Bug 1563744

Summary: [DOCS] Include disclaimer about images running as root not being allowed
Product: OpenShift Online Reporter: Will Gordon <wgordon>
Component: DocumentationAssignee: Ashley Hardin <ahardin>
Status: CLOSED CURRENTRELEASE QA Contact: Dongbo Yan <dyan>
Severity: unspecified Docs Contact: Vikram Goyal <vigoyal>
Priority: unspecified    
Version: 3.xCC: aos-bugs, jokerman, mmccomas, yufchang
Target Milestone: ---Keywords: OnlinePro, OnlineStarter
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-05-17 12:35:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Will Gordon 2018-04-04 15:12:51 UTC 
Document URL: 
https://docs.openshift.com/online/dev_guide/application_lifecycle/new_app.html#specifying-an-image
https://docs.openshift.com/online/using_images/docker_images/index.html

I believe this information should be included on both of the above URLs.

Something to the affect of

"OpenShift Online runs containers using an arbitrarily assigned user ID. This provides additional security against processes escaping the container due to a container engine vulnerability and thereby achieving escalated permissions on the host node. Due to this restriction, images that run as root will not deploy as expected on OpenShift Online."
Comment 1 Ashley Hardin 2018-05-09 21:29:51 UTC 
Work in progress: https://github.com/openshift/openshift-docs/pull/9140
Comment 2 Dongbo Yan 2018-05-11 07:16:50 UTC 
the PR looks good to me,  move to verified
Comment 3 openshift-github-bot 2018-05-11 13:01:18 UTC 
Commits pushed to master at https://github.com/openshift/openshift-docs

https://github.com/openshift/openshift-docs/commit/e3fd0592e6d6d8d978c0a0f504f4dede84891e34
Bug 1563744, added disclaimers about images running as root in Online

https://github.com/openshift/openshift-docs/commit/55497fa4dc595ce60b99c4d2e81baa99394fb1a4
Merge pull request #9140 from ahardin-rh/online-images-running-as-root

Bug 1563744, added disclaimers about images running as root in Online
Comment 4 Ashley Hardin 2018-05-17 12:35:41 UTC 
This content is now published: https://access.redhat.com/documentation/en-us/openshift_online/3/html/developer_guide/application-life-cycle-management#specifying-an-image