openstack/openstack-helm-infra
Code Issues Proposed changes

Merge "Limit Ceph OSD Container Security Contexts"

Browse Source
This commit is contained in:
Zuul 2021-07-30 22:44:18 +00:00 committed by Gerrit Code Review
commit de4d8a02b0
3 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ceph-osd/Chart.yaml
View File

@ -15,6 +15,6 @@ apiVersion: v1
appVersion: v1.0.0 appVersion: v1.0.0
description: OpenStack-Helm Ceph OSD description: OpenStack-Helm Ceph OSD
name: ceph-osd name: ceph-osd
version: 0.1.26 version: 0.1.27
home: https://github.com/ceph/ceph home: https://github.com/ceph/ceph
... ...

5
ceph-osd/values.yaml
View File

@ -56,9 +56,11 @@ pod:
container: container:
ceph_init_dirs: ceph_init_dirs:
runAsUser: 0 runAsUser: 0
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
ceph_log_ownership: ceph_log_ownership:
runAsUser: 0 runAsUser: 0
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
osd_init: osd_init:
runAsUser: 0 runAsUser: 0
@ -69,7 +71,8 @@ pod:
privileged: true privileged: true
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
log_runner: log_runner:
runAsUser: 0 runAsUser: 65534
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
bootstrap: bootstrap:
pod: pod:

1
releasenotes/notes/ceph-osd.yaml
View File

@ -27,4 +27,5 @@ ceph-osd:
- 0.1.24 Ceph OSD Init Improvements - 0.1.24 Ceph OSD Init Improvements
- 0.1.25 Export crash dumps when Ceph daemons crash - 0.1.25 Export crash dumps when Ceph daemons crash
- 0.1.26 Mount /var/crash inside ceph-osd pods - 0.1.26 Mount /var/crash inside ceph-osd pods
- 0.1.27 Limit Ceph OSD Container Security Contexts
... ...