fsGroup unsettable in juju k8s
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Invalid
|
High
|
Unassigned |
Bug Description
As discussed here: https:/
It appears that we can't set the fsGroup at the correct level to allow write permissions for non-root containers on kubernetes deployments with slightly more restrictive PVC implementations.
spec = {
}
},
{
},
],
}
Settings like this securityContext should end up in the pods but do not get set and so we can't write to the PVC's using non-root containers.
Confirming and dropping into the 3.0.0 milestone, as part of the work we're doing to support more k8s substrates this cycle.