apm-server: Run as non-root user
See original GitHub issueDescribe the feature: I want to run apm-server as a non-root user, same as described here: https://github.com/helm/charts/pull/18366
Currently, if I set podSecurityContext
, the Pod fails with the error:
Exiting: error loading config file: open apm-server.yml: permission denied
Issue Analytics
- State:
- Created 3 years ago
- Comments:8 (7 by maintainers)
Top Results From Across the Web
Run apm-server Docker image with non-root user · Issue #4466
In short, I want to run apm-server in a Docker container with non-root user. However, because the binary is owned by root and...
Read more >APM Server and systemd | APM User Guide [master] - Elastic
We recommend that the apm-server process is run as a non-root user. Therefore, that is the default setup for APM Server's DEB package...
Read more >Need to have APM OS agent run as a different user - IBM
To run the APM Linux agent as a non-root user. They are using the Red Hat wrapper around the APM start and stop...
Read more >Running TIM with non-root user
TIM can't run with non-root user. TIM need root rights to capture backend, it collects data raw from the network subsystem, and for...
Read more >Root and non root installations for Linux agent
During a server reboot, manual login is required. *Note: We make use of the docker UNIX socket file to collect metrics. If the...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@jmlrt : I think I can. Give a one week, I will try to find a time when I can do it.
@jmlrt : I created an issue in https://github.com/elastic/apm-server and discussed with ppl there. It seems that this is not a bug/issue there but a security limitation. Thus, the apm-server pod must run with
runAsGroup: 0
. Should we fix it in the Helm chart or let users do it freely (like currently https://github.com/elastic/helm-charts/blob/master/apm-server/values.yaml#L78)