Nodes come preconfigured with allow-privileged because SCC already protects the cluster.
> On Jun 3, 2016, at 6:56 PM, Alan Jones <ajo...@diamanti.com> wrote: > > Friends, > I had a privileged container running under under an OpenShift 3.2 master with > a sock k8s kubelet. > To get that to work, I added the security context rule: > > oadm policy add-scc-to-user privileged -z default > > === AND === the following command line flag to kubelet: > > --allow-privileged=true > > I can't find a similar option in node-config.yaml > I also can't see the kubelet logs I would expect to see in 'journalctl -u > atomic-openshift-node' to tell if this is indeed the issue. > What I can see is that my container image is not deployed under docker. > BTW: I'm working on the joint demo configuration for RedHat Summit. > Any thoughts? > Alan > _______________________________________________ > dev mailing list > dev@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/dev _______________________________________________ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev