OpenShift Container Platform - router won't start when allowPrivilegeEscalation is set to false

Issue

• We have created a custom SCC which is more restricted than the default restricted SCC as it has allowPrivilegeEscalation set to false. Once the SCC is in place the router pod is failing to start and reporting the below error. When setting allowPrivilegeEscalation back to true it all works again as expected.

  [NOTICE] 265/114634 (19) : haproxy version is 2.2.15-5e8f49d
  [NOTICE] 265/114634 (19) : path to executable is /usr/sbin/haproxy
  [ALERT] 265/114634 (19) : Starting frontend public: cannot bind socket [0.0.0.0:80]
  [ALERT] 265/114634 (19) : Starting frontend public_ssl: cannot bind socket [0.0.0.0:443]
  E0923 11:46:58.907432       1 haproxy.go:418] can't scrape HAProxy: dial unix /var/lib/haproxy/run/haproxy.sock: connect: connection refused
  E0923 11:47:02.963872       1 haproxy.go:418] can't scrape HAProxy: dial unix /var/lib/haproxy/run/haproxy.sock: connect: connection refused
  E0923 11:47:28.874274       1 haproxy.go:418] can't scrape HAProxy: dial unix /var/lib/haproxy/run/haproxy.sock: connect: connection refused
  E0923 11:47:32.961877       1 haproxy.go:418] can't scrape HAProxy: dial unix /var/lib/haproxy/run/haproxy.sock: connect: connection refused
  E0923 11:47:58.878652       1 haproxy.go:418] can't scrape HAProxy: dial unix /var/lib/haproxy/run/haproxy.sock: connect: connection refused
  E0923 11:48:02.971619       1 haproxy.go:418] can't scrape HAProxy: dial unix /var/lib/haproxy/run/haproxy.sock: connect: connection refused
  E0923 11:48:28.881073       1 haproxy.go:418] can't scrape HAProxy: dial unix /var/lib/haproxy/run/haproxy.sock: connect: connection refused
  I0923 11:48:28.983101       1 template.go:704] router "msg"="Shutdown requested, waiting 45s for new connections to cease"  
  E0923 11:48:32.962518       1 haproxy.go:418] can't scrape HAProxy: dial unix /var/lib/haproxy/run/haproxy.sock: connect: connection refused