rancher icon indicating copy to clipboard operation
rancher copied to clipboard

Published 20 hours ago verified publisher icon rancher

Add helm value to specify pod securityContext

Open SvenKirschbaum opened this issue 8 months ago • 0 comments

Issue:

https://github.com/rancher/rancher/issues/45698 https://github.com/rancher/rancher/issues/27160

Problem

Rancher requires the MKNOD capability, which is not available in the default configuration of cri-o, making rancher unable to start. A known workaround is to adjust cri-o's configuration to grant the capability by default to all pods.

Solution

I added a securityContext and podSecurityContext value to the helm chart, to allow modification of the securityContext on the pod and rancher container level respectively, including but not limited to adding the capability required for usage with cri-o.

Testing

/

Engineering Testing

Manual Testing

Verified that the values are passed to the pods correctly, and verified installation in a cluster using cri-o with default configuration is possible when specifying the appropriate values.

Automated Testing

n/a

QA Testing Considerations

n/a

Regressions Considerations

n/a

SvenKirschbaum avatar Jun 22 '24 16:06 SvenKirschbaum