Hi,
I use CephFS volume but this volume don't support SELinux attributes:
-bash-4.2# ls -lZ
/var/lib/origin/openshift.local.volumes/pods/6726536a-5735-11e7-aef3-005056b1755a/volumes/
kubernetes.io~cephfs/pv-ceph-prod-rbx-fs1
drwxr-xr-x root root ? foo
It is possible to configure a SCC to allow container to access to this
volume?
This my SCC but I have this error:
$ oc rsh test-cephfs-4-mn53h bash
root@test-cephfs-4-mn53h:/# ls /cephfs/
ls: cannot open directory '/cephfs/': Permission denied
apiVersion: v1
kind: List
metadata: {}
items:
- apiVersion: v1
kind: SecurityContextConstraints
metadata:
name: test-cephfs
priority: 1
requiredDropCapabilities: null
readOnlyRootFilesystem: false
runAsUser:
type: RunAsAny
seLinuxContext:
type: RunAsAny
supplementalGroups:
type: RunAsAny
seccompProfiles:
- '*'
supplementalGroups:
type: RunAsAny
fsGroup:
type: RunAsAny
users:
- system:serviceaccount:test-cephfs:default
volumes:
- cephFS
- configMap
- emptyDir
- nfs
- persistentVolumeClaim
- rbd
- secret
allowHostDirVolumePlugin: true
allowHostIPC: true
allowHostNetwork: true
allowHostPID: true
allowHostPorts: true
allowPrivilegedContainer: true
allowedCapabilities: null
Best regards,
Stéphane
--
Stéphane Klein <[email protected]>
blog: http://stephane-klein.info
cv : http://cv.stephane-klein.info
Twitter: http://twitter.com/klein_stephane
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
