-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Investigate (and implement) if it's possible to run the worker
in non-privileged mode
#1075
Comments
It doesn't seem possible in the current iteration.
Alternative workarounds using
and then running
still fails because Even running as For now, the only option seems to go with |
I was never able to get this to work in Docker without privileged mode. In K8s I was able to get it to work but it still required elevated permissions and not much different that running it in privileged mode. We will have to revisit this again at some point if the community in general is not supportive of this. We have had some users not be comfortable with this requirement in their production so we need to keep our eyes open for alternatives here. |
I have made some test changes that make it possible to run it without privileged mode. I have rewritten the podman controls to use docker api. #1160 |
For some users, running the
worker
container in privileged mode is a no-go. We should investigate if and how we can allow for non-privileged mode use with our container-sync approach (podman in a container)The text was updated successfully, but these errors were encountered: