I am trying to run simple elk container with openshift(using minishift). The image I am trying to run is this elk image. During image deploy to openshift it gives the following warning:
Image sebp/elk runs as the root user which might not be permitted by your cluster administrator.
I Ignore this error and create deployment with this image. After that pod tries to start container but it fails with following error:
Starting periodic command scheduler cron
cron: can't open or create /var/run/crond.pid: Permission denied ...fail!
chown: changing ownership of '/var/lib/elasticsearch': Operation not permitted
I thought it i related with root user warning and then tried these steps Enable Images to Run with USER in the Dockerfile and Grant a Service Account Access to the Privileged SCC . Both of them failed with following errors:
Murats-MacBook-Pro-2:~ murat$ oc adm policy add-scc-to-group anyuid system:authenticated
Error from server (Forbidden):User "system" cannot get securitycontextconstraints.security.openshift.io at the cluster scope
Murats-MacBook-Pro-2:~ murat$ oc adm policy add-scc-to-user anyuid system:serviceaccount:elk:elk
Error from server (Forbidden): User "system" cannot get securitycontextconstraints.security.openshift.io at the cluster scope
Thanks a lot.
The commands to enable running an image as anyuid need to be run as an admin. For Minishift you can login as admin using:
oc login -u system:admin
Remember to login back as your normal user when done.