Symptoms

RabbitMQ fails to start and reports an error Error creating: pods "f5-rabbit-77f9869445-" is forbidden: unable to validate against any security context constraint: [provider "anyuid": Forbidden: not usable by user or serviceaccount, provider restricted-v2: .containers[0].runAsUser: Invalid value: 2000: must be in the ranges: [1000940000, 1000949999], provider "restricted": Forbidden: not usable by user or serviceaccount, provider "nonroot-v2": Forbidden: not usable by user or serviceaccount, provider "nonroot": Forbidden: not usable by user or serviceaccount, provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount, provider "machine-api-termination-handler": Forbidden: not usable by user or serviceaccount, provider "hostnetwork-v2": Forbidden: not usable by user or serviceaccount, provider "hostnetwork": Forbidden: not usable by user or serviceaccount, provider "hostaccess": Forbidden: not usable by user or serviceaccount, provider "node-exporter": Forbidden: not usable by user or serviceaccount, provider "privileged": Forbidden: not usable by user or serviceaccount]

Impact

RabbitMQ pod will not come up properly.

Conditions

RabbitMQ is installed on a non-default namespace

Workaround

Before installing rabbitMQ on a non-default namespace, provide privileges to "default" service account in the RabbitMQ namespace by running the following command : ? oc adm policy add-scc-to-user privileged -n <RabbitMQ-Namespace> -z <serviceaccount>

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips