K
Q

wso2 kubernetes-apim on openshift - what is correct security context?

5/30/2018

Deploying WSO2 APIM 2.1.0 on OpenShift using the published github project, deploying the pattern-2 use case.

By default the deployed pods have no access to their mapped volumes. As a workaround we set the pods to run under privileged security context, though I'd like to use the default settings.

What is the correct resolution / setup?

I assume I am missing a security context or some mapping to the user uid (set to 1000000000 in the Dockerfile as far I see).

-- gusto2
kubernetes
openshift
wso2
wso2-am

Similar Questions

kubectl multiple net/http: TLS handshake timeout
How does docker-compose create aliases for link ips
kubernetes - can not create deployment correctly
Java error stack trace duplicate after a JsonLayout record
How to prevent a pod from triggering the Cluster autoscaler

1 Answer

5/31/2018

Can you share some details about your environment? Specifically:

  1. Is it Openshift running on baremetal, or on a cloud provider like AWS?
  2. Are you using NFS for the persistent volumes?

If you have installed your own NFS server in a VM, can you create the same user (wso2user, uid=1000000000 in root group) in the NFS VM, and change the ownership of the shared directories to this user, and try again?

-- UserX
Source: StackOverflow