Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Running Apisix with securityContext does not work #805

Open
luarx opened this issue Feb 11, 2025 · 0 comments
Open

Running Apisix with securityContext does not work #805

luarx opened this issue Feb 11, 2025 · 0 comments

Comments

@luarx
Copy link

luarx commented Feb 11, 2025
edited
Loading

I am running Apisix Helm Chart version 2.10.0
I want to run Apisix with the suggested security context does not work

securityContext:
  capabilities:
    drop:
    - ALL
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  runAsUser: 1000

It throws this error:

Defaulted container "apisix" out of: apisix, wait-etcd (init)
/usr/local/openresty//luajit/bin/luajit ./apisix/cli/apisix.lua init
failed to update nginx.conf: failed to open file: /usr/local/apisix/conf/nginx.conf, error info:/usr/local/apisix/conf/nginx.conf: Read-only file system

And if readOnlyRootFilesystem is set to false, it says:

Defaulted container "apisix" out of: apisix, wait-etcd (init)
/usr/local/openresty//luajit/bin/luajit ./apisix/cli/apisix.lua init
failed to update nginx.conf: failed to open file: /usr/local/apisix/conf/nginx.conf, error info:/usr/local/apisix/conf/nginx.conf: Permission denied

How should I run Apisix with a protective securityContext?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@luarx