-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[enterprise-logs] Make fsGroup configurable for deploying admin-api on OpenShift #922
Comments
@basvdl by looking at the helm-charts/charts/enterprise-logs/values.yaml Lines 221 to 227 in 837900e
This was updated in issue: #687 @chaudum what do you think about this? |
@basvdl Could you explain in more detail why this is necessary on OpenShift? |
Does a simple configurable fsGroup value help in this case? https://github.com/grafana/helm-charts/compare/chaudum/issue-922?expand=1 |
@chaudum I'm not an OpenShift expert... But OpenShift uses SecurityContexts which allows a range of uid's that can be used for runAsUser, runAsGroup and fsGroup. During my last GEL deployment on OpenShift, the customer was not able to create a custom SecurityContext and needed to change the fsGroup. We did this after the deployment by manually changing the yaml on the cluster. The suggested change looks good to me! Thanks! |
In order to deploy on OpenShift we need to be able to configure the fsGroup for the
admin-api deployment
.https://github.com/grafana/helm-charts/blob/main/charts/enterprise-logs/templates/admin-api/deployment-admin-api.yaml#L45
Add same logic seen in the other deployments, to make the security context configurable via the users
values.yaml
.The text was updated successfully, but these errors were encountered: