k8s related docs
samstride opened this issue · 0 comments
samstride commented
Hi,
Few things I noticed about k8s docs that probably needs to be reviewed/updated.
https://www.krakend.io/docs/deploying/kubernetes/ states that UID 1000 needs to be used. However, the docker build guideline does not set the user. I think we should add the appropriate USER to the Dockerfile. Otherwise with a k8s PSA of restricted
the container runs into permission errors.
FROM devopsfaith/krakend:2.3.2 as builder
ARG ENV=prod
USER 1000
.
.
.
Next, NET_BIND_SERVICE
is only needed if ports <1024 are used. I think with security in mind, I think that privilege needs to be dropped.
Thanks.