Hi Yan Fen,
I received the feedback from a client who participated in the BAW on containers Tech Preview that the "project user" (which is the "CloudPak admin" role we describe in our documentation) which they receive on the (shared) OCP cluster does not have the appropriate permissions we require for the deployment.
The feedback from their OCP team (which is backed up by feedback from Red Had consultants which support this OCP team) was, that it is not best practise that a cluster admin rights are required to run any part of the installation for a project in OCP.
Question: Are you aware of a workstream in the CP4Auto development to eliminate this requirement and to ensure that the deployment process for CP4Auto is in line with the best practises for OCP?
Thanks in advance and best regards!
------------------------------
Michael Kirchner
------------------------------
Original Message:
Sent: Thu July 23, 2020 07:57 PM
From: YAN FEN GUO
Subject: Clusteradmin rights for installing CP4A
It is a little bit late to answer this but yes, you need 'clusteradmin' rights on CRD and new project creation and proper permission set to a non-admin user on this project. Then the non-admin user can do deployment in this project.
Since latest 20.0.2 already got released so suggest you choose it, it has two script to help you on installation, one need to run as clusteradmin, another can run with non-admin. Here is the Guide: https://www.ibm.com/support/knowledgecenter/en/SSYHZ8_20.0.x/com.ibm.dba.install/op_topics/con_install_options.html
------------------------------
YAN FEN GUO
Original Message:
Sent: Tue January 28, 2020 04:00 AM
From: Jeroen Lamers
Subject: Clusteradmin rights for installing CP4A
Do you need 'clusteradmin' rights when installing "IBM Cloud Pak for Automation v19.0.3 - Content Manager for Certified Kubernetes Multiplatform Multilingual (CC48UML)" on RedHat OpenShift (On Premise)?
------------------------------
Jeroen Lamers
------------------------------