redis-enterprise-k8s-docs icon indicating copy to clipboard operation
redis-enterprise-k8s-docs copied to clipboard

Published 20 hours ago verified publisher icon RedisLabs

Unable to define securityContext for Pods created by operator

Open sankalp28 opened this issue 2 years ago • 1 comments

I want to define the following securityContext for all containers created by the redis enterprise operator:

securityContext:
  capabilities:
    drop:
    - ALL
  runAsNonRoot: true
  runAsUser: 1001
  allowPrivilegeEscalation: false
  readOnlyRootFilesystem: true
  seccompProfile:
     type: RuntimeDefault

I think I can define them in the CRD for

redisEnterpriseAdditionalPodSpecAttributes:
  ephemeralContainers:
    securityContext:


redisEnterpriseAdditionalPodSpecAttributes:
  initContainers:
    securityContext:


servicesRiggerSpec:
  ephemeralContainers:
    securityContext:


servicesRiggerSpec:
  initContainers:
    securityContext:

sideContainersSpec:
  securityContext:

But where can I define the regular containers?

Also redisEnterpriseAdditionalPodSpecAttributes.ephemeralContainers is an array, so I guess I need to specify the names of the containers too like this?

redisEnterpriseAdditionalPodSpecAttributes:
  ephemeralContainers:
    - name: some-ephemeral-container
       securityContext:

However I have no idea where to find those names. Could you please give me any advice or tell me if its even possible?

sankalp28 avatar Sep 30 '22 14:09 sankalp28

any updates on this ??

sankalp28 avatar Oct 26 '22 08:10 sankalp28