Troubleshooting issues in installation of Cloud Automation Manager on IBM Cloud Private with OpenShift on IBM Cloud

After you submit the Cloud Automation Manager install task, Cloud Automation Manager pods get into an error state due to permission issue caused by using the built-in storage of IBM Cloud.

The cam-bpd-mariadb, cam-provider-terraform, cam-proxy, and cam-bpd-ui pods get into an error state.

As a resolution, do the following steps to install Cloud Automation Manager successfully:

Apply the pod deployment patch in the following sequence:

cam-proxy

Run the following command to open cam-proxy deployment in edit mode:
```
kubectl edit deployment -n services cam-proxy
```

Add the following initContainers: section after imagePullSecrets: section as follows:

      imagePullSecrets:
      - name: xxxxxxx
      initContainers:
      - args:
        - chown 1000:1000 /var/camlog;
        command:
        - /bin/sh
        - -c
        image: alpine:latest
        imagePullPolicy: Always
        name: initcontainer
        resources: {}
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - CHOWN
            - FOWNER
            - DAC_OVERRIDE
            drop:
            - ALL
          privileged: false
          readOnlyRootFilesystem: false
          runAsNonRoot: false
          runAsUser: 0
          seLinuxOptions:
            type: spc_t
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /var/camlog
          name: cam-logs-pv

Save and exit the cam-proxy deployment file.

cam-provider-terraform

Run the following command to open cam-provider-terraform deployment in edit mode:
```
kubectl edit deployment -n services cam-provider-terraform
```

Add the following initContainers: section after imagePullSecrets: section as follows:

      imagePullSecrets:
      - name: xxxxxx
      initContainers:
      - args:
        - chown 1111:1111 /home/terraform && chmod 775 /var/camlog
        command:
        - /bin/sh
        - -c
        image: alpine:latest
        imagePullPolicy: Always
        name: initcontainer
        resources: {}
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - CHOWN
            - FOWNER
            - DAC_OVERRIDE
            drop:
            - ALL
          privileged: false
          readOnlyRootFilesystem: false
          runAsNonRoot: false
          runAsUser: 0
          seLinuxOptions:
            type: spc_t
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /home/terraform
          name: cam-terraform-pv
          subPath: cam-provider-terraform
        - mountPath: /var/camlog
          name: cam-logs-pv

Save and exit the cam-provider-terraform deployment file.

cam-bpd-mariadb

Run the following command to open cam-bpd-mariadb deployment in edit mode:
```
kubectl edit deployment -n services cam-bpd-mariadb
```

Add the following initContainers: section after imagePullSecrets: section as follows:

      imagePullSecrets:
      - name: xxxxxx
      initContainers:
      - args:
        - chown 1000:1000 /var/lib/mysql;
        command:
        - /bin/sh
        - -c
        image: alpine:latest
        imagePullPolicy: Always
        name: permissionfix
        resources: {}
        securityContext:
          capabilities:
            add:
            - CHOWN
            - FOWNER
            - DAC_OVERRIDE
            drop:
            - ALL
          privileged: false
          readOnlyRootFilesystem: false
          runAsNonRoot: false
          runAsUser: 0
          seLinuxOptions:
            type: spc_t
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /var/lib/mysql
          name: cam-bpd-appdata-pv
          subPath: mysql

Save and exit the cam-bpd-mariadb deployment file.

cam-bpd-ui

Run the following command to get service pods:
```
kubectl get -n services pods
```
Wait for the cam-bpd-mariadb pod and cam-bpd-ui pod to be 1/1.
Run the following command to open cam-bpd-ui deployment in edit mode:
```
kubectl edit deployment -n services cam-bpd-ui
```

Add the following initContainers: section after imagePullSecrets: section as follows:

      imagePullSecrets:
      - name: xxxxxx
      initContainers:
      - args:
        - chown 1000:0 /opt/ibm-ucd-patterns/workspace && chown 1000:0 /opt/ibm-ucd-patterns/repositories;
        command:
        - /bin/sh
        - -c
        image: alpine:latest
        imagePullPolicy: Always
        name: permissionfix
        resources: {}
        securityContext:
          capabilities:
            add:
            - CHOWN
            - FOWNER
            - DAC_OVERRIDE
            drop:
            - ALL
          privileged: false
          readOnlyRootFilesystem: false
          runAsNonRoot: false
          runAsUser: 0
          seLinuxOptions:
            type: spc_t
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /opt/ibm-ucd-patterns/workspace
          name: cam-bpd-appdata-pv
          subPath: workspace
        - mountPath: /opt/ibm-ucd-patterns/repositories
          name: cam-bpd-appdata-pv
          subPath: repositories

Save and exit the cam-bpd-ui deployment file.

Ensure that all Cloud Automation Manager pods are in running/ready state, for example, 1/1.