kube-arangodb icon indicating copy to clipboard operation
kube-arangodb copied to clipboard

Published 20 hours ago verified publisher icon arangodb

A Non-Root User Container would be better

Open vanthome opened this issue 2 years ago • 1 comments

Even with the operator, the ArarngoDB DB in the container is started with user root. This is bad practice and there should be a normal user that runs it.

vanthome avatar Feb 16 '23 07:02 vanthome

Hello!

It is already planned, but it will default in 1.4.0.

For now, you can enable it on your deployment using ArangoDeployment SecurityContext (https://github.com/arangodb/kube-arangodb/blob/master/pkg/apis/deployment/v1/server_group_spec.go#L133) and Operator Ephemeral Volumes feature.

Best, Adam.

ajanikow avatar Feb 20 '23 05:02 ajanikow