6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Kubernetes run pod as root\",\"text\":\"

I am trying to deploy the Hashicorp Vault Helm chart, and I get the following issue: Error: container's runAsUser breaks non-root policy is there a way to run Vault as non root? or is there a way to only allow that service to run as root without changing the whole policy?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Tacot\"},\"upvoteCount\":1,\"answerCount\":2,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

found the issue, it was in the same namespace as my Azure Dev Spaces and there was a conflict there, moved to a new namespace and it was fixed

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Tacot\"},\"upvoteCount\":2}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","kubernetes",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/kubernetes/1","children":"kubernetes"}]}],["$","span","kubernetes-helm",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/kubernetes-helm/1","children":"kubernetes-helm"}]}],["$","span","hashicorp-vault",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/hashicorp-vault/1","children":"hashicorp-vault"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/028b83bedcf85fec9535e99d4a4dcd5d?s=256&d=identicon&r=PG&f=y&so-version=2","alt":"Tacot","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/9028374/tacot","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Tacot"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",194]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Kubernetes run pod as root"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",3656]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","61016284",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/028b83bedcf85fec9535e99d4a4dcd5d?s=256&d=identicon&r=PG&f=y&so-version=2","alt":"Tacot","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/9028374/tacot","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Tacot"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",194]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

found the issue, it was in the same namespace as my Azure Dev Spaces and there was a conflict there, moved to a new namespace and it was fixed

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",2]}]}]]}],["$","div","61001192",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://lh3.googleusercontent.com/a-/AAuE7mAUTHrdQVAx48mbFcxVnruamQjFhbdZp8zh-tAbIA=k-s256","alt":"Yuri Oliveira","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/12724523/yuri-oliveira","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Yuri Oliveira"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",44]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

The test container that's the base of the Helm Chart currently works with the directory in /root. So you must run the Chart with root or you will have to change the Chart completely.

\n\n

FROM alpine:latest\nWORKDIR /root\n\nENV BATS_VERSION \"1.1.0\"\n\n# base packages\nRUN apk update && apk add --no-cache --virtual .build-deps \\\n    ca-certificates \\\n    curl \\\n    tar \\\n    bash \\\n    openssl \\\n    python \\\n    py-pip \\\n    git \\\n    jq\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",0]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","55043159",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/55043159","className":"text-blue-600 hover:underline","children":"How to enter a pod as root?"}]}],["$","li","74682886",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/74682886","className":"text-blue-600 hover:underline","children":"Use init container for running commands in the actual pod"}]}],["$","li","70266650",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/70266650","className":"text-blue-600 hover:underline","children":"how to login as root to running pod as root in kubernetes"}]}],["$","li","68543425",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/68543425","className":"text-blue-600 hover:underline","children":"start pod with root privilege on OpenShift"}]}],["$","li","67741468",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/67741468","className":"text-blue-600 hover:underline","children":"Run Openshift pod as root user"}]}],["$","li","46794360",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/46794360","className":"text-blue-600 hover:underline","children":""mkdir vault: permission denied" when using docker-vault with kubernetes"}]}],["$","li","60655747",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/60655747","className":"text-blue-600 hover:underline","children":"Configuring Vault-Helm PVC"}]}],["$","li","60451324",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/60451324","className":"text-blue-600 hover:underline","children":"Cannot launch Vault from Helm on kubernetes"}]}],["$","li","60071410",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/60071410","className":"text-blue-600 hover:underline","children":"How to inject secrets from vault to Kubernetes pods"}]}],["$","li","52835531",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/52835531","className":"text-blue-600 hover:underline","children":"vault for kubernetes (vault-operator)"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Kubernetes run pod as root

Answers (2)

Related Questions