After running a Pod with the
anyuid SCC, there are Linux (Discressionary Access Control) permission issues stopping Pods from starting correctly with the error message
Permission denied or
Operation not supported when accessing persistent storage.
The logs below are an example of a PostgreSQL instance but can be relevant for applications that are having their SCC restricted to no longer allow UID changes.
This results with the owner of files within the attached volume differing from the provided UID from OpenShift and applications cannot access these files.
2020-07-14 04:21:39,637 ERROR: Exception during execution of long running task restarting after failure Traceback (most recent call last): File "/usr/local/lib/python3.6/site-packages/patroni/async_executor.py", line 97, in run wakeup = func(*args) if args else func() File "/usr/local/lib/python3.6/site-packages/patroni/postgresql/__init__.py", line 720, in follow self.config.write_recovery_conf(recovery_params) File "/usr/local/lib/python3.6/site-packages/patroni/postgresql/config.py", line 752, in write_recovery_conf os.chmod(self._recovery_conf, stat.S_IWRITE | stat.S_IREAD) PermissionError: [Errno 1] Operation not permitted: '/pgdata/wbh-cluster-qa/recovery.conf'
OpenShift 4.x with Persistent Volumes
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.