Openshift cluster with Arc enabled SQL Server managed instance
reference
issue encountered:
- failed to create resource and error msg like below
FailedCreate replicaset/bootstrapper-796c4c67db Error creating: pods 'bootstrapper-796c4c67db-' is forbidden: unable to validate against any security context constraint: [provider 'anyuid': Forbidden: not usable by user or serviceaccount, provider restricted: .spec.securityContext.fsGroup: Invalid value: []int64{1000700001}: 1000700001 is not an allowed group, spec.containers[0].securityContext.runAsUser: Invalid value: 1000700001: must be in the ranges: [1000690000, 1000699999], provider 'nonroot': Forbidden: not usable by user or serviceaccount, provider 'hostmount-anyuid': Forbidden: not usable by user or serviceaccount, provider 'machine-api-termination-handler': Forbidden: not usable by user or serviceaccount, provider 'hostnetwork': Forbidden: not usable by user or serviceaccount, provider 'hostaccess': Forbidden: not usable by user or serviceaccount, provider 'kube-aad-proxy-scc': Forbidden: not usable by user or serviceaccount, provider 'node-exporter': Forbidden: not usable by user or serviceaccount, provider 'privileged': Forbidden: not usable by user or serviceaccount, provider 'privileged-genevalogging': Forbidden: not usable by user or serviceaccount]
resolution:
You created custom SCC with the service account and you were able to deploy data controller and arc SQL MI
oc adm policy add-scc-to-user privileged system:serviceaccount:arcdataservices:default
oc adm policy add-scc-to-user privileged system:serviceaccount:arcdataservices:sa-arc-metricsdc-reader”
本文来自博客园,作者:Jas0n0ss,转载请注明原文链接:https://www.cnblogs.com/Jas0n0ss/p/16399527.html