anyuid is less restrictive than restricted, unless you customized restricted. Did youvustomize restricted?
On May 17, 2018, at 8:56 AM, Charles Moulliard <[email protected]> wrote: Hi, If we scale down/up the Replication Set of the OpenShift Web Console, then the new pod created will crash and report "Error: unable to load server certificate: open /var/serving-cert/tls.crt: permission denied" This problem comes from the fact that when the pod is recreated, then the scc annotation is set to anyuid instead of restricted and then the pod can't access the cert apiVersion: v1 kind: Pod metadata: annotations: openshift.io/scc: anyuid Is this bug been fixed for openshift 3.9 ? Is there a workaround to resolve it otherwise we can't access anymore the Web Console ? Regards CHARLES MOULLIARD SOFTWARE ENGINEER MANAGER SPRING(BOOT) Red Hat <https://www.redhat.com/> [email protected] M: +32-473-604014 <https://red.ht/sig> @cmoulliard <https://twitter.com/cmoulliard> _______________________________________________ dev mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
_______________________________________________ dev mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
