Allow configuring UID GID etc in Kubernetes #4324
Comments
reckart
added a commit
that referenced
this issue
Nov 26, 2023
- Adjust launch script to not try to fix file ownership and drop privileges when container is already not running as root - Added additional VOLUME declarations in Dockerfile for tmp and log folders so the container can run with a read-only root filesystem (hopefully) - Added a very very very very basic documentation on how one might consider using Kubernetes
reckart
added a commit
that referenced
this issue
Nov 29, 2023
…nfiguring-UID-GID-etc-in-Kubernetes #4324 - Allow configuring UID GID etc in Kubernetes
reckart
added a commit
that referenced
this issue
Nov 29, 2023
* release/29.x: #4324 - Allow configuring UID GID etc in Kubernetes
reckart
added a commit
that referenced
this issue
Nov 29, 2023
* release/30.x: #4324 - Allow configuring UID GID etc in Kubernetes
reckart
added a commit
that referenced
this issue
Dec 5, 2023
* main: #4347 - CAS doctor fails to generate a proper report on projects not containing INITIAL_CASes #4349 - Project has date in the 70ies if no data is set in JSON #4344 - Allow format to inject default namespace if document does not specify one #4342 - Show document size in documents table #4342 - Show document size in documents table No issue: Optimize tracking be excluding elements that contain no text No issue: Avoid scrollbar appearing at wrong level #4340 - Allow pruning elements in XML policy #4338 - Spurious empty annotations in RecogitoJS editor #4324 - Allow configuring UID GID etc in Kubernetes #4335 - Promote UIMA JSON CAS 0.4.0 to non-experimental #4326 - Upgrade dependencies
reckart
added a commit
that referenced
this issue
Dec 5, 2023
* main: #4347 - CAS doctor fails to generate a proper report on projects not containing INITIAL_CASes #4349 - Project has date in the 70ies if no data is set in JSON #4344 - Allow format to inject default namespace if document does not specify one #4342 - Show document size in documents table #4342 - Show document size in documents table No issue: Optimize tracking be excluding elements that contain no text No issue: Avoid scrollbar appearing at wrong level #4340 - Allow pruning elements in XML policy #4338 - Spurious empty annotations in RecogitoJS editor #4324 - Allow configuring UID GID etc in Kubernetes #4335 - Promote UIMA JSON CAS 0.4.0 to non-experimental #4326 - Upgrade dependencies #4330 - Remove default memory limit for INCEpTION in Dockerfile #4229 - Better project template selection #4330 - Remove default memory limit for INCEpTION in Dockerfile #4229 - Better project template selection % Conflicts: % inception/inception-external-editor/src/main/java/de/tudarmstadt/ukp/inception/externaleditor/xhtml/XHtmlXmlDocumentViewControllerImpl.java
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Kubernetes has several functionalities including setting a UID / GID / FID, setting a read-only root file system, which are part of many best-practices guides. However, they currently conflict with the functionalities in the INCEpTION Docker image to proactively manage UID / GID / FID and dropping privileges when run without setting any of these parameters in Kubernetes.
Describe the solution you'd like
Optimally, a solution where the Kubernetes settings are respected and used and the pro-active management only kicks in when run in a default scenario (e.g.
docker run).Describe alternatives you've considered
Having multiple images for different deployment scenarios.
The text was updated successfully, but these errors were encountered: