K
Q

Kubernetes run pod as root

4/2/2020

I am trying to deploy the Hashicorp Vault Helm chart, and I get the following issue: Error: container's runAsUser breaks non-root policy is there a way to run Vault as non root? or is there a way to only allow that service to run as root without changing the whole policy?

-- Tacot
hashicorp-vault
kubernetes
kubernetes-helm

Similar Questions

stackdriver-metadata-agent-cluster-level a lot of fail with [2a00:1450:400c:c09::5f]:443: i/o timeout
FileNotFoundError Python-Flask/Docker in Kubernetes Cluster
Tensorflow Serving Performance Very Slow vs Direct Inference
Loop crashes with Falco

2 Answers

4/2/2020

The test container that's the base of the Helm Chart currently works with the directory in /root. So you must run the Chart with root or you will have to change the Chart completely.

FROM alpine:latest
WORKDIR /root

ENV BATS_VERSION "1.1.0"

# base packages
RUN apk update && apk add --no-cache --virtual .build-deps \
    ca-certificates \
    curl \
    tar \
    bash \
    openssl \
    python \
    py-pip \
    git \
    jq
-- Yuri Oliveira
Source: StackOverflow
4/3/2020

found the issue, it was in the same namespace as my Azure Dev Spaces and there was a conflict there, moved to a new namespace and it was fixed

-- Tacot
Source: StackOverflow