AKS
AKS copied to clipboard
Azure
Fix the CrashLoopBackoff issue due to permission issue for the calico-node with non-root user
Is your feature request related to a problem? Please describe. When you change the calico-node to run as non-root user following this tigera documentation: https://docs.tigera.io/calico/latest/network-policy/non-privileged. The pod goes into CrashLoopBackoff issue as the pod tries to create a directory /etc/service/enabled/.
The issue is also create on the tigera project on github: https://github.com/projectcalico/calico/issues/8016
Describe the solution you'd like I would like that the pod be able to have the permissions to create a directory /etc/service/enabled without root user so the pod can start.
Describe alternatives you've considered I tried updating the version of AKS, to try with different calico image versions but the issue still persists.
Additional context Running pods as non-root, is generally a security best practice.
Action required from @aritraghosh, @julia-yin, @AllenWen-at-Azure
![microsoft-github-policy-service[bot] avatar](https://avatars.githubusercontent.com/in/95686?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue has been automatically marked as stale because it has not had any activity for 180 days. It will be closed if no further activity occurs within 7 days of this comment. @shashankbarsin
This issue will now be closed because it hasn't had any activity for 7 days after stale. @RomainFloreani feel free to comment again on the next 7 days to reopen or open a new issue after that time if you still have a question/issue or suggestion.