Pods with Generic Ephemeral Volumes fail with SCC errors

Solution Unverified - Updated 13 Jun 2024

Environment

Red Hat OpenShift Container Platform 4.11

Issue

When trying to deploy a pod with Generic Ephemeral Volumes the pod fails with the following error:

Error from server (Forbidden): error when creating "pod.yaml": pods "my-app" is forbidden: unable to validate against any security context constraint

Resolution

This is a known issue tracked by This content is not included.Bug 2100429, that Red Hat plans to fix in a future release.

Please refer to KCS 6967808, which offers a workaround to the denoted issue.

Root Cause

The default restricted SCC lacks sufficient permissions to allow use of ephemeral volume type.

SBR

Product(s)

Red Hat OpenShift Container Platform

Category

Configure

Tags

storage

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.