Subject: Grouper Users - Open Discussion List
- From: Oliver Trieu <>
- To: Darren Boss <>, Scott Koranda <>
- Subject: Re: [grouper-users] Openshift Deployment
- Date: Mon, 27 Apr 2020 12:10:46 +0200
could you elaborate on what kind or problems you expect with runAsUser in a Pod?
I am currently running our test instance of grouper 2.4 on Openshift and so far i did not encounter issue.
Is there an easy way to specifically test for this?
Just a clarifying question...
Would you find it acceptable for the container to start running as root
and then drop privileges later to a non-privileged user, or is your
requirement that the container never need any root privileges at all?
Asking for a friend...
> Even if not running under Openshift and just upstream Kubernetes, please
> retool the Docker images to not run as root (this applies to the other TAP
> images as well).
> Containers are not vms and unless you are running with uid
> translation/mapping in place, the grouper process would be running at root
> on the system as well. From what I've read, running within a user namespace
> and remapping uids can impart a performance penalty.
> On Wed, Apr 22, 2020 at 3:22 AM Oliver Trieu <>
> > Dear Grouper Team,
> > I think its great that Grouper is now running on containers.
> > This is definitely a step in the right direction.
> > I was wondering if you could prepare your Container Image to run on the
> > Openshift Platform.
> > The issue here is that the current Image wants to run as the root user.
> > It would be great if you could run it as an unpriviledged user.
> > Is it possible to obtaiin the Dockerfiles you used to create the images?
> > Kind Regards
> > Oliver
> Darren Boss
> Senior Programmer/Analyst
> Programmeur-analyste principal
- [grouper-users] Openshift Deployment, Oliver Trieu, 04/22/2020
- Re: [grouper-users] Openshift Deployment, Darren Boss, 04/22/2020
Archive powered by MHonArc 2.6.19.