Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2023-06-17 18:45:01 +0000

woof gravatar image

Yes, it is possible to run Nginx in a pod without gaining elevated privileges. This can be achieved by using Kubernetes Security Contexts to configure the user ID and group ID of the Nginx process running in the pod.

For example, you can define a SecurityContext for the Nginx container with a "runAsUser" and "runAsGroup" fields set to a non-root user and group, respectively. 

apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
spec:
  containers:
  - name: nginx
    image: nginx
    securityContext:
      runAsUser: 1001
      runAsGroup: 1001

This will start the Nginx process with UID and GID of 1001, which is a non-root user. This way, the Nginx process will not have elevated privileges and can run safely within the pod.


Copyright QStack.ai, 2010-2023. Content on this site is licensed under the Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service | contact