Replies: 3 comments
-
|
Hey @kumachop2. This is an init container that is setting access permissions to the log directories on the node, so the collector itself can read from there while running as a non root user. It wouldn't be possible to change the access permissions if the init container run as a non root user. |
Beta Was this translation helpful? Give feedback.
-
|
Thank You for you prompt response. Based on Azure recommendations running containers as root user should be avoided. Please do advice steps to achieve it. |
Beta Was this translation helpful? Give feedback.
-
|
Yes, this should be avoided. That why we have an isolated init container that runs only once to make it possible for the main long-running otel collector container to run as non root. I don't think there is another way to fetch logs from the node using the otel collector without running this init container as root. |
Beta Was this translation helpful? Give feedback.
-
Based on our security needs init container to be initialized as non root user. Please help us values to pass non root user in values.yaml file. Here is link referring to.
splunk-otel-collector-chart/helm-charts/splunk-otel-collector/templates/daemonset.yaml
Line 159 in 5097ecf
Beta Was this translation helpful? Give feedback.
All reactions