Permissions issues and image pull failures after 3.5 to 3.6 upgrade
Issue
- All nodes fail to pull images from the
openshiftproject in the internal registry with:
Failed to pull image "172.30.217.14:5000/openshift/example@sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx": rpc error: code = 2 desc = unauthorized: authentication required
- I created a unique namespace for each project and can now grant a user access to a particular project BUT now that user cannot use or create a new project
Error
Access denied
The project testing does not exist or you are not authorized to view it.
- I moved each image from
/openshift/projectnameto/projectname/projectnameand then assigned access to a new user:
# oadm policy add-role-to-user admin <username> -n <existingprojectname>
-
But user does not have access
-
After upgrade 3.5 to 3.6, roles seem broken and my users cannot do what they need
Environment
- Red Hat OpenShift Container Platform
- 3.6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
