"Please check the configuration, the workflow was not able to start " error in litmus chaosCenter portal after opening the status of workflow"

1

1

There are 1 best solutions below

0
On

I faced the same issue while setting up LitmusChaos on Openshift local, it will be mostly due to lack of permission to create a Pod that will create chaos scenario. You can find the reason of failure in "workflow controller" or "subscriber" pod logs, in my case I found it on "workflow controller", failed to start chaos pod because pod is trying to start with user 2000, the solution to overcome is

oc adm policy add-scc-to-group anyuid system:authenticated

The above command will grant "anyuid" scc to all the authenticated users. For production environment, refrain using this command. Best Practice is to add anyuid scc to service account which you created for litmus agent.

References: https://stackoverflow.com/a/65231547/8496688 https://cloud.redhat.com/blog/managing-sccs-in-openshift#:~:text=anyuid,inside%20and%20outside%20the%20container.

Edit: Instead of assigning Priviliged SCC to all authenticated users, Create a new SCC provided by Litmus team (Openshift SCC Link) and assign it to the Service Account (SA) which you provided at the time of agent creation. e.g

oc adm policy add-scc-to-user privileged system:serviceaccount:myproject:mysvcacct

Ensure that you add the prefix "system:serviceaccount:<project_name>" while granting SCC to SA

References: https://docs.openshift.com/container-platform/3.11/admin_guide/manage_scc.html