0

For the first time I am trying to set pod security context. I added the following to the pod spec:

securityContext:
  fsGroup: 2000
  runAsNonRoot: true

And when the pod is trying to come up, the init container is stuck in state CreateContainerConfigError with the following message:

Error: container has runAsNonRoot and image has non-numeric user (flyway), cannot verify user is non-root (pod: "mt-test-pod (c0cd-4c99-8501-1f592acae)", container: flyway-db-updater)

As I understand- there's a user named flyway but it is has no uid.

  1. What should be done in order to make all containers in a pod not run as root?
  2. Is there a specific way to define runAsNonRoot on init containers?
jrz
  • 1,213
  • 4
  • 20
  • 54

1 Answers1

0

Can you update the pod spec as given below

securityContext:
  fsGroup: 2000
  runAsUser: 1000

reference--> https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod

P Ekambaram
  • 15,499
  • 7
  • 34
  • 59
  • `Error: failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec /flyway/flyway: permission denied: unknown` – jrz Nov 21 '22 at 10:00