[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: OpenShift Web Console - 3.9 - Pod / CrashLoopBackOff



2018-05-23 23:06 GMT+02:00 Daniel Comnea <comnea dani gmail com>:


On Wed, May 23, 2018 at 5:20 PM, Vyacheslav Semushin <vsemushi redhat com> wrote:
2018-05-17 17:18 GMT+02:00 Charles Moulliard <cmoullia redhat com>:
The trick / solution  described there doesn t work. I tried also using the ansible playbook of Openshift to remove the project and recreate it and the pod is always recreated with Openshift annotation = anyuid

The reason of why "anyuid" SCC is being applied is because it was granted to all authenticated users. And because anyuid has priority 10, it gets applied instead of "restricted" SCC.
[DC]: how do you know about anyuid and priority 10?

In the gist that you provided, you posted the output of the oc get scc/anyuid -o yaml command that shows me that SCC has been granted to system:authenticated group and system:serviceaccount:openshift-web-console:webconsole user. Also it shows the priority field.
 
In other words how can i find out each scc what priority has ?

Both of the following commands contain PRIORIT field:
oc get scc
oc get scc <name>


--
Slava Semushin | OpenShift

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]