Reputation: 887
openshift pod fails and restarts frequently
I am creating an app in Origin 3.1 using my Docker image.
Whenever I create image new pod gets created but it restarts again and again and finally gives status as "CrashLoopBackOff".
I analysed logs for pod but it gives no error, all log data is as expected for a successfully running app. Hence, not able to determine the cause.
I came across below link today, which says "running an application inside of a container as root still has risks, OpenShift doesn't allow you to do that by default and will instead run as an arbitrary assigned user ID."
What is CrashLoopBackOff status for openshift pods?
Here my image is using root user only, what to do to make this work? as logs shows no error but pod keeps restarting.
Could anyone please help me with this.
Upvotes: 3
Views: 21288
Answers (4)
Reputation: 887
I am able to resolve this by creating a script as "run.sh" with the content at end:
while :; do
sleep 300
done
and in Dockerfile:
ADD run.sh /run.sh
RUN chmod +x /*.sh
CMD ["/run.sh"]
This way it works, thanks everybody for pointing out the reason ,which helped me in finding the resolution. But one doubt I still have why process gets exited in openshift in this case only, I have tried running tomcat server in the same way which just works fine without having sleep in script.
Upvotes: 0
Reputation: 146
You are seeing this because whatever process your image is starting isn't a long running process and finds no TTY and the container just exits and gets restarted repeatedly, which is a "crash loop" as far as openshift is concerned.
Your dockerfile mentions below :
ENTRYPOINT ["container-entrypoint"]
What actually this "container-entrypoint" doing ?
you need to check.
Did you use the -p or --previous flag to oc logs to see if the logs from the previous attempt to start the pod show anything
Upvotes: 2
Reputation: 85
Can you see the logs using
kubectl logs <podname> -p
This should give you the errors why the pod failed.
Upvotes: 0
Reputation: 30723
The recommendation of Red Hat is to make files group owned by GID 0 - the user in the container is always in the root group. You won't be able to chown, but you can selectively expose which files to write to.
A second option: In order to allow images that use either named users or the root (0) user to build in OpenShift, you can add the project’s builder service account (system:serviceaccount::builder) to the privileged security context constraint (SCC). Alternatively, you can allow all images to run as any user.
Upvotes: 1
Related Questions
- What is the difference between the 'COPY' and 'ADD' commands in a Dockerfile?
- start pod with root privilege on OpenShift
- 【OpenShift】define UID using ServiceAccount
- Openshift new-app from local Docker image
- Pod gets into status of CrashLoopBackOff and gets restarted repeatedly - Exit code is 0
- Kubernetes POD create issue mysql PV, PVC issues, centos 7.3.1611
- Openshift V3: creation of mysql pod fails
- Openshift online zookeeper from dockerfile pod "Crash loop back off"
- Kubernetes: Docker pod starting fails except one
- openshift v3 pod file not found