Custom SCC can break oauth if priority is 10 or higher

Solution Verified - Updated -

Issue

  • After creating a custom SCC with priority 10 or higher, authentication stays degraded during upgrades until custom scc is removed.
  • After creating a custom SCC with priority 10 or higher, whenever an oauth pod in openshift-authentication is deleted and a new one is spawned, the new pod stays in CreateContainerConfigError and won't start.

Environment

  • OpenShift Container Platform
    • 4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In