csi volumes are not allowed to be used - cniackz/public GitHub Wiki

Objective:

To solve csi volumes are not allowed to be used issue in OpenShift when installing a Tenant that is using DirectPV.

Error:

Forbidden: not usable by user or serviceaccount, spec.volumes[13]: Invalid value: "csi": csi volumes are not allowed to be used

Solution:

1. Get all the service accounts under the tenant

2. Then give privileged mode to all of them for the POC, example:

oc adm policy add-scc-to-user privileged -n tenant-lite -z builder
oc adm policy add-scc-to-user privileged -n tenant-lite -z deployer
oc adm policy add-scc-to-user privileged -n tenant-lite -z default
oc adm policy add-scc-to-user privileged -n minio-tenant -z pipeline
oc adm policy add-scc-to-user privileged -n minio-tenant -z tenant01-sa

Additional Information:

For some reason, in one OpenShift cluster we got un-expected service accounts that without proper permissions did not allowed the MinIO Pods to get scheduled. Normally, builder, deployer and default are all we need to give permission to but in this particular error, extra accounts were needed. It requires further investigation but for POC this will allow to proceed with MinIO Deployment.