Permissions issues and image pull failures after 3.5 to 3.6 upgrade
Issue
- All nodes fail to pull images from the
openshift
project in the internal registry with:
Failed to pull image "172.30.217.14:5000/openshift/example@sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx": rpc error: code = 2 desc = unauthorized: authentication required
- I created a unique namespace for each project and can now grant a user access to a particular project BUT now that user cannot use or create a new project
Error
Access denied
The project testing does not exist or you are not authorized to view it.
- I moved each image from
/openshift/projectname
to/projectname/projectname
and then assigned access to a new user:
# oadm policy add-role-to-user admin <username> -n <existingprojectname>
-
But user does not have access
-
After upgrade 3.5 to 3.6, roles seem broken and my users cannot do what they need
Environment
- Red Hat OpenShift Container Platform
- 3.6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.