You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
try to run the image on a kubernetes cluster where spec.containers[*].securityContext.runAsNonRoot is enforces.
Current Behaviour
If fails
Expected Behaviour
it runs, root should not be needed in this context
Extra Details
In general, port 80 is considered a "high privilege" port in Linux.
It is sufficiemt for the reverse proxy to run with this (and port 443) port.
The upstream server does not need to run on this port.
The text was updated successfully, but these errors were encountered:
Nginx as less privileged User
Summary
In order to run the
frontendimage in a restricted environment,for example where [pod security standards](https://kubernetes.io/docs/concepts/security/pod-security-standards/_ are set to
restricted, theUSER rootis not allowed.This also applies for Openshift afaik.
Steps to Reproduce
try to run the image on a kubernetes cluster where
spec.containers[*].securityContext.runAsNonRootis enforces.Current Behaviour
If fails
Expected Behaviour
it runs, root should not be needed in this context
Extra Details
In general, port 80 is considered a "high privilege" port in Linux.
It is sufficiemt for the reverse proxy to run with this (and port 443) port.
The upstream server does not need to run on this port.
The text was updated successfully, but these errors were encountered: