charts icon indicating copy to clipboard operation
charts copied to clipboard
verified publisher icon streamnative

[bug](sn-platform): vault init jobs cannot run with non-root

Open ericsyh opened this issue 3 years ago • 1 comments

When setting securityContext for vault as:

vault:
  securityContext:  
    runAsUser: 2000
    runAsGroup: 3000
    supplementalGroups: [2000]
    fsGroup: 2000

And vault init jobs will have errors like:

Error storing token: open /.vault-token.tmp: read-only file system
Authentication was successful, but the token was not persisted. The resulting
token is shown below for your records.

Key                  Value
---                  -----
token                hvs.n5DEIV2BiTm6ffqfKkDxc1qB
token_accessor       w4mJwG96IdJ2ZhPOMQD7R2qq
token_duration       ∞
token_renewable      false
token_policies       ["root"]
identity_policies    []
policies             ["root"]
vault is not ready now, wait another 5s~

ericsyh avatar Aug 10 '22 12:08 ericsyh

https://github.com/streamnative/charts/pull/849

urfreespace avatar Aug 18 '22 12:08 urfreespace