I presume you’re running OpenShift 3.7?
If you’re running the new template broker (openshift-ansible installs it)
it has a nasty bug that does what you describe. But you can work around it
by removing an owner reference see:
You can grant the role to the user to let them set it. However, that
lets that app escape any network isolation boundaries so the
multitenant network plugin won’t work.
You can also grant that permission to all users if you don’t need the
protection.
> On Jan 30, 2018, at 3:18 PM, Tomas Nozicka
I need to direct Route/Service traffic from one namespace to another
which I have permissions to. (Possibly even the same namespace as
well.) Reading Kubernetes documentation[1] Services without selectors
seem to be the way to do it. It requires you to set Endpoints manually
(e.g. to Service or
There is a dedicated SCC that allows access to hostPath -- "hostaccess". In
this case, you won't need to modify "restricted" SCC. Also, I see that you
granted "anyuid" SCC to the user/SA. If you need to have a both permissions
(any uid and access to host), you can grant access to
Hi, im trying to use hostPath working on my v3 installation withouth luck
so far.
The error i have is
--> FailedCreate: app1-6 Error creating: pods "app1-6-" is forbidden:
unable to validate against any security context constraint: [provider
anyuid:
Hello,
I have an OpenShift cluster with 3 masters, 3 infra, 3 nodes.
I change the cluster configuration from a time to time and whenever I run
config.yml (after the first time) all the deployments that were created using a
provisioned service being deleted.
That is a huge