From a9faafecf88a249298e56ea2b8db96c7f592adbb Mon Sep 17 00:00:00 2001 From: "Hussey, Scott (sh8121)" Date: Wed, 26 Jun 2019 13:39:55 -0500 Subject: [PATCH] (fix) haproxy anchor runs as root - The anchor pod for haproxy writes to the host disk and in order to manage file permissions should run as root. Without this fix, the haproxy chart is not resilient to node failure. Change-Id: I9ea9b9a1a2a760be2b3ebb38bd45ead8aaefa034 --- charts/haproxy/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/haproxy/values.yaml b/charts/haproxy/values.yaml index d462ed31..387fc80b 100644 --- a/charts/haproxy/values.yaml +++ b/charts/haproxy/values.yaml @@ -83,6 +83,7 @@ pod: runAsUser: 65534 container: anchor: + runAsUser: 0 allowPrivilegeEscalation: false readOnlyRootFilesystem: true lifecycle: