Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Using runc inside a pod in kubernetes with least privileges #2526

Open
ashokponkumar opened this issue Jul 22, 2020 · 0 comments
Open

Using runc inside a pod in kubernetes with least privileges #2526

ashokponkumar opened this issue Jul 22, 2020 · 0 comments
Labels
kind/question

Comments

@ashokponkumar
Copy link
Contributor

I am currently able to run a container within a Openshift/Kubernetes pod, with the below security context for the container.

  securityContext:
    privileged: true
    runAsUser: 0

When I remove either of them, I am running into multiple errors. Currently I am using ubi8 as the base image.

Just wondering what would be the minimum permissions I need to grand to the container for me to be able to successfully execute runc inside the container. I have read multiple blog posts and issues, but could not find a single simple list. From this PR, I understand that running rootless should be possible. But want to know the bare minimum mandatory permissions.
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
kind/question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ashokponkumar @AkihiroSuda