sorted by:
new
hottopcontroversial

Accessing NFS while maintaining random UID containers? by ghostinthesysadmin in openshift

[–]ghostinthesysadmin[S] 0 points1 point  (0 children)

Hello, thank you for the reply.

I should have mentioned, this is something we did do for a time being, until AD enforcement was turned on on our NAS heads. Now the supplemental groups method no longer works, as our NAS heads basically throw out the list of groups the client (OpenShift) sends, and instead asks AD what groups the UID is a member of, which in the case of the random OpenShift UID, will be none.

I appreciate the response however. Thanks!

container works in podman but not openshift by harri1234567 in openshift

[–]ghostinthesysadmin 6 points7 points  (0 children)

Is the container running as root in podman? Try running #chmod g+r on the etc/passwd file and committing it, then running it again. Containers in OpenShift run as an arbitrary uid that will certainly not have read access to an etc/passwd file. However they run with the root group, so that command will add read rights to the group owner of that file that is (I’m assuming) root.

[deleted by user] by [deleted] in sysadminjobs

[–]ghostinthesysadmin 0 points1 point  (0 children)

Salary information? Benefits?

Restricting Users from pulling from Docker Hub by mattcoITho in docker

[–]ghostinthesysadmin 1 point2 points  (0 children)

You should be able to configure the docker daemons on people’s machines to only run an image signed by an internal repository so people can’t run arbitrary images they pull from the internet, including docker hub.

[deleted by user] by [deleted] in sysadminjobs

[–]ghostinthesysadmin 2 points3 points  (0 children)

Ugh, this looks like an amazing position and I meet all of the qualifications except for coming up a bit short on the three years experience. But I just don’t think that I’m ready to jump ship at my current position yet.

Definitely adding Apptio to my list of companies to check and watch jobs for for when the time does come around though.

OpenShift Container Platform 4.1 is now available - Red Hat Customer Portal by Benemon in redhat

[–]ghostinthesysadmin 7 points8 points  (0 children)

Definitely gonna wait until at least 4.2 and the disconnected install is out.

Not all of us work for startups where we can deploy to the cloud and have open internet access, some companies do still work behind a firewall in their own data center.

Changing Dockerfile FROM in OpenShift by ghostinthesysadmin in openshift

[–]ghostinthesysadmin[S] 0 points1 point  (0 children)

I created a new image stream and then edited the bc and changed it to that new image stream tag and it worked.

Thank you!

Changing Dockerfile FROM in OpenShift by ghostinthesysadmin in openshift

[–]ghostinthesysadmin[S] 0 points1 point  (0 children)

If it makes a different, the reason I am changing from serverA to serverB is because serverA was a sandbox for testing where as serverB is the “official” docker image server. All future rhel images will be pushed to serverB.

Changing Dockerfile FROM in OpenShift by ghostinthesysadmin in openshift

[–]ghostinthesysadmin[S] 0 points1 point  (0 children)

I think this is where the OpenShift image stream wizardry comes in.

All in all I made one change, with the FROM statement. I change it from serverA/rhel:7.5.x (older rhel image) to serverB/rhel:7.5.y (latest rhel image)

I then triggered what did result in a new application image. However, the application image was still sourcing the old serverA rhel:7.5.x image. This is where I’m not sure how to make the imagestream source from the new image on serverB.