0

I have OpenShift 4.7 installed, using the default restricted SCC. The UID range is:

 openshift.io/sa.scc.uid-range: 1000700000/10000

I have 3 replica pods of a Deploymwent, and all are getting the same UID:

uid=1000700000(1000700000) gid=0(root) groups=0(root),1337

In OpenShift documentation they say that pods are getting a random UID, starting with the first ID within the range. So I assumed that the first pod will get UID 1000700000, second pod will get 1000700001 and the third pod will get 1000700002.

I deleted one of the pods, and it restarted with the same UID again.

Is that the correct behaviour?

Yoel Barsheshet
  • 11
  • 3
  • UID are random, in that whenever you create a namespace, a new "uid-range" should be allocated. Although you are right that Pods within the same project would all share the same UID: naming it "range" is confusing. I don't recall docs suggesting UID would be random within a namespace or in between reboots. – SYN Jul 18 '21 at 16:52
  • Thanks. So the range is only for different applications (deployments, statefulsets, etc...), where each application gets the next sequence UID in the range? – Yoel Barsheshet Jul 19 '21 at 05:43
  • Each Pod your that namespace would use the UID showing in your "uid-range" annotation. It's not really a range (from what to what? there's two values in there: UID, and GID. The name they picked is confusing). See https://www.openshift.com/blog/a-guide-to-openshift-and-uids , which says "When a Pod is deployed into the namespace, by default, OpenShift will use the first UID and first GID from this range to run the Pod". – SYN Jul 20 '21 at 11:28

0 Answers0