Difference between revisions of "RN/DesignerApplication Server (DAS)/100.0.001.0008"

From Genesys Documentation
Jump to: navigation, search
(Published)
(Published)
Line 18: Line 18:
 
*The Dockerfile has been modified to specify container and file ownership as user=500 (genesys) and group=0 (root).
 
*The Dockerfile has been modified to specify container and file ownership as user=500 (genesys) and group=0 (root).
 
*The securityContext settings exposed in the default '''values.yaml''' file specify the user and group IDs for the genesys user (500:500:500). You must override these Helm chart values if you want OpenShift to use arbitrary UIDs. For more information, see {{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|topic=ConfigSecurity|display text=OpenShift security settings}}.
 
*The securityContext settings exposed in the default '''values.yaml''' file specify the user and group IDs for the genesys user (500:500:500). You must override these Helm chart values if you want OpenShift to use arbitrary UIDs. For more information, see {{Link-AnywhereElse|product=PrivateEdition|version=Current|manual=PEGuide|topic=ConfigSecurity|display text=OpenShift security settings}}.
*Designer is expected to be deployed using the '''default''' ServiceAccount, which uses the '''restricted''' SCC. If you do not want to use arbitrary UIDs in your OpenShift deployment, you must associate the '''default''' ServiceAccount with the '''genesys-restricted''' SCC, as described in the suite-level Private Edition Guide. If you previously deployed Designer using the default ServiceAccount associated with the genesys-restricted SCC, you must remove the association if you want OpenShift to use arbitrary UIDs. To do so,  execute the following command:<br /><tt> oc adm policy remove-scc-from-user genesys-restricted -z default -n <namespace></tt><br />
+
*Designer is deployed using ServiceAccounts that use the '''restricted''' Security Context Constraint (SCC). In an earlier implementation, Genesys required you to deploy all private edition services using a ServiceAccount associated with the custom '''genesys-restricted''' SCC, to control permissions for the genesys user (500). Genesys now expects OpenShift to use arbitrary UIDs in your deployment, and the '''genesys-restricted''' SCC has been deprecated. If you previously deployed Designer using the '''genesys-restricted''' SCC, Genesys recommends that you redeploy Designer so that you use arbitrary UIDs.
 
}}
 
}}

Revision as of 14:50, September 15, 2021

Component RN Definition[edit source]

Component Designer Application Server (DAS)
Deployment Type Private Edition
Release Number 100.0.001.0008 (Change release number)
Release Type
Highlight 100.0.001.0008
  • Support for arbitrary UIDs in private edition deployments on OpenShift.
Boilerplate(s) Used
Release Date 2021-08-31
Private Edition Release Date 2021-08-31
Mixed Mode Release ReleaseDate
Private Edition Containers List
  • das:100.0.001.0008
  • designer-das-100.0.111+0801.tgz
JQL project = DES AND issue=DES-11990
Links Links to customer-facing pages in use:
Test Links Links to test pages (for RN Admins only)

None yet!

Issue Issue Category Description SupportingDocumentation
Issue Issue Category Description SupportingDocumentation
DES-11990 Private Edition Designer now supports the use of arbitrary, or random, user IDs (UIDs) in OpenShift.
  • The Dockerfil...
Retrieved from "https://all.docs.genesys.com/RN/DesignerApplication_Server_(DAS)/100.0.001.0008 (2024-11-09 06:14:05)"
Comments or questions about this documentation? Contact us for support!