mirror of
https://github.com/ansible/awx-operator.git
synced 2026-03-26 21:33:14 +00:00
Add an option to specify container capabilities for the redis container
With some kubernetes clusters and settings, you might need to specify some capabilities so the container can start. For example, the CHOWN, SETUID and SETGID capabilties. Setting the redis_capabilities option will add the capabilities in the deployment.
This commit is contained in:
Olivier
14
README.md
14
README.md
@@ -458,6 +458,20 @@ spec:
|
||||
|
||||
**Note**: The `image` and `image_version` are intended for local mirroring scenarios. Please note that using a version of AWX other than the one bundled with the `awx-operator` is **not** supported. For the default values, check the [main.yml](https://github.com/ansible/awx-operator/blob/devel/roles/installer/defaults/main.yml) file.
|
||||
|
||||
#### Redis container capabilities
|
||||
|
||||
Depending on your kubernetes cluster and settings you might need to grant some capabilities to the redis container so it can start. Set the `redis_capabilities` option so the capabilities are added in the deployment.
|
||||
|
||||
```yaml
|
||||
---
|
||||
spec:
|
||||
...
|
||||
redis_capabilities:
|
||||
- CHOWN
|
||||
- SETUID
|
||||
- SETGID
|
||||
```
|
||||
|
||||
#### Privileged Tasks
|
||||
|
||||
Depending on the type of tasks that you'll be running, you may find that you need the task pod to run as `privileged`. This can open yourself up to a variety of security concerns, so you should be aware (and verify that you have the privileges) to do this if necessary. In order to toggle this feature, you can add the following to your custom resource:
|
||||
|
||||
Reference in New Issue
Block a user