No Example scc.yaml for daemon set #87
Description
When changing the NginxIngress manifest from a kind: deployment to kind: daemonset NIC is not deployed, and the following output is observed from NginxIngress's events.
ng: pods "app1-nginx-ingress-" is forbidden: unable to validate against any security context constraint: [provider "anyuid-netbind": Forbidden: not usable by user or serviceaccount, provider
"anyuid": Forbidden: not usable by user or serviceaccount, spec.containers[0].securityContext.runAsUser: Invalid value: 101: must be in the ranges: [1000730000, 1000739999],
spec.containers[0].securityContext.capabilities.add: Invalid value: "NET_BIND_SERVICE": capability may not be added,
spec.containers[0].securityContext.containers[0].hostPort: Invalid value: 80: Host ports are not allowed to be used, spec.containers[0].securityContext.containers[0].hostPort: Invalid value: 443: Host ports are not allowed to be used,
provider "nonroot": Forbidden: not usable by user or serviceaccount, provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount, provider "
machine-api-termination-handler": Forbidden: not usable by user or serviceaccount,
provider "hostnetwork": Forbidden: not usable by user or serviceaccount, provider "hostaccess": Forbidden: not usable by user or serviceaccount,
provider "node-exporter": Forbidden: not usable by user or serviceaccount, provider "privileged": Forbidden: not usable by user or serviceaccount
Fixed by
Changing allowHostPorts: false to allowHostPorts: true in the scc.yaml resolves the error.
Request
Please add an example scc.yaml for daemonset
I am using
- NGINX Plus
- NIC 3.0.1
- On Openshift 3.10