Sudharsan Punniyakotti
Reputation: 51
Elasticsearch helm chart pods fails to run in openshift
I'm trying to deploy elastic search 7.10.x in openshift . When in deploy helm chart response is successfully deployed . But when i check the pods it shows below error .
create Pod elasticsearch-dev1-master-0 in StatefulSet elasticsearch-dev1-master failed error: pods "elasticsearch-dev1-master-0" is forbidden: unable to validate against any security context constraint: [provider "anyuid": Forbidden: not usable by user or serviceaccount, provider restricted: .spec.securityContext.fsGroup: Invalid value: []int64{1000}: 1000 is not an allowed group, spec.initContainers[0].securityContext.runAsUser: Invalid value: 0: must be in the ranges: [1000620000, 1000629999], spec.initContainers[0].securityContext.privileged: Invalid value: true: Privileged containers are not allowed, spec.containers[0].securityContext.runAsUser: Invalid value: 1000: must be in the ranges: [1000620000, 1000629999], spec.initContainers[0].securityContext.runAsUser: Invalid value: 0: running with the root UID is forbidden, provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount, provider "machine-api-termination-handler": Forbidden: not usable by user or serviceaccount, provider "hostnetwork": Forbidden: not usable by user or serviceaccount, provider "hostaccess": Forbidden: not usable by user or serviceaccount, provider "scc-elasticsearch": Forbidden: not usable by user or serviceaccount, provider "node-exporter": Forbidden: not usable by user or serviceaccount, provider "privileged": Forbidden: not usable by user or serviceaccount]
Also i can i fix this by editing the default SCC . What is recommended way to deploy this in elasticsearhc helm chart in openshift ?
Upvotes: 0
Views: 1759
Answers (1)
dbaker
Reputation: 309
Look at this - seems you can just null out those runAsUser flags to avoid the permissions problem rather than assign extra privs to make it run as root.
https://github.com/elastic/helm-charts/blob/7.10/elasticsearch/examples/openshift/values.yaml
If you're using a different helm chart, provide a link to the one you're using.
Upvotes: 1
Related Questions
- Problem with fetching helm chart from kubernetes-charts
- Unable to deploy services using helm chart on Kubernetes cluster
- Helm is failing in openshift , due to security context error
- Elasticsearch helm chart gives AccessDenied exception
- helm chart error: could not find expected ':'
- "server could not find the requested resource (get pods)" error when deploying Helm chart using Jenkins
- Fail to upload chart to chartmuseum
- Elasticsearch helm chart pod stuck in "Init:CrashLoopBackOff" state
- Helm can't find chart
- elasticsearch-curator k8s Helm chart cannot connect to HTTPS