Support for OpenShift as Management Cluster #236
Labels
triage/accepted
Indicates an issue or PR is ready to be actively worked on.
Comments
|
/triage accepted |
k8s-ci-robot
added
the
triage/accepted
|
@senthilredhat Thanks for your patience, I haven't worked with OpenShift before but will try to look into this. Just to clarify, you need the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
User Story
I am using OpenShift as my management cluster and encountered an issue when attempting to install the Helm chart on the managed cluster. The current version fails with an error related to writing to /.config and /etc/xdg folders. This is because, by default, pods on OpenShift run as non-privileged containers, which restricts write access to these directories.
Current Workaround
While changing the deployment to run as a privileged container is a potential workaround, it introduces security concerns and goes against best practices for running containers.
Request
Please modify the deployment configuration or provide an option to enable the Helm chart to function without requiring escalated privileges. This would involve ensuring that the necessary directories have appropriate permissions or altering the paths used by the application to directories writable by non-privileged containers.
Additional Context
The issue specifically arises because of the default security context in OpenShift, which does not permit write access to /.config and /etc/xdg. Adjusting the deployment to be compatible with OpenShift’s security policies will make the Helm chart more versatile and secure.
The text was updated successfully, but these errors were encountered: