I have a PR open with this change:
https://github.com/openshift/openshift-ansible/pull/8558/files
cc Scott
On Tue, May 29, 2018 at 9:15 AM, Vyacheslav Semushin
wrote:
> 2018-05-17 15:15 GMT+02:00 Sam Padgett :
>
>> The file mode is 400, and I think anyuid breaks reading it since the user
>> ch
2018-05-17 15:15 GMT+02:00 Sam Padgett :
> The file mode is 400, and I think anyuid breaks reading it since the user
> changes.
>
> https://github.com/openshift/openshift-ansible/blob/master/
> roles/openshift_web_console/files/console-template.yaml#L90
>
> The console doesn't need anyuid... I'm n
I'd like to continue this discussion because this broken configuration
could be easily reproduced by following our own documentation:
https://docs.openshift.org/latest/admin_guide/manage_scc.html#enable-images-to-run-with-user-in-the-dockerfile
How we can fix this?
Do we have a virtual group (lik
Fair point Slava, hat off.
Thanks for the info.
On Thu, May 24, 2018 at 11:16 AM, Vyacheslav Semushin
wrote:
> 2018-05-24 10:10 GMT+02:00 Charles Moulliard :
>
>> +1 to document somewhere how SCC is working, priority defined, and
>> what should be done to resolve such issues
>>
>
> Perhaps
2018-05-24 10:10 GMT+02:00 Charles Moulliard :
> +1 to document somewhere how SCC is working, priority defined, and
> what should be done to resolve such issues
>
Perhaps this info is hard to find but it's there:
https://docs.openshift.org/latest/architecture/additional_concepts/authorizatio
2018-05-23 23:06 GMT+02:00 Daniel Comnea :
>
>
> On Wed, May 23, 2018 at 5:20 PM, Vyacheslav Semushin
> wrote:
>
>> 2018-05-17 17:18 GMT+02:00 Charles Moulliard :
>>
>>> The trick / solution described there doesn t work. I tried also using
>>> the ansible playbook of Openshift to remove the proj
+1 to document somewhere how SCC is working, priority defined, and
what should be done to resolve such issues
On Wed, May 23, 2018 at 11:06 PM, Daniel Comnea
wrote:
>
>
> On Wed, May 23, 2018 at 5:20 PM, Vyacheslav Semushin
> wrote:
>
>> 2018-05-17 17:18 GMT+02:00 Charles Moulliard :
>>
>>
On Wed, May 23, 2018 at 5:20 PM, Vyacheslav Semushin
wrote:
> 2018-05-17 17:18 GMT+02:00 Charles Moulliard :
>
>> The trick / solution described there doesn t work. I tried also using
>> the ansible playbook of Openshift to remove the project and recreate it and
>> the pod is always recreated wi
2018-05-17 17:18 GMT+02:00 Charles Moulliard :
> The trick / solution described there doesn t work. I tried also using the
> ansible playbook of Openshift to remove the project and recreate it and the
> pod is always recreated with Openshift annotation = anyuid
>
The reason of why "anyuid" SCC i
Even if I add the webconsole ServiceAccount to scc anyuid, pod fails to
start
https://gist.github.com/cmoulliard/f05b9bc762cbab9993087b1a44aa1331
On Thu, May 17, 2018 at 7:42 PM, Charles Moulliard
wrote:
> Do you want that I create a ticket to report the error which is really
> blocking/criti
Do you want that I create a ticket to report the error which is really
blocking/critical ?
On Thu, May 17, 2018 at 5:20 PM, Charles Moulliard
wrote:
> Personaly no. Fyi web console was installed using Openshift ansible
> playbook
>
> On Thu, May 17, 2018, 15:03 Clayton Coleman wrote:
>
>> anyui
Personaly no. Fyi web console was installed using Openshift ansible playbook
On Thu, May 17, 2018, 15:03 Clayton Coleman wrote:
> anyuid is less restrictive than restricted, unless you customized
> restricted. Did youvustomize restricted?
>
> On May 17, 2018, at 8:56 AM, Charles Moulliard
> wr
The trick / solution described there doesn t work. I tried also using the
ansible playbook of Openshift to remove the project and recreate it and the
pod is always recreated with Openshift annotation = anyuid
On Thu, May 17, 2018, 15:01 Sam Padgett wrote:
> Charles, I'd try the steps in
>
> htt
The file mode is 400, and I think anyuid breaks reading it since the user
changes.
https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_web_console/files/console-template.yaml#L90
The console doesn't need anyuid... I'm not sure what's adding it.
Sam
On Thu, May 17, 2018 at
anyuid is less restrictive than restricted, unless you customized
restricted. Did youvustomize restricted?
On May 17, 2018, at 8:56 AM, Charles Moulliard wrote:
Hi,
If we scale down/up the Replication Set of the OpenShift Web Console, then
the new pod created will crash and report
"Error: una
Charles, I'd try the steps in
https://access.redhat.com/solutions/3428351
Sam
On Thu, May 17, 2018 at 8:56 AM, Charles Moulliard
wrote:
> Hi,
>
> If we scale down/up the Replication Set of the OpenShift Web Console, then
> the new pod created will crash and report
>
> "Error: unable to load se
16 matches
Mail list logo