Description of problem:

The gitlab container is trying to run 'chcon' which will not work on the nfs volume.

This is the URL of red hat 's blog we followed to install gitlab; we followed the path with a dedicated serviceaccount
https://blog.openshift.com/getting-any-docker-image-running-in-your-own-openshift-cluster/

which didn't help. We got error as per attached gitlab_error.txt
Their dc at that time gitlabdc.yaml


Then we gave to the gitlab serviceaccount (the one the container is running with) the privileged right instead of the original anyuid we used before, and changing the deployment adding securityContext: privileged: true. In this way we still have an error of selinux (a different one). See gitlab_priv_err.txt

Still the container does not start because it tries to change access permissions to files but since the used volumes are NFS (nonrootsquash set in the export), the operation is not permitted.
The strange thing is that it worked before the shutdown with anyuid, so I don't know if it is the right path to follow; it seems that rights have in some ways changed.
Attached you find the log of the container and the output of the "oc describe scc" command (if it may help).
oc_describe_scc.txt 




But what I don't understand is why it worked on march (when we first installed gitlab) just following the instructions in the above link using anyuid instead of privileged


Version-Release number of selected component (if applicable):
Openshift Enterprise 3.2

How reproducible:
Always 

Steps to Reproduce:
1.Mentioned in the description
2.
3.

Actual results:
gitlab pod does not get created successfully using https://blog.openshift.com/getting-any-docker-image-running-in-your-own-openshift-cluster/

Expected results:
gitlab pod shall be created successfully using https://blog.openshift.com/getting-any-docker-image-running-in-your-own-openshift-cluster/

Additional info: