>
> i have an own docker image for my app, my entry point in my docker file 
> creates some directories that are needed for my app to work and starts a 
> jboss,, so far so good
>
> the image is running if i define it as a POD, but when i try to create a RC 
> using that image i am having some weird permission denied when creating the 
> directories and so my pod dies.
>
> i have noticed that when i run it as POD my process is running under the user 
> i define in a step inside my docker file when building the image, but if i 
> run it on a RC the process is running under an unknown UID
>
> UID         PID   PPID  C STIME TTY          TIME CMD
> 1000120+      1      0  0 17:02 ?        00:00:00 /bin/bash 
> /etc/init.d/jboss-as st
>
> and so when that entry point is trying to create the directories i need i get 
> permission denied errors, logically the process dies and so does my pod 
> inside de RC ..
>
> why is this happening? on my dockerfile i add a unix user as the process 
> proprietary and in my entry point command script i am changing the user when 
> starting .. running on the RC the user is not created and not used, but 
> running it as a POD works like a charm..
>
> i am missing something?
>
> best regards
> thanks all!
>
>
>
>
>
> _______________________________________________
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users

_______________________________________________
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Reply via email to