Skip to content

cb-technologists/efs-provisioner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
efs-provisioner-psp.yaml
efs-provisioner-psp.yaml
 
 
helm-manifest.yaml
helm-manifest.yaml
 
 
values.yaml
values.yaml
 
 

Repository files navigation

efs-provisioner

Modified version of the Kubernetes efs-provisioner to run as non-root user.

Setup

Deployment is based on the official Helm chart.

Before deploying, the following steps are required:

  1. Use kubectl create namespace efs-provisioner and kubectl config set-context $(kubectl config current-context) --namespace efs-provisioner to create and use a dedicated namespace.
  2. Use kubectl apply -f efs-provisioner-psp.yaml to create the required PodSecurityPolicy.

After modifying values.yaml to use your efsFileSystemId and awsRegion, use helm template efs-provisioner stable/efs-provisioner -f values.yaml > helm-manifest.yaml to generate a manifest file. From there, a couple of additional modifications are required:

  1. Add securityContext to the Pod specification so that fsGroup and runAsUser are both set to 2000.
  2. Comment out the entire initContainer block.

Use kubectl apply -f helm-manifest.yaml to deploy.

About

Modified efs-provisioner that runs as non-root user

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages