You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I ran oc debug pod --as-root with cluster-network-operator, then got CreateContainerConfigError.
CNO Pod has .spec.securityContext.runAsNonRoot: true, then should we set it nil?
How to reproduce
Run oc debug --as-root with cluster-network-operator.
$ oc -n openshift-network-operator debug pod/network-operator-7855cfd575-wmrlz --as-root --dry-run=client -o yaml | oc apply -f -
$ oc -n openshift-network-operator get pod
NAME READY STATUS RESTARTS AGE
network-operator-7855cfd575-wmrlz 1/1 Running 0 29d
network-operator-7855cfd575-wmrlz-debug 0/1 CreateContainerConfigError 0 5s
$ oc -n openshift-network-operator describe pod/network-operator-7855cfd575-wmrlz-debug | tail -n 5
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning Failed 2m55s (x12 over 5m8s) kubelet Error: container's runAsUser breaks non-root policy
Normal Pulled 6s (x25 over 5m8s) kubelet Container image "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:79e60721e7b5362d4de26275281ca8b7208fef8a0a6830bab477b798c84faa3f" already present on machine
The text was updated successfully, but these errors were encountered:
I ran
oc debug pod --as-root
with cluster-network-operator, then gotCreateContainerConfigError
.CNO Pod has
.spec.securityContext.runAsNonRoot: true
, then should we set it nil?Run
oc debug --as-root
with cluster-network-operator.The text was updated successfully, but these errors were encountered: