diff --git a/Dockerfile b/Dockerfile
index 9d8de5d..a3b218b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -55,10 +55,22 @@ EXPOSE 1883 8883 8080 44053 4369 8888 \
        9100 9101 9102 9103 9104 9105 9106 9107 9108 9109
 
 
-VOLUME ["/vernemq/log", "/vernemq/data", "/vernemq/etc"]
+VOLUME ["/vernemq/log", "/vernemq/data"]
 
 HEALTHCHECK CMD vernemq ping | grep -q pong
 
-USER vernemq
+# Openshift Compatibility
+COPY --chown=10000:10000 bin/uid_entrypoint /usr/sbin/uid_entrypoint
+
+USER root
+
+RUN chgrp -R 0 /vernemq && \
+    chmod -R g=u /vernemq && \
+    chgrp -R 0 /usr/sbin/uid_entrypoint && \
+    chmod -R g=u /usr/sbin/uid_entrypoint
 
+RUN chmod g=u /etc/passwd
+USER vernemq
+ENTRYPOINT [ "uid_entrypoint" ]
 CMD ["start_vernemq"]
+
diff --git a/Dockerfile.alpine b/Dockerfile.alpine
index c953c1d..1341563 100644
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@@ -54,9 +54,21 @@ EXPOSE 1883 8883 8080 44053 4369 8888 \
        9100 9101 9102 9103 9104 9105 9106 9107 9108 9109
 
 
-VOLUME ["/vernemq/log", "/vernemq/data", "/vernemq/etc"]
+VOLUME ["/vernemq/log", "/vernemq/data"]
 
 HEALTHCHECK CMD vernemq ping | grep -q pong
 
+# Openshift Compatibility
+COPY --chown=10000:10000 bin/uid_entrypoint /usr/sbin/uid_entrypoint
+
+USER root
+
+RUN chgrp -R 0 /vernemq && \
+    chmod -R g=u /vernemq && \
+    chgrp -R 0 /usr/sbin/uid_entrypoint && \
+    chmod -R g=u /usr/sbin/uid_entrypoint
+
+RUN chmod g=u /etc/passwd
 USER vernemq
+ENTRYPOINT [ "uid_entrypoint" ]
 CMD ["start_vernemq"]
diff --git a/bin/uid_entrypoint b/bin/uid_entrypoint
new file mode 100755
index 0000000..66c8874
--- /dev/null
+++ b/bin/uid_entrypoint
@@ -0,0 +1,7 @@
+#!/bin/bash
+if ! whoami &> /dev/null; then
+  if [ -w /etc/passwd ]; then
+    echo "${USER_NAME:-default}:x:$(id -u):0:${USER_NAME:-default} user:/vernemq:/sbin/nologin" >> /etc/passwd
+  fi
+fi
+exec "$@"
diff --git a/helm/vernemq/README.md b/helm/vernemq/README.md
index 7386bb2..70dbd9e 100644
--- a/helm/vernemq/README.md
+++ b/helm/vernemq/README.md
@@ -109,3 +109,21 @@ $ helm install vernemq/vernemq --name my-release -f values.yaml
 Roles and RoleBindings resources will be created automatically.
 
 To manually setup RBAC you need to set the parameter `rbac.create=false` and specify the service account to be used for each service by setting the parameters: `serviceAccounts.create` to `false` and `serviceAccounts.name` to the name of a pre-existing service account.
+
+### Openshift Configuration
+
+To deploy chart on Openshift admin permissions inside a project are required to
+create the required service account, role and rolebinding.
+
+You can either use `helm template` and `oc apply` to deploy with admin
+permissions or grant Tiller admin access within a selected project.
+
+Security context configuration must be disabled in values file because Openshift
+will use random user to run the container.
+
+```yaml
+securityContext: {}
+  #runAsUser: 10000
+  #runAsGroup: 10000
+  #fsGroup: 10000
+```
diff --git a/helm/vernemq/values.yaml b/helm/vernemq/values.yaml
index 013e129..829e321 100644
--- a/helm/vernemq/values.yaml
+++ b/helm/vernemq/values.yaml
@@ -65,6 +65,7 @@ tolerations: []
 ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
 podAntiAffinity: soft
 
+# If deployed on Openshift disable securityContext by setting it to {}
 securityContext:
   runAsUser: 10000
   runAsGroup: 10000