Docker: Allow running zeebe with a read-only root filesystem #11876
Labels
kind/feature
Categorizes an issue or PR as a feature, i.e. new behavior
support
Marks an issue as related to a customer support request
version:8.1.9
Marks an issue as being completely or in parts released in 8.1.9
version:8.2.0
Marks an issue as being completely or in parts released in 8.2.0
Is your feature request related to a problem? Please describe.
Following security recommendations containers should be run with a read only root file system.
As of now running Zeebe with a read-only filesystem cause it to fail with errors such as:
Describe the solution you'd like
/usr/local/zeebe/data
,/usr/local/zeebe/logs
and/tmp
are defined as VOLUME in the Dockerfile to instruct docker to always create volumes for these paths.Describe alternatives you've considered
At least documentation on container security should indicate that running zeebe with a read only root filesystem requires mounting
/usr/local/zeebe/data
,/usr/local/zeebe/logs
and/tmp
.Relates to https://jira.camunda.com/browse/SUPPORT-14820
The text was updated successfully, but these errors were encountered: