You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
Some kubernetes cluster providers do not allow to run the container as a root user because of security reasons. So you need to specify spec.template.spec.securityContext.runAsUser: <USERID> in your deployment resource.
However, design of Concerto docker image does not allow this, because in the CMD section there are many commands that require root user.
To allow this, the docker image should be built in a way that all the commands that require root user are executed in the build of the docker image and commands in the CMD can be executed with another user.
Concerto Platform version
5.0.27 and master
Expected behavior
Application normally deploys on Kubernetes cluster with spec.template.spec.securityContext.runAsUser: <USERID> specified in the deployment resource.
Actual behavior
Pods do not start, because commands in the CMD section fail. Log: /bin/sh: 1: cannot create /root/env.sh: Permission denied
Steps to reproduce the issue
Option 1. Put spec.template.spec.securityContext.runAsUser: <USERID> in the kubernetes deployment resource.
Option 2. Put USER <USERID> in the Dockerfile before the CMD section.
The text was updated successfully, but these errors were encountered:
Hello,
Some kubernetes cluster providers do not allow to run the container as a root user because of security reasons. So you need to specify
spec.template.spec.securityContext.runAsUser: <USERID>in your deployment resource.However, design of Concerto docker image does not allow this, because in the
CMDsection there are many commands that require root user.To allow this, the docker image should be built in a way that all the commands that require root user are executed in the build of the docker image and commands in the
CMDcan be executed with another user.Concerto Platform version
5.0.27 and master
Expected behavior
Application normally deploys on Kubernetes cluster with
spec.template.spec.securityContext.runAsUser: <USERID>specified in the deployment resource.Actual behavior
Pods do not start, because commands in the
CMDsection fail. Log:/bin/sh: 1: cannot create /root/env.sh: Permission deniedSteps to reproduce the issue
Option 1. Put
spec.template.spec.securityContext.runAsUser: <USERID>in the kubernetes deployment resource.Option 2. Put
USER <USERID>in the Dockerfile before theCMDsection.The text was updated successfully, but these errors were encountered: