Ceph-client: Fix security context for pod/container

This changes the  user from root to the nobody user instead
in ceph-client chart wherever needed

Change-Id: I4c56b97f85093bbbaaef617f1981f67215a8bc00
This commit is contained in:
RAHUL KHIYANI 2019-05-28 11:13:18 -05:00 committed by Rahul Khiyani
parent 630efb7fb0
commit 789fa7a4e5

View File

@ -56,43 +56,51 @@ pod:
security_context:
checkdns:
pod:
runAsUser: 0
runAsUser: 65534
container:
checkdns:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
mds:
pod:
runAsUser: 0
runAsUser: 65534
container:
init_dirs:
runAsUser: 0
readOnlyRootFilesystem: true
mds:
runAsUser: 0
readOnlyRootFilesystem: true
mgr:
pod:
runAsUser: 0
runAsUser: 65534
container:
init_dirs:
runAsUser: 0
readOnlyRootFilesystem: true
mgr:
runAsUser: 0
readOnlyRootFilesystem: true
bootstrap:
pod:
runAsUser: 0
runAsUser: 65534
container:
bootstrap:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
rbd_pool:
pod:
runAsUser: 0
runAsUser: 65534
container:
rbd_pool:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
test:
pod:
runAsUser: 0
runAsUser: 65534
container:
test:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
dns_policy: "ClusterFirstWithHostNet"
replicas: