Custom SCC can break pods if priority is 10 or higher

Solution Verified - Updated -

Issue

  • After creating a custom Security Context Constraint (SCC) with priority 10 or higher, authentication for example stays degraded during upgrades until the custom SCC is removed.
  • After creating a custom SCC with priority 10 or higher, whenever a pod in is deleted and a new one is spawned, the new pod stays in CreateContainerConfigError and won't start.

Environment

  • OpenShift Container Platform
    • 4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content