[
https://issues.apache.org/jira/browse/SUBMARINE-1179?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
cdmikechen reassigned SUBMARINE-1179:
-------------------------------------
Assignee: cdmikechen
> Add PodSecurityPolicies/SecurityContextConstraints for submarine
> ----------------------------------------------------------------
>
> Key: SUBMARINE-1179
> URL: https://issues.apache.org/jira/browse/SUBMARINE-1179
> Project: Apache Submarine
> Issue Type: Bug
> Components: Cloud-native Deployment
> Reporter: cdmikechen
> Assignee: cdmikechen
> Priority: Major
>
> Database and minio need user uid 999 / 0 to run container, notebook need
> group uid 100 . Sometimes, K8s's security policy prohibits too small uid
> values.
> We need to add PodSecurityPolicies(k8s) or
> SecurityContextConstraints(openshift) to let pod run as a user with specified
> uid. e.g.
> {code:java}
> securityContext:
> runAsUser: 999
> {code}
> {code:java}
> securityContext:
> fsGroup: 100
> {code}
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@submarine.apache.org
For additional commands, e-mail: dev-h...@submarine.apache.org
