Skip to content

[openshift-support] runAsUser=1000 preventing from running pods #421

New issue
New issue
Closed
#559
Closed
[openshift-support] runAsUser=1000 preventing from running pods#421
#559
Labels
enhancementNew feature or request
Milestone
 
0.9
@raffaelespazzoli

Description

@raffaelespazzoli
raffaelespazzoli
opened on Apr 2, 2021

In OpenShift the uid of non privileged pod is randomized. the k8gb chart tries to set runAsUser to 1000 preventing the k8gb and the externalDNS pods to start. I don't see a reason why for these pods a specific uid this would be needed.
Possible solutions:

  1. let the user specify the uid, guid via chart parameter
  2. automatically set an acceptable value using the lookop function. The look up should do the equivalent of the following:
  export uid=$(oc get project k8gb -o jsonpath='{.metadata.annotations.openshift\.io/sa\.scc\.uid-range}'|sed 's/\/.*//')
  export guid=$(oc get project k8gb -o jsonpath='{.metadata.annotations.openshift\.io/sa\.scc\.supplemental-groups}'|sed 's/\/.*//')
  1. for OpenShift don't set any value.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    k8gb

    • Status

      Done

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions