In Docker swarm mode, I am getting following permission issue for these commands
Compose File
version: ‘3’
services:
test:
image: nginx
ports:
- "8443:443”
Commands:
docker stack deploy --compose-file docker-compose.yaml app
“Error response from daemon: authorization denied by plugin opa-docker-authz: request rejected by administrative policy”
docker service ls
“Error response from daemon: authorization denied by plugin opa-docker-authz: request rejected by administrative policy”
Following are the restriction policies
- Privileged containers
- UsernsMode = host
- The following CAPs: “ALL”, “SYS_MODULE”, “SYS_RAWIO”, “SYS_PACCT”, “SYS_ADMIN”, “SYS_NICE”, “SYS_RESOURCE”, “SYS_TIME”, “SYS_TTY_CONFIG”, “AUDIT_CONTROL”, “MAC_ADMIN”, “MAC_OVERRIDE”, “NET_ADMIN”, “SYSLOG”, “DAC_READ_SEARCH”, “LINUX_IMMUTABLE”, “NET_BROADCAST”, “IPC_LOCK”, “IPC_OWNER”, “SYS_PTRACE”, “SYS_BOOT”, “LEASE”, “WAKE_ALARM”, “BLOCK_SUSPEND”
Appreciate any help.
Vijay Bose