Changed to nfs and RWX
Altered security contexts
This commit is contained in:
2
scc-updates.sh
Executable file
2
scc-updates.sh
Executable file
@@ -0,0 +1,2 @@
|
||||
oc adm policy add-scc-to-user privileged -z minio-sa -n minio
|
||||
oc adm policy add-scc-to-user anyuid -z minio-sa -n minio
|
||||
32
values.yaml
32
values.yaml
@@ -159,9 +159,9 @@ persistence:
|
||||
##
|
||||
## Storage class of PV to bind. By default it looks for standard storage class.
|
||||
## If the PV uses a different storage class, specify that here.
|
||||
storageClass: "local-nvme-retain"
|
||||
storageClass: "nfs"
|
||||
#volumeName: "minio"
|
||||
accessMode: ReadWriteOnce
|
||||
accessMode: ReadWriteMany
|
||||
size: 300Gi
|
||||
|
||||
## If subPath is set mount a sub folder of a volume instead of the root of the volume.
|
||||
@@ -276,10 +276,10 @@ topologySpreadConstraints: []
|
||||
## Add stateful containers to have security context, if enabled MinIO will run as this
|
||||
## user and group NOTE: securityContext is only enabled if persistence.enabled=true
|
||||
securityContext:
|
||||
enabled: true
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
fsGroup: 1000
|
||||
enabled: false
|
||||
#runAsUser: 1000
|
||||
#runAsGroup: 1000
|
||||
#fsGroup: 1000
|
||||
fsGroupChangePolicy: "OnRootMismatch"
|
||||
|
||||
containerSecurityContext:
|
||||
@@ -358,8 +358,8 @@ policies: []
|
||||
makePolicyJob:
|
||||
securityContext:
|
||||
enabled: false
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
# runAsUser: 1000
|
||||
# runAsGroup: 1000
|
||||
resources:
|
||||
requests:
|
||||
memory: 128Mi
|
||||
@@ -387,8 +387,8 @@ users:
|
||||
makeUserJob:
|
||||
securityContext:
|
||||
enabled: false
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
# runAsUser: 1000
|
||||
# runAsGroup: 1000
|
||||
resources:
|
||||
requests:
|
||||
memory: 128Mi
|
||||
@@ -426,8 +426,8 @@ svcaccts: []
|
||||
makeServiceAccountJob:
|
||||
securityContext:
|
||||
enabled: false
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
# runAsUser: 1000
|
||||
# runAsGroup: 1000
|
||||
resources:
|
||||
requests:
|
||||
memory: 128Mi
|
||||
@@ -462,8 +462,8 @@ buckets: []
|
||||
makeBucketJob:
|
||||
securityContext:
|
||||
enabled: false
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
# runAsUser: 1000
|
||||
# runAsGroup: 1000
|
||||
resources:
|
||||
requests:
|
||||
memory: 128Mi
|
||||
@@ -479,8 +479,8 @@ customCommands:
|
||||
customCommandJob:
|
||||
securityContext:
|
||||
enabled: false
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
# runAsUser: 1000
|
||||
# runAsGroup: 1000
|
||||
resources:
|
||||
requests:
|
||||
memory: 128Mi
|
||||
|
||||
Reference in New Issue
Block a user