kubernetes article (7 Part Series)
Most Docker containers and the processes inside run with non-root user, because of better security. If the container process is running with root (uid 0) it will be the same root as on the host. In this case user may get access to host from the container, thus gaining the root privilege on the host. This is of course a security concern.
However there can be a case when you need to run a container with root privilege because of permission issues of the volumes on the host.
In order to run a container inside a pod with root, add following config:
apiVersion: extensions/v1beta1 kind: Deployment metadata: name: my-app spec: template: spec: containers: - image: my-image name: my-app ... securityContext: allowPrivilegeEscalation: false runAsUser: 0
Now when you enter the 'my-image' container with
docker exec or
kubectl exec, you will see that the user is root. 🙌🏼
I'm happy to connect with you on 🙂