Cannot verify user is non-root

Question

vanyarock01 opened this issue 4 years ago · 2 comments

I'm trying to deploy an application with non-privileged (any non-root user) containers:

Error: container has runAsNonRoot and image has non-numeric user (tarantool), cannot verify user is non-root

Answer 1 · 2021-02-17T09:03:51.000Z

The reason is that the container is not privileged.

The image created with cartridge-cli has a default user named tarantool. At startup, k8s cannot verify that the user (tarantool) is non-root.

The problem has two solutions:

Start a container with a default non-root user with ID 1000.
Find ID of tarantool user and pass them. This is not easy, since the tarantool user ID is not set externally.

UPD: The problem is solved by using id when building a docker image, more details here.

Answer 2 · 2021-03-30T20:07:32.000Z

Fixed on cartridge-cli side.