0

I have defined a sidecar container in a common.tpl file in my helm charts. This sidecar container is included in numerous pods in which different users are used.

I was wondering if there is a way to define as user in the sidecar container the user of the application container. As a result in each pod the same user will be used for both my application and my sidecar container.

I was imagining something like the below:

- name: sidecar_container
  image: sidecar_image:01
  imagePullPolicy: IfNotPresent
  securityContext:
    runAsUser: {{ some_variable_that_indicates_to_the_application's_container_user }}

Is there an option like that?

SteveGr2015
  • 463
  • 2
  • 7
  • 15
  • Have you read this documentation https://learn.hashicorp.com/vault/kubernetes/sidecar ? – Malgorzata Jun 05 '20 at 09:17
  • are you looking to know how to set dynamic values/variables with Kubernetes deployment yaml file? – mkrana Jun 07 '20 at 17:16
  • Yes, I would like to set the user dynamically to be the same with the application's container user. Although I think that I should follow the Pod level solution – SteveGr2015 Jun 09 '20 at 11:09

1 Answers1

2

You can define the "SecurityContext" at Pod level , which means it will be applied to all containers inside the pod.

Pod security context

Ijaz Ahmad
  • 11,198
  • 9
  • 53
  • 73
  • thanks for your answer, I was aware for that, I am just wondering that instead of modify my helm chart for each pod I can do it at once with a variable in my sidecar container manifest. – SteveGr2015 Jun 04 '20 at 15:26