Bug 1493014
| Summary: | Container post hook fails with "permission denied" | ||
|---|---|---|---|
| Product: | OpenShift Online | Reporter: | Siamak Sadeghianfar <ssadeghi> |
| Component: | Pod | Assignee: | Seth Jennings <sjenning> |
| Status: | CLOSED DUPLICATE | QA Contact: | DeShuai Ma <dma> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 3.x | CC: | aos-bugs, jokerman, mmccomas |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-09-19 14:25:16 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
I suspect this is a SELinux or permission problem with Docker. This is an issue with the container being built with VOLUME in the dockerfile https://hub.docker.com/r/sonatype/nexus/~/dockerfile/ Namely the /sonatype-work mount point is a docker volume that is not labeled properly as it is outside the knowledge of the openshift node. I see the template mounts an emptydir at that point, but it seems like the docker volume is mounting on top of that. This issue has been captured in an RFE to ignore these volumes https://bugzilla.redhat.com/show_bug.cgi?id=1471256 *** This bug has been marked as a duplicate of bug 1471256 *** |
When deploying a pod with a post hook defined, the post hook container fails with the following error: Error: Error response from daemon: {"message":"create 0a2219769d94944945ab651323c6526f950cabd072fe4965e69117f2611dcc04: mkdir /var/lib/docker/volumes/0a2219769d94944945ab651323c6526f950cabd072fe4965e69117f2611dcc04: permission denied"} This happens on the Pro cluster. OpenShift Master: v3.6.173.0.21 (online version 3.5.1.76) Kubernetes Master: v1.6.1+5115d708d7 How reproducible: $ oc process -f https://raw.githubusercontent.com/OpenShiftDemos/nexus/master/nexus2-template.yaml | oc create -f -